Skip to main content

Cyber Risk Defense Principal - Cyber Threat Intelligence

Primary Location Pleasanton, California Worker Location Remote Job Number 1304614 Date posted 11/05/2024
Submit Interest

Navigating the Hiring Process

We're here to support you!

Having trouble with your account or have questions on the hiring process?

Please visit the FAQ page on our website for assistance.

Need help with your computer and browser settings?

Please visit the Technical Information page for assistance or reach out to the web manager at kp-hires@kp.org.

Do you need a reasonable accommodation due to a disability?

A reasonable accommodation is any modification or adjustment that enables you to fully participate in completing the following:

  • Online Submissions
  • Pre-Hire Assessments
  • Interview Process

Please submit your accommodation request and an HR Representative will contact you.

Description:

Remote from any KP authorized state to include CA, OR, WA, CO, GA, VA, HI, MD & D.C.


**Please Note: Salary ranges are geographically based, and the posted range reflects the Northern CA region. Lower salary ranges will apply for other labor markets outside of NCAL.**


Do you enjoy information security research and threat intelligence? Are you a highly motivated, experienced Cyber Threat Intelligence (CTI) Analyst with a passion for cybersecurity and a desire to work with a dynamic team?  Do you have experience in strategic, operational, and tactical threat intelligence?


This is a Principal Cyber Threat Intelligence role on our Threat Intelligence and Detection Engineering (TIDE) team.  The successful candidate will handle analyzing complex cyber threats, developing intelligence-based strategies to mitigate these threats, and communicating these strategies to key stakeholders. As a senior member of our cybersecurity team, the principal will work closely with other analysts, engineers, and security teams to ensure the protection of our company's critical information.




Job Summary:

This senior level employee is primarily responsible for managing and directing the maintenance and protection of integrity and reliability of the security of data, systems and networks.



Essential Responsibilities:


  • Drives the execution of multiple work streams by identifying customer and operational needs; developing and updating new procedures and policies; gaining cross-functional support for objectives and priorities; translating business strategy into actionable business requirements; obtaining and distributing resources; setting standards and measuring progress; removing obstacles that impact performance; guiding performance and developing contingency plans accordingly; solving highly complex issues; and influencing the completion of project tasks by others.

  • Practices self-leadership and promotes learning in others by soliciting and acting on performance feedback; building collaborative, cross-functional relationships; communicating information and providing advice to drive projects forward; adapting to competing demands and new responsibilities; providing feedback to others, including upward feedback to leadership; influencing, mentoring, and coaching team members; fostering open dialogue amongst team members; evaluating and responding to the strengths and weaknesses of self and unit members; and adapting to and learning from change, difficulties, and feedback.

  • Leads team in the proactive monitoring and/or response to known or emerging threats against the KP network.

  • Effectively communicates investigative findings to non-technical audiences.

  • Provides consultation in regular operations meeting with Cyber Risk Defense Center (CRDC) teams.

  • Drives closed loop processes on security efforts by providing feedback to the TDA leads and/or leadership.

  • Demonstrates a consulting value by recommending adjustments to the collection strategy for deltas in scope, size, or emerging security threats. 3-3

  • Drives information fusion procedures across operations and engineering, including activities such as Use Case planning/development, Use Case quality assurance validation, and response procedure documentation.

  • Serves as a liaison between stage teams and upper management by identifying issues, improvement areas, or security/architectural gaps and suggesting appropriate improvements.

  • Drives the development of the CRDC intellectual capital by leading process or procedure improvements, consulting on brown bag training sessions, and leading the development of new training documents.

  • Builds partnerships with the CRDC Policy Engineers and Remediation teams to contain identified issues and determine the best approach for improving security posture.

  • Facilitates follow-up remediation design and review efforts related to highly complex security events.

  • Leads the investigation and triage of a wide variety of security events across cyber security domains.

  • Serves as a subject matter expert in performing complex data analyses to support security event management processes, including root cause analysis.

  • Coordinates the response and resolution of high impact or critical cyber security incidents.

  • Provides insight and influence in determining the strategic direction for the development and deployment of threat detection capabilities and/or incident response plans.

  • Drives the development and implementation of incident detection and/or handling processes which may include containment, protection, and remediation activities.

Minimum Qualifications:


  • Minimum four (4) years in an informal leadership role working with project or technical teams.

  • Bachelors degree in Business Administration, Computer Science, Social Science, Mathematics, or related field and Minimum ten (10) years experience in IT or a related field, including Minimum four (4) years in information security or network engineering. Additional equivalent work experience may be substituted for the degree requirement.


Additional Requirements:


#LI-DB1
Preferred Qualifications:
  • Two (2) years of work experience in a role requiring interaction with executive leadership (e.g., Vice President level and above)
  • Four (4) years experience in cyber security vulnerability, threat response, or investigation.
  • Four (4) years work experience requiring the development of technical documents or presentations.
  • Five (5) years experience in cyber security threat research or large scale data analytics.
  • Global Information Assurance certification(s).
  • Understanding of common network, endpoint, email, data protection security solutions and their applicability towards prevention and detection of threat actor TTP's.
  • Three (3) years experience in Strategic, Operational, and Tactical threat intelligence
  • Experience with threat intelligence platforms, open-source intelligence (OSINT) gathering, and the analysis of threat actors' tactics, techniques, and procedures (TTPs).
Primary Location: California,Pleasanton,Pleasanton Tech Cntr Building A Scheduled Weekly Hours: 40 Shift: Day Workdays: Mon, Tue, Wed, Thu, Fri Working Hours Start: 08:00 AM Working Hours End: 05:00 PM Job Schedule: Full-time Job Type: Standard Worker Location: Remote Employee Status: Regular Employee Group/Union Affiliation: NUE-IT-01|NUE|Non Union Employee Job Level: Individual Contributor Specialty: IS Cyber Risk Defense Department: KPIT ADMIN - CYBER THREAT - 9601 Pay Range: $176900 - $228910 / year The ranges posted above reflect the location in the job posting. The salary range may vary if you reside in a different location or state than the location posted. Travel: No Remote: Work location is the remote workplace (from home) within KP authorized states. Worker location must align with Kaiser Permanente's Authorized States policy. At Kaiser Permanente, equity, inclusion and diversity are inextricably linked to our mission, and we aim to make it a part of everything we do. We know that having a diverse and inclusive workforce makes Kaiser Permanente a better place to receive health care, a more supportive partner in our communities we serve, and a more fulfilling place to work. Working at Kaiser Permanente means that you agree to and abide by our commitment to equity and our expectation that we all work together to create an inclusive work environment focused on a sense of belonging and wellbeing.

Kaiser Permanente is an equal opportunity employer committed to a diverse and inclusive workforce. Applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy), age, sexual orientation, national origin, marital status, parental status, ancestry, disability, gender identity, veteran status, genetic information, other distinguishing characteristics of diversity and inclusion, or any other protected status. Submit Interest