Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Jobs InfoSec Jobs

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Cyber Risk Defense Principal - Security Analytics
Company Kaiser Permanente
Location US/Colorado
Preferred GIAC Certifications GCIH, GSEC, GMON, GCDA
Travel 5%
Salary $141,000 - $213,00
Contact Name Matt Parks
Contact Email matthew.parks/at/
Expires 2021-11-24

Job Description


Senior level employee primarily responsible for implementing and overseeing content development for threat detection, response, analysis, and investigations. You help ensure confidentiality, integrity and availability of Kaiser Permanente data, systems and networks.

You have at least four(4) years in an informal leadership role working with technical teams as a lead, supervisor, or technical manager; and have a bachelor’s degree and/or ten(10) years’ experience in IT, including minimum four (4) years in information security.

Superb opportunity to lead a team in proactive monitoring and response to known or emerging threats against Kaiser Permanente. You're a subject matter expert in threat analysis, data analytics and data visualization for security monitoring and response. You're a self-starter on a team with diverse backgrounds; working for an employer committed to providing Equal Opportunity.


· Programming Experience (Python, Java, C++, Perl, HTML, CSS, other)
· Information Security Analysis and Threat Intelligence
· Information Security / Cyber Threat Use Case Content Development and data visualization
· Cloud technologies, Azure, AWS, etc.
· Information Security / Cyber Threat Incident Response
· Experience with adversary emulation to test and validate detective controls, and influence protective controls
· Experience in large scale cyber security data analytics, including the identification of data-driven threat collection opportunities.
· Experience with common enterprise IT tools and logs (Active Directory, email, firewall, endpoint detection and response, etc.)
· Experience with Windows and Linux tools
· Implementation, Operation and/or Management of SIEM solutions
· Experience in cyber security threat and/or vulnerability research
· Security certifications (GIAC/SANS, ISC(2), EC-Council, etc.)
· Experience with automating common repeatable tasks using a variety of tools and methods

Soft skills

· Ability to work with others collaboratively, leveraging multiple project management approaches (Agile/Scrum, Waterfall, Gantt Charts, etc.)
· Comfortable working remotely with team members around the country
· Supervisory and Leadership skills, ability to influence without authority
· Ability to think strategically and implement/lead a function
· Needs to have a constant drive and thirst for learning, with proven ability to teach others
· A self-starter with intellectual curiosity
· Development of technical documents
· Presentation to all levels of an organization; and at industry events
· Proven ability to train more junior team members