Sr. Analyst Cyber Risk Defense Countermeasures Job Listing at Kaiser Permanente in Greenwood Village, CO (Job ID 3297679-2024-04-03)

Description

Salary Range: $62.07/hour - $72.98/hour

Technical Summary

Do you enjoy information security research and providing solutions to better protect networks from cyber threat adversaries? Do you have experience developing protective and detective controls? Would you like the opportunity to research the latest threats and techniques used by attackers?

This position is on our Threat Intelligence and Detection Engineering (TIDE) Countermeasures team and we are looking for a cyber security professional with experience and education in tactical cyber-attack evaluation, exploit testing and analysis, and seeing countermeasures implemented to better defend against an evolving threat landscape.

The individual is driven and passionate about following new developments in the threat landscape.

This individual contributor is primarily responsible for monitoring, detecting, protecting and ensuring the maintenance, integrity and reliability of security data, systems and networks.

• Completes work assignments and supports business-specific projects by applying expertise in subject area; supporting the development of work plans to meet business priorities and deadlines; ensuring team follows all procedures and policies; coordinating and assigning resources to accomplish priorities and deadlines; collaborating cross-functionally to make effective business decisions; solving complex problems; escalating high priority issues or risks, as appropriate; and recognizing and capitalizing on improvement opportunities.


• Practices self-development and promotes learning in others by proactively providing information, resources, advice, and expertise with coworkers and customers; building relationships with cross-functional stakeholders; influencing others through technical explanations and examples; adapting to competing demands and new responsibilities; listening and responding to, seeking, and addressing performance feedback; providing feedback to others and managers; creating and executing plans to capitalize on strengths and develop weaknesses; supporting team collaboration; and adapting to and learning from change, difficulties, and feedback.


• Provides proactive monitoring and/or response to known or emerging threats against the KP network.


• Effectively communicates investigative findings to non-technical audiences.


• Participates in regular operations meeting with TDA, TRI, and/or TAG teams.


• Supports information fusion procedures across operations and engineering, including activities such as Use Case planning/development, Use Case quality assurance validation, and response procedure documentation.


• Identifies and capitalizes on opportunities for cyber security improvements across one or more cyber defense domain(s).


• Contributes to the CDC intellectual capital by making process or procedure improvements, conducting brown bag training sessions, and creating new training documents.


• Collaborates with the CDC Policy Engineers and Remediation teams to contain identified issues and determine the best approach for improving security posture.


• Provides insight and subject matter expertise in follow-up remediation design and review.


• Conducts investigation and triage of security events within assigned domain.


• Performs complex data analysis in support of security event management processes, including root cause analysis.


• Activates appropriate threat detection capabilities and/or incident response plans which may include after-hours support and coordination among responsible teams.


• Executes incident detection and/or handling processes which may include containment, protection, and remediation activities.

• Bachelors degree in Business Administration, Computer Science, Social Science, Mathematics, or related field and Minimum six (6) years experience in IT or a related field, including Minimum two (2) years in information security or network engineering. Additional equivalent work experience may be substituted for the degree requirement.

• N/A