Cyber Risk Defense, Splunk Development Principal
About the role
Cyber Risk Defense, Splunk Development Principal at Kaiser Permanente seeks a highly skilled individual to facilitate department missions in the areas of data science and Python development with deep expertise in the Splunk Enterprise platform. The role focuses on supporting the mission of Cyber Security and involves developing advanced machine learning solutions to enhance cyber threat, privacy, and compliance across clinical systems.
Responsibilities
- Drives the execution of multiple work streams by identifying customer and operational needs; developing and updating new procedures and policies; gaining cross-functional support for objectives and priorities; translating business strategy into actionable business requirements; obtaining and distributing resources; setting standards and measuring progress; removing obstacles that impact performance; guiding performance and developing contingency plans accordingly; solving highly complex issues; and influencing the completion of project tasks by others.
- Promotes learning in others by soliciting and acting on performance feedback; building collaborative, cross-functional relationships; communicating information and providing advice to drive projects forward; adapting to competing demands and new responsibilities; providing feedback to others, including upward feedback to leadership; influencing, mentoring, and coaching team members; fostering open dialogue amongst team members; evaluating and responding to the strengths and weaknesses of self and unit members; and adapting to and learning from change, difficulties, and feedback.
- Leads team in the proactive monitoring and/or response to known or emerging threats against the KP network.
- Communicates investigative findings to non-technical audiences.
- Provides consultation in regular operations meetings with Cyber Risk Defense Center (CRDC) teams.
- Drives closed loop processes on security efforts by providing feedback to the TDA leads and/or leadership.
- Drives information fusion procedures across operations and engineering, including activities such as Use Case planning/development, Use Case quality assurance validation, and response procedure documentation.
- Serves as a liaison between stage teams and upper management by identifying issues, improvement areas, or security/architectural gaps and suggesting appropriate improvements.
- Develops the CRDC intellectual capital by leading process or procedure improvements, consulting on brown bag training sessions, and leading the development of new training documents.
- Builds partnerships with the CRDC Policy Engineers and Remediation teams to contain identified issues and determine the best approach for improving security posture.
- Facilitates follow-up remediation design and review efforts related to highly complex security events.
- Leads the investigation and triage of a wide variety of security events across cyber security domains.
- Supports the development and implementation of incident detection and/or handling processes which may include containment, protection, and remediation activities.
Requirements
- Minimum four (4) years in an informal leadership role working with project or technical teams.
- Bachelor's degree in Business Administration, Computer Science, Social Science, Mathematics, or related field and Minimum ten (10) years experience in IT or a related field, including Minimum four (4) years in information security or network engineering.
- Four (4) years experience in cyber security vulnerability, threat response, or investigation.
- Two (2) years of work experience in a role requiring interaction with executive leadership (e.g., Vice President level and above).
Qualifications
- Minimum four (4) years in an informal leadership role working with project or technical teams.
- Bachelor's degree in Business Administration, Computer Science, Social Science, Mathematics, or related field and Minimum ten (10) years experience in IT or a related field, including Minimum four (4) years in information security or network engineering.
- Four (4) years experience in cyber security vulnerability, threat response, or investigation.
- Two (2) years of work experience in a role requiring interaction with executive leadership (e.g., Vice President level and above).
Skills
- Machine Learning Frameworks/Algorithms: Random Forest, XGBoost.
- Unix Based Systems: Python Development.
- Experience with Splunk Enterprise Platform.
- Collaboration and Cross-functional Relationships.
- Effective Communication.
- Problem Solving and Decision Making.
- Project Management.
- Information Fusion Procedures.
- Security Incident Response.
- Threat Detection and Analysis.
Benefits
The compensation and benefits are designed to help you and your family stay healthy and thrive in and beyond work. Details are provided in the "Benefits" section.
Pay
Details regarding pay are provided in the "Pay" section.
Schedule
Details regarding schedule are provided in the "Schedule" section.
Location
- Pleasanton, CA
- Portland, OR
- Los Angeles, CA
- Honolulu, HI
- Atlanta, GA
- Hyattsville, MD
- Renton, WA
- Richmond, VA
Company
Empowering next-level security innovation. Enable extraordinary moments. Join us for the opportunity to define what cyber security looks like in digital health and make an impact along the way.
Company Culture
The Kaiser Permanente Cyber experience is people-centric. Our cyber team secures and defends a digital ecosystem that delivers care to more than 12 million members and their families. We keep our operations running while protecting the information of our members, care teams, brokers, and employees. Cyber team members are agile, have a sharp attention to detail, and apply creative, out-of-the-box thinking.
Company Values
- “Best Place to Work in IT” — 10 straight years
- Top 100 Military-Friendly Employer
- Top 50 Hall of Fame
- See how innovation drives total care
- Securing what's next for care
Company News
- We're here to support you!
- Navigating the Hiring Process
- Colorado Residents: In any materials you submit, you may redact or remove age-identifying information such as age, date of birth, or dates of school attendance or graduation. You will not be penalized for redacting or removing this information.