SOC Information Protection Specialist ( Job Number: 172528 )
Kaiser Permanente - Greenwood Village, CO

This job posting is no longer available on Kaiser Permanente. Find similar jobs: Soc Information Protection Specialist jobs - Kaiser Permanente jobs

Job Summary: Information Protection: includes the development, implementation, communication, monitoring and maintenance of information security policies and procedures which promote a secure and uninterrupted operation of all data processing systems. Essential Functions: Monitors elevated level alerts, events and incidents identified through security event management tool and responds to escalated activities, participates in the design and implementation of department workflow Participate in the development and definition of the SOC tool roadmap. Define and leverage standard supporting and advanced tools to perform initial triage of incidents identified through security event management tool. Participates in design and lead implementation of incident collaboration workflow. Lead collaboration with ARS personnel during triage of incidents Participates in design and leads implementation of remedy workflow. Open, track, and close Remedy trouble tickets resulting from triage and investigation Participates in design and lead implementation of workflow for SOC communications. Place outgoing phone calls and email and act according to security incident management procedures and processes Assists in development of metrics and resolution of daily reports Assists with leading of the design, development, and improvement of process/procedure manuals and documentation On-call responsibilities with respect to security incident management support Participates in definition of workflow for identification of false positives from true intrusion attempts Actively investigates the latest in security vulnerabilities, advisories, incidents, and penetration techniques and notifies clients when appropriate Reviews periodic vulnerability scan results Participates in the development of and performs tasks as identified in a daily task list. Participates in development of metrics and reports to identify and communicate department/service risks and issues to various stakeholders (Business and IT) Expert experience with investigation solutions use and operation Expert knowledge of typical attack vectors and information systems penetration techniques Assists in the development of future goals and objectives for the department and services Plans, facilitates and attends regular meetings regarding the department Resolves department issues that may require resolution coordination across multiple stakeholders Oversees the execution of the department incident response plan Supports the department is aligned with the business strategy Able to create and automate advanced reports and visualizations of security attacks on an ad-hoc basis using defined tools Possess an Information Security Mindset Provide thought leadership in the design and development of innovative new solutions and internal procedures to help improve and grow the SOC function Defines process for and leads small and large or moderately complex investigations or multiple investigations of smaller complexity Lead and Implement design technologies and services for department. Total managed Department budget may be up to $20M Department Complexity can be multiple services and up to 200 correlated threat vectors May lead department team of remote, national, regional and external resources Assists with the development of the department plan Designs and leads the work of the department teams Designs department processes for balancing schedule, scope and budget within the department and assists with re-negotiation with BMO as needed Accurately reports time Assists with engaging business partners in preparation of department/project financial materials for presentation to funding governance groups at specified service transition points Assists with the development of the department quality assurance plan Assists with the determination of department resource requirements and assists with the procurement of resources Assists with the assignment of work, setting priorities, providing guidance in the completion of tasks and review of department deliverables Leads the development of communications with enterprise-wide projects to plan and manage project/department interdependencies Assists in the development of department issue escalation and the resolution process Assists in the development for department protocols for applying the risk management process Plays a key role in negotiation of vendor contracts with IT Procurement Leads all phases of project delivery life cycle and consults for other projects and departments Designs and implements process to ensure department alignment with business strategy and architecture May lead a department of 6-28 staff Effectively lead cross-functional team members Responsible for the coaching, mentoring and support of the SOC Team Members Leads a combined investigation team of up to 100 resources Assists with sustaining strong ongoing relationships with client middle and senior management Leads Development and administration of schedules and performance requirements Qualifications Basic Qualifications: Bachelor's degree in a related field and/or 4 years of equivalent work experience A minimum of 10 years experience in Information Technology (IT) including development, implementation, communication, monitoring and maintenance of information security policies and procedures. Intermediate SME with firewalls, intrusion detection systems Intermediate SME with network/systems management and helpdesk software, specifically Remedy ARS/Helpdesk Intermediate SME understanding of routers, switches, and networking technology Intermediate SME with systems administration in both UNIX and Windows platforms Familiarity with ITIL incident and problem management Knowledge of security regulations in compliance legislation and other directives - PCI, Sarbanes Oxley and HIPAA Intermediate SME of Cisco PIX, Cisco IDS/Netranger, McAfee EPO, and Cisco ACS Knowledge of vulnerability management technologies i.e. Foundstone, Qualys Intermediate knowledge of programming or scripting languages such as C, Java, Perl Intermediate SME with basic networking and security tools i.e. ping, traceroute, nmap Demonstrated capability of significantly complex decision-making Experience in a fast paced, high expectations, Network or Security Operation, Response, or Investigations environment Demonstrated work on significant and unique issues where analysis of situations or data requires an evaluation of intangibles Demonstrated use of skills to contribute to the development of company objectives and principles and to achieve goals in creative and effective ways Broad expertise or unique information security and threat mitigation skills Having broad expertise or unique information security and threat knowledge, uses skills to development threat protection priorities which meet company objectives and principles as well as achieve goals in creative and effective ways Leverages experience and knowledge by acting as mentor on relevant training or by providing in department learning to team members Requires full knowledge of own area of functional responsibility and working knowledge of SIEM functions Demonstrates advanced understanding and knowledge of Information Security protections methods and incident management Strong ability to work in a highly-matrixed environment Demonstrated ability to analyze and interpret quantitative and qualitative data Ability to determine key issues and develop appropriate action plans Demonstrated effective leadership skills Excellent verbal and written communication skills Technical (IT) background Strong ability to lead with influence Strong strategic/critical thinking skills within a information security environment Advanced experience in malicious threat analysis and pen testing Strong security threat analysis experience Healthcare experience Preferred Qualifications Master's degree in Information Security Extensive experience in vulnerability analysis, software reverse engineering, exploit development, penetration testing Current or previous U.S. Security Clearance Strong information technology experience 5 years experience in information security threat mitigation CISSP or relevant GIAC certification Healthcare industry knowledge Experience in conducting Security and Risk Assessments
About this company
2,282 reviews
OVERVIEW America’s leading not-for-profit health plan, Kaiser Permanente serves more than 9 million people from 37 hospitals and 611...