In order to protect Kaiser Permanente (KP) from misconduct by internal and external entities, the Cyber-Threat Response Service Department is establishing a Data Loss Prevention Team (DLPT). The team will pro-actively search for, identify, assess, and lead the mitigation of systemic vulnerability and threats across the Kaiser Information Infrastructure. The purpose of these initiatives is to identify misconduct involving KP electronic assets, and to report confirmed misconduct to the appropriate Compliance, Human Resources, and/or Legal entities for policy violation and mitigation action. The team will be part of the Threat Intelligence & Investigations team which currently includes the Cyber Forensic Investigation Team (CFI), the Threat Intelligence/Cyber Emergency Response Team and the Electronic Discovery Team. Members will be Subject Matter Experts (SME) across numerous skill sets including computer forensics, incident response, communications, auditing, and compliance.
KP data loss prevention investigators use a range of network-enabled investigative tools to investigate defined policy violations and defend a network that spans from Hawaii to Maryland. KP data loss prevention investigators enjoy competitive salaries, excellent benefits, and a positive work environment that provides good opportunities for learning and professional development. KP has a very large enterprise and deploys new technologies on a regular basis, so there's always something new to learn.
• Combine background and experience to immediately begin investigating defined and discovered policy violations on the KP enterprise network
• Effectively communicate investigative findings to non-technical audiences
• Bachelor's degree in a related field and/or a minimum of 4 years of equivalent work experience.
• A minimum of 5 years of relevant Information Technology (IT) experience.
• Experience with state of the art Data Loss Prevention Tools
• Experience conducting forensic analysis of Windows computers
• Experience conducting forensic analysis of mobile devices (e.g., BlackBerries, iPhones) and removable media
• Experience identifying, collecting, and analyzing evidence from Windows networks
• Experience using EnCase Enterprise
• Experience writing investigative reports
• Excellent written and verbal communication skills
• Experience using remote forensic technologies such as EnCase Enterprise or FTK Enterprise.
• Experience conducting forensic analysis of computers running non-Windows operating systems (Macintosh, Unix, Linux, Sun).
• Possession of one of the following certifications: EnCE, CFCE, GCFA, CCE, DFCP, SCERS, ACE, EnCEP.
• Ability to develop new tools and procedures.
• 100+ hours of formal classroom training in digital forensics and investigations.
• Experience using RSA's Data Loss Prevention tool, EnCase eDiscovery Suite/EnCase Command Center.
• Training and experience conducting incident response investigations, including analysis of packet captures, network logs, physical memory, and/or malware functionality
• Experience with electronic discovery collections and processing.
• Training and experience conducting investigations in a corporate or law enforcement setting.
• Experience developing proactive methods for the detection of computer crime and policy violations.
• Proven ability to successfully collaborate in order to lower organizational risk.
At Kaiser Permanente, all of us, from accounting, sales and IT, to our care delivery teams on the front lines, stand for Total Health....