[Remote] Cyber Risk Defense Consultant V - Splunk & Cribl Engineer

Note: The job is a remote job and is open to candidates in USA. Kaiser Permanente is expanding its Cyber Risk Defense program and is looking for a skilled individual to support their Cyber Security mission as a Cyber Risk Defense Consultant V specializing in Splunk and Cribl engineering. The role involves managing an enterprise Splunk environment, overseeing security data integrity, and leading incident response and threat detection efforts.

Responsibilities

• Conducts or oversees business-specific projects by applying deep expertise in subject area; promoting adherence to all procedures and policies; developing work plans to meet business priorities and deadlines; determining and carrying out processes and methodologies; coordinating and delegating resources to accomplish organizational goals; partnering internally and externally to make effective business decisions; solving complex problems; escalating issues or risks, as appropriate; monitoring progress and results; recognizing and capitalizing on improvement opportunities; evaluating recommendations made; and influencing the completion of project tasks by others
• Practices self-leadership and promotes learning in others by building relationships with cross-functional stakeholders; communicating information and providing advice to drive projects forward; influencing team members within assigned unit; listening and responding to, seeking, and addressing performance feedback; adapting to competing demands and new responsibilities; providing feedback to others, including upward feedback to leadership and mentoring junior team members; creating and executing plans to capitalize on strengths and improve opportunity areas; and adapting to and learning from change, difficulties, and feedback
• Leads team in the proactive monitoring and/or response to known or emerging threats against the KP network
• Effectively communicates investigative findings to non-technical audiences
• Plans and facilitates regular operations meeting with Cyber Risk Defense Center (CRDC) teams
• Supports closed loop processes on security efforts by providing feedback to the TDA leads and/or leadership
• Participates in information fusion procedures across operations and engineering, including activities such as Use Case planning/development, Use Case quality assurance validation, and response procedure documentation
• Serves as a liaison between stage teams and upper management by identifying issues, improvement areas, or security/architectural gaps and suggesting appropriate improvements
• Drives the development of the CRDC intellectual capital by leading process or procedure improvements, consulting on brown bag training sessions, and leading the development of new training documents
• Partners with the CRDC Policy Engineers and Remediation teams to contain identified issues and determine the best approach for improving security posture
• Facilitates follow-up remediation design and review efforts
• Leads the investigation and triage of security events across multiple domains
• Leads complex data analyses in support of security event management processes, including root cause analysis
• Coordinates the response and resolution of high impact or critical cyber security incidents
• Leads the deployment of threat detection capabilities and/or incident response plans which may include after-hours support and coordination among responsible teams
• Drives the execution of incident detection and/or handling processes which may include containment, protection, and remediation activities

Skills

• Minimum two (2) years in an informal leadership role working with project or technical teams
• Bachelors degree in Business Administration, Computer Science, Social Science, Mathematics, or related field and Minimum eight (8) years experience in IT or a related field, including Minimum two (2) years in information security or network engineering. Additional equivalent work experience may be substituted for the degree requirement
• One (1) year supervisory experience
• Two (2) years of work experience in a role requiring interaction with senior leadership (e.g., Director level and above)
• Knowledge and professional enterprise experience supporting Splunk Enterprise and Splunk Cloud environments
• Possess Splunk Architect and/or Splunk Administration Certification(s)
• Possess software development skills creating AI and ML models and detections
• Professional experience and administration of large-scale Linux/Unix deployments

Company Overview

Company H1B Sponsorship