Senior Director Cyber Risk Defense
Kaiser Permanente
Description: Job Summary:
This managing level position ensures cyber security team(s) proactively monitor and/or respond to known or emerging threats against the KP network and is accountable for the incident handling process. This role is responsible for the proper deployment of incident response plans which may include after-hours support and coordination among responsible team and manages teams in the investigation and triage of security events across cyber security domains. In addition, the role manages the development of the CRDC intellectual capital by overseeing process or procedure improvements, consulting training sessions, and ensuring the development of new training documents.Essential Responsibilities:
Directs the operations of multiple units and departments by identifying customer and operational needs; analyzing resources, costs, and forecasts and incorporating them into business plans; engaging strategic, cross-functional business units to champion and drive support for business plans and priorities; translating business strategy into actionable business requirements; obtaining and distributing resources; setting standards and measuring progress; anticipating and removing obstacles that impact performance; addressing performance gaps and implementing contingency plans accordingly; ensuring products and/or services meet customer requirements and expectations while aligning with organizational strategies; serving as a subject-matter expert and trusted source to executive leadership; and providing influence and consultation in the development of the larger organizational or business strategy.Models and drives continuous learning and maintains a highly skilled and engaged workforce by aligning cross-functional resource plans with business objectives; overseeing the recruitment, selection, and development of talent; motivating and empowering teams; building organizational capacity and developing high potential employees for growth opportunities and advancement; staying current with industry trends, benchmarks, and best practices; providing guidance and leadership when difficult decisions need to be made; and ensuring performance management guidelines and expectations align with and drive business objectives and results.Takes accountability for the proactive monitoring and/or response to known or emerging threats against the KP network.Effectively communicates investigative findings to non-technical audiences.Ensures closed loop processes on security efforts by providing feedback to the Cyber Risk Defense Center (CRDC) leads and/or leadership.Directs information fusion procedures across operations and engineering, including activities such as Use Case planning/development, Use Case quality assurance validation, and response procedure documentation.Overseeing and ensuring partnerships between stage teams and upper management to drive the identification and resolution of issues, improvement areas, or security/architectural gaps.Establishes a network of partnerships with the CRDC Policy Engineers and Remediation teams to ensure identified issues are contained and to set the direction for improving security posture.Oversees follow-up remediation design and review efforts.Ensures security events across cyber security domains are investigated and triaged as appropriate.Directs the response and resolution of high impact or critical cyber security incidents.Sets the strategic direction for the development and deployment of incident response plans.Provides overall direction for incident handling processes, including containment, protection, and remediation activities. Minimum Qualifications:
Minimum six (6) years supervisory experience.Minimum five (5) years managing operating budgets and/or project financials.Bachelors degree in Business Administration, Computer Science, Social Science, Mathematics, or related field and Minimum twelve (12) years experience in IT or a related field, including Minimum four (4) years in information security or network engineering. Additional equivalent work experience may be substituted for the degree requirement.
Additional Requirements:
Preferred Qualifications:Six (6) years of work experience in a role requiring interaction with executive leadership (e.g., Vice President level and above)Four (4) years experience overseeing projects or programs requiring the integration of cross-functional technology and/or business solutions.Five (5) years experience in cyber security vulnerability, threat response, or investigation.Four (4) years experience overseeing the development and management of vendor relationships.Four (4) years experience in IT incident management, including the development and/or deployment of remediation plans.Four (4) years in the operation of SIEM solutions.Security certification (Security+, CISSP, CISA).
This managing level position ensures cyber security team(s) proactively monitor and/or respond to known or emerging threats against the KP network and is accountable for the incident handling process. This role is responsible for the proper deployment of incident response plans which may include after-hours support and coordination among responsible team and manages teams in the investigation and triage of security events across cyber security domains. In addition, the role manages the development of the CRDC intellectual capital by overseeing process or procedure improvements, consulting training sessions, and ensuring the development of new training documents.Essential Responsibilities:
Directs the operations of multiple units and departments by identifying customer and operational needs; analyzing resources, costs, and forecasts and incorporating them into business plans; engaging strategic, cross-functional business units to champion and drive support for business plans and priorities; translating business strategy into actionable business requirements; obtaining and distributing resources; setting standards and measuring progress; anticipating and removing obstacles that impact performance; addressing performance gaps and implementing contingency plans accordingly; ensuring products and/or services meet customer requirements and expectations while aligning with organizational strategies; serving as a subject-matter expert and trusted source to executive leadership; and providing influence and consultation in the development of the larger organizational or business strategy.Models and drives continuous learning and maintains a highly skilled and engaged workforce by aligning cross-functional resource plans with business objectives; overseeing the recruitment, selection, and development of talent; motivating and empowering teams; building organizational capacity and developing high potential employees for growth opportunities and advancement; staying current with industry trends, benchmarks, and best practices; providing guidance and leadership when difficult decisions need to be made; and ensuring performance management guidelines and expectations align with and drive business objectives and results.Takes accountability for the proactive monitoring and/or response to known or emerging threats against the KP network.Effectively communicates investigative findings to non-technical audiences.Ensures closed loop processes on security efforts by providing feedback to the Cyber Risk Defense Center (CRDC) leads and/or leadership.Directs information fusion procedures across operations and engineering, including activities such as Use Case planning/development, Use Case quality assurance validation, and response procedure documentation.Overseeing and ensuring partnerships between stage teams and upper management to drive the identification and resolution of issues, improvement areas, or security/architectural gaps.Establishes a network of partnerships with the CRDC Policy Engineers and Remediation teams to ensure identified issues are contained and to set the direction for improving security posture.Oversees follow-up remediation design and review efforts.Ensures security events across cyber security domains are investigated and triaged as appropriate.Directs the response and resolution of high impact or critical cyber security incidents.Sets the strategic direction for the development and deployment of incident response plans.Provides overall direction for incident handling processes, including containment, protection, and remediation activities. Minimum Qualifications:
Minimum six (6) years supervisory experience.Minimum five (5) years managing operating budgets and/or project financials.Bachelors degree in Business Administration, Computer Science, Social Science, Mathematics, or related field and Minimum twelve (12) years experience in IT or a related field, including Minimum four (4) years in information security or network engineering. Additional equivalent work experience may be substituted for the degree requirement.
Additional Requirements:
Preferred Qualifications:Six (6) years of work experience in a role requiring interaction with executive leadership (e.g., Vice President level and above)Four (4) years experience overseeing projects or programs requiring the integration of cross-functional technology and/or business solutions.Five (5) years experience in cyber security vulnerability, threat response, or investigation.Four (4) years experience overseeing the development and management of vendor relationships.Four (4) years experience in IT incident management, including the development and/or deployment of remediation plans.Four (4) years in the operation of SIEM solutions.Security certification (Security+, CISSP, CISA).
Confirm your E-mail: Send Email
All Jobs from Kaiser Permanente