Kaiser Permanente · 3 weeks ago
Cybersecurity Incident Response & Forensics Principal
Denver, CO
Full-time
Hybrid
Lead/Staff
10+ years expKaiser Permanente is a healthcare organization that is seeking a Cybersecurity Incident Response & Forensics Principal. This senior-level role is responsible for managing and directing the maintenance and protection of the integrity and reliability of the security of data, systems, and networks, while utilizing incident response and forensic skills to address security breaches.
Health CareHospitalMental HealthNon ProfitPersonal Health
Responsibilities
Drives the execution of multiple work streams by identifying customer and operational needs; developing and updating new procedures and policies; gaining cross-functional support for objectives and priorities; translating business strategy into actionable business requirements; obtaining and distributing resources; setting standards and measuring progress; removing obstacles that impact performance; guiding performance and developing contingency plans accordingly; solving highly complex issues; and influencing the completion of project tasks by others
Practices self-leadership and promotes learning in others by soliciting and acting on performance feedback; building collaborative, cross-functional relationships; communicating information and providing advice to drive projects forward; adapting to competing demands and new responsibilities; providing feedback to others, including upward feedback to leadership; influencing, mentoring, and coaching team members; fostering open dialogue amongst team members; evaluating and responding to the strengths and weaknesses of self and unit members; and adapting to and learning from change, difficulties, and feedback
Leads team in the proactive monitoring and/or response to known or emerging threats against the KP network
Effectively communicates investigative findings to non-technical audiences
Provides consultation in regular operations meeting with Cyber Risk Defense Center (CRDC) teams
Drives closed loop processes on security efforts by providing feedback to the TDA leads and/or leadership
Demonstrates a consulting value by recommending adjustments to the collection strategy for deltas in scope, size, or emerging security threats
Drives information fusion procedures across operations and engineering, including activities such as Use Case planning/development, Use Case quality assurance validation, and response procedure documentation
Serves as a liaison between stage teams and upper management by identifying issues, improvement areas, or security/architectural gaps and suggesting appropriate improvements
Drives the development of the CRDC intellectual capital by leading process or procedure improvements, consulting on brown bag training sessions, and leading the development of new training documents
Builds partnerships with the CRDC Policy Engineers and Remediation teams to contain identified issues and determine the best approach for improving security posture
Facilitates follow-up remediation design and review efforts related to highly complex security events
Leads the investigation and triage of a wide variety of security events across cyber security domains
Serves as a subject matter expert in performing complex data analyses to support security event management processes, including root cause analysis
Coordinates the response and resolution of high impact or critical cyber security incidents
Provides insight and influence in determining the strategic direction for the development and deployment of threat detection capabilities and/or incident response plans
Drives the development and implementation of incident detection and/or handling processes which may include containment, protection, and remediation activities
Qualification
Required
Minimum four (4) years in an informal leadership role working with project or technical teams
Bachelors degree in Business Administration, Computer Science, Social Science, Mathematics, or related field and Minimum ten (10) years experience in IT or a related field, including Minimum four (4) years in information security or network engineering. Additional equivalent work experience may be substituted for the degree requirement
Preferred
Four (4) years experience in cyber security vulnerability, threat response, or investigation
Two (2) years of work experience in a role requiring interaction with executive leadership (e.g., Vice President level and above)
Three (3) years experience working on cross-functional project teams
Four (4) years work experience requiring the development of technical documents or presentations
Four (4) years experience working on projects or programs requiring the integration of cross-functional technology and/or business solutions
Five (5) years experience in large scale cyber security data analytics, including the identification of data-driven threat collection opportunities
Five (5) years experience researching, developing, and implementing data-driven threat detection capabilities
Master's degree in Business Administration, Computer Science, Social Science, Mathematics, or related field
Company
Kaiser Permanente
Kaiser Permanente is a health organization that offers disease prevention, mental healthcare, and chronic disease management services.
10001+ employees
H1B Sponsorship
Kaiser Permanente has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (3)
2024 (1)
Funding
Current Stage
Late StageTotal Funding
$7.48M2018-07-17Grant· $0.08M
2014-08-05Grant· $7.4M
Leadership Team
Gregory Adams
Chair and Chief Executive Officer
James L. Robinson III
Senior Vice President/Area Manager
Recent News
Crunchbase News
2026-01-06
bloomberglaw.com
2025-12-24
Company data provided by crunchbase