Cyber Security Incident Handler

Full Time
Greenwood Village, CO
Areas of Interest: Incident Response, Investigation
report a problem

Health is our business. And our mission.
We believe in our power to make a difference. 
We’re looking for big ideas—ideas that can embrace multiple petabytes of vital information. That’s how much data we manage and store at Kaiser Permanente. We’re home to some other big ideas, like creating KP HealthConnect®, the nation’s largest electronic medical record system, using social media and text messaging to help members engage in their own care, and developing predictive modeling tools that anticipate health issues before they’re an issue.  
This individual contributor is primarily responsible for monitoring, detecting, protecting and ensuring the maintenance, integrity and reliability of security data, systems and networks.
Essential Responsibilities:
  • Completes work assignments and supports business-specific projects by applying expertise in subject area; supporting the development of work plans to meet business priorities and deadlines; ensuring team follows all procedures and policies; coordinating and assigning resources to accomplish priorities and deadlines; collaborating cross-functionally to make effective business decisions; solving complex problems; escalating high priority issues or risks, as appropriate; and recognizing and capitalizing on improvement opportunities.
  • Practices self-development and promotes learning in others by proactively providing information, resources, advice, and expertise with coworkers and customers; building relationships with cross-functional stakeholders; influencing others through technical explanations and examples; adapting to competing demands and new responsibilities; listening and responding to, seeking, and addressing performance feedback; providing feedback to others and managers; creating and executing plans to capitalize on strengths and develop weaknesses; supporting team collaboration; and adapting to and learning from change, difficulties, and feedback.
  • Provides proactive monitoring and/or response to known or emerging threats against the KP network.
  • Effectively communicates investigative findings to non-technical audiences.
  • Participates in regular operations meeting with TDA, TRI, and/or TAG teams.
  • Supports information fusion procedures across operations and engineering, including activities such as Use Case planning/development, Use Case quality assurance validation, and response procedure documentation.
  • Identifies and capitalizes on opportunities for cyber security improvements across one or more cyber defense domain(s).
  • Contributes to the CDC intellectual capital by making process or procedure improvements, conducting 'brown bag' training sessions, and creating new training documents.
  • Collaborates with the CDC Policy Engineers and Remediation teams to contain identified issues and determine the best approach for improving security posture.
  • Provides insight and subject matter expertise in follow-up remediation design and review.
  • Conducts investigation and triage of security events within assigned domain.
  • Performs complex data analysis in support of security event management processes, including root cause analysis.
  • Activates appropriate threat detection capabilities and/or incident response plans which may include after-hours support and coordination among responsible teams.
  • Executes incident detection and/or handling processes which may include containment, protection, and remediation activities.
Minimum Qualifications:
  • Bachelor's degree in Business Administration, Computer Science, Social Science, Mathematics, or related field and Minimum six (6) years experience in IT or a related field, including Minimum two (2) years in information security or network engineering. Additional equivalent work experience may be substituted for the degree requirement.

Preferred Qualifications:
  • One (1) year of work experience in a role requiring interaction with senior leadership (e.g., Director level and above)
  • Three (3) years experience working on project or technical teams.
  • Two (2) years work experience requiring the development of technical documents or presentations.
  • Two (2) years experience in IT incident management, including the development and/or deployment of remediation plans.
  • Two (2) years experience in large scale cyber security data analytics, including the identification of data-driven threat collection opportunities.
  • Two (2) years experience researching, developing, and implementing data-driven threat detection capabilities.
  • Two (2) years experience in cyber security threat research or large scale data analytics.
  • Two (2) years experience in cyber security data analytics.
  • Two (2) years in the operation of data protection and/or DLP solutions.
  • Two (2) years in the operation of SIEM solutions.
  • Two (2) years experience in cyber security threat and/or vulnerability research.
  • Two (2) years experience in cyber security vulnerability or threat investigation.
  • Security certification (Security+, CISSP, CISA).
  • Global Information Assurance certification(s).


Primary Location: Colorado-Greenwood Village-Greenwood Plaza IT 6560 Greenwood Plaza Blvd.   Scheduled Hours (1-40): 40 Shift: Day Working Days: Mon- Fri Working Hours Start: 8:00 AM Working Hours End: 5:00 PM 

Schedule: Full-time 
Job Type: Standard 
Employee Status: Regular Employee Group (Union Affiliation): Salaried, Non-Union, Exempt 
Job Level: Individual Contributor 
Job: IS Cyber Risk Defense Public Department Name: Technology Risk Office 
Travel: Yes, 5 % of the Time Job Eligible for Benefits: Yes  

External hires must pass a background check/drug screen. Qualified applicants with arrest and/or conviction records will be considered for employment in a manner consistent with Federal, state and local laws, including but not limited to the San Francisco Fair Chance Ordinance. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, protected veteran, or disability status.

Share this job:

Kaiser Permanente

Kaiser Permanente is committed to helping shape the future of health care. We are recognized as one of America's leading health care providers and not-for-profit health plans.

Founded in 1945, our mission is to provide high-quality, affordable health care services and to improve the health of our members and the communities we serve. We serve 10.6 million members in eight states and the District of Columbia. Care for members and patients is focused on their total health and guided by their personal physicians, specialists and team of caregivers. Our expert and caring medical teams are empowered and supported by industry-leading technology advances and tools for health promotion, disease prevention, state-of-the art care delivery and world-class chronic disease management.

Kaiser Permanente is dedicated to care innovations, clinical research, health education and the support of community health.
Visit Kaiser Permanente's Social Media pages:
Company Industry: Hospital & Health Care
Company Type: Non Profit
Company Size: 10,001+