Cyber Defense Principal
Navigating the Hiring Process
We're here to support you!
Having trouble with your account or have questions on the hiring process?
Please visit the FAQ page on our website for assistance.
Need help with your computer and browser settings?
Do you need a reasonable accommodation due to a disability?
A reasonable accommodation is any modification or adjustment that enables you to fully participate in completing the following:
- Online Submissions
- Pre-Hire Assessments
- Interview Process
Please submit your accommodation request and an HR Representative will contact you.
As a Cyber Defense Principal for the Technology Risk Office you will participate in development of the network security strategy for Kaiser Permanente which includes researching newly evolving security technologies, leading proof of concept projects, followed by developing the architecture of new solutions, along with planning and implementation these new solutions. As a member of the Cyber Security team you will take direction from the Chief Information Security Officer and other Technology Risk Office executives. You will work inside a team of strong technical skills including all aspects of foundational security technologies. You will be leading a matrixed team of program managers, project managers, and technical subject matter experts from strategy development to execution of the strategy.
This senior level employee is primarily responsible for managing and directing the maintenance and protection of integrity and reliability of the security of data, systems and networks.
- Drives the execution of multiple work streams by identifying customer and operational needs; developing and updating new procedures and policies; gaining cross-functional support for objectives and priorities; translating business strategy into actionable business requirements; obtaining and distributing resources; setting standards and measuring progress; removing obstacles that impact performance; guiding performance and developing contingency plans accordingly; solving highly complex issues; and influencing the completion of project tasks by others.
- Practices self-leadership and promotes learning in others by soliciting and acting on performance feedback; building collaborative, cross-functional relationships; communicating information and providing advice to drive projects forward; adapting to competing demands and new responsibilities; providing feedback to others, including upward feedback to leadership; influencing, mentoring, and coaching team members; fostering open dialogue amongst team members; evaluating and responding to the strengths and weaknesses of self and unit members; and adapting to and learning from change, difficulties, and feedback.
- Leads team in the proactive monitoring and/or response to known or emerging threats against the KP network.
- Effectively communicates investigative findings to non-technical audiences.
- Provides consultation in regular operations meeting with TDA, TRI, and/or TAG teams.
- Drives closed loop processes on security efforts by providing feedback to the TDA leads and/or leadership.
- Demonstrates a consulting value by recommending adjustments to the collection strategy for deltas in scope, size, or emerging security threats.3-3
- Drives information fusion procedures across operations and engineering, including activities such as Use Case planning/development, Use Case quality assurance validation, and response procedure documentation.
- Serves as a liaison between stage teams and upper management by identifying issues, improvement areas, or security/architectural gaps and suggesting appropriate improvements.
- Drives the development of the CDC intellectual capital by leading process or procedure improvements, consulting on 'brown bag' training sessions, and leading the development of new training documents.
- Builds partnerships with the CDC Policy Engineers and Remediation teams to contain identified issues and determine the best approach for improving security posture.
- Facilitates follow-up remediation design and review efforts related to highly complex security events.
- Leads the investigation and triage of a wide variety of security events across cyber security domains.
- Serves as a subject matter expert in performing complex data analyses to support security event management processes, including root cause analysis.
- Coordinates the response and resolution of high impact or critical cyber security incidents.
- Provides insight and influence in determining the strategic direction for the development and deployment of threat detection capabilities and/or incident response plans.
- Drives the development and implementation of incident detection and/or handling processes which may include containment, protection, and remediation activities.
External hires must pass a background check/drug screen. Qualified applicants with arrest and/or conviction records will be considered for employment in a manner consistent with federal and state laws, as well as applicable local ordinances, including but not limited to the San Francisco and Los Angeles Fair Chance Ordinances.