Cyber Risk Defense Principal - Cyber Threat Intelligence
Posted 2025-08-15
Remote, USA
Full Time
Immediate Start
About the position
The Principal Cyber Threat Intelligence role is a senior-level position within the Threat Intelligence and Detection Engineering (TIDE) team at Kaiser Permanente. This position is designed for individuals who are passionate about cybersecurity and have a strong background in cyber threat intelligence (CTI). The successful candidate will be responsible for analyzing complex cyber threats and developing intelligence-based strategies to mitigate these threats. This role requires effective communication of these strategies to key stakeholders, ensuring that the company's critical information is protected. As a senior member of the cybersecurity team, the principal will collaborate closely with other analysts, engineers, and security teams to maintain the integrity and reliability of the security of data, systems, and networks. In this role, the principal will drive the execution of multiple work streams by identifying customer and operational needs, developing and updating new procedures and policies, and gaining cross-functional support for objectives and priorities. They will translate business strategy into actionable business requirements, set standards, measure progress, and remove obstacles that impact performance. The principal will also lead the team in proactively monitoring and responding to known or emerging threats against the KP network, effectively communicating investigative findings to non-technical audiences, and providing consultation in regular operations meetings with Cyber Risk Defense Center (CRDC) teams. The principal will demonstrate consulting value by recommending adjustments to the collection strategy for emerging security threats and will drive information fusion procedures across operations and engineering. They will serve as a liaison between stage teams and upper management, identifying issues and suggesting improvements. Additionally, the principal will lead the investigation and triage of a wide variety of security events, coordinate the response to high-impact cybersecurity incidents, and provide insight into the strategic direction for threat detection capabilities and incident response plans.
Responsibilities
• Analyze complex cyber threats and develop intelligence-based strategies to mitigate these threats.
,
• Communicate strategies to key stakeholders to ensure the protection of critical information.
,
• Drive the execution of multiple work streams by identifying customer and operational needs.
,
• Develop and update new procedures and policies to support cybersecurity objectives.
,
• Gain cross-functional support for objectives and priorities and translate business strategy into actionable requirements.
,
• Set standards, measure progress, and remove obstacles impacting performance.
,
• Lead the team in proactive monitoring and response to known or emerging threats against the KP network.
,
• Effectively communicate investigative findings to non-technical audiences.
,
• Provide consultation in regular operations meetings with Cyber Risk Defense Center (CRDC) teams.
,
• Drive closed loop processes on security efforts by providing feedback to TDA leads and leadership.
,
• Recommend adjustments to the collection strategy for emerging security threats.
,
• Drive information fusion procedures across operations and engineering.
,
• Serve as a liaison between stage teams and upper management to identify issues and suggest improvements.
,
• Lead the investigation and triage of a wide variety of security events across cybersecurity domains.
,
• Coordinate the response and resolution of high-impact cybersecurity incidents.
,
• Provide insight into the strategic direction for threat detection capabilities and incident response plans.
Requirements
• Minimum four (4) years in an informal leadership role working with project or technical teams.
,
• Bachelor's degree in Business Administration, Computer Science, Social Science, Mathematics, or related field.
,
• Minimum ten (10) years experience in IT or a related field, including four (4) years in information security or network engineering.
,
• Additional equivalent work experience may be substituted for the degree requirement.
Nice-to-haves
• Two (2) years of work experience in a role requiring interaction with executive leadership (e.g., Vice President level and above).
,
• Four (4) years experience in cybersecurity vulnerability, threat response, or investigation.
,
• Four (4) years work experience requiring the development of technical documents or presentations.
,
• Five (5) years experience in cybersecurity threat research or large scale data analytics.
,
• Global Information Assurance certification(s).
Benefits Apply tot his job
The Principal Cyber Threat Intelligence role is a senior-level position within the Threat Intelligence and Detection Engineering (TIDE) team at Kaiser Permanente. This position is designed for individuals who are passionate about cybersecurity and have a strong background in cyber threat intelligence (CTI). The successful candidate will be responsible for analyzing complex cyber threats and developing intelligence-based strategies to mitigate these threats. This role requires effective communication of these strategies to key stakeholders, ensuring that the company's critical information is protected. As a senior member of the cybersecurity team, the principal will collaborate closely with other analysts, engineers, and security teams to maintain the integrity and reliability of the security of data, systems, and networks. In this role, the principal will drive the execution of multiple work streams by identifying customer and operational needs, developing and updating new procedures and policies, and gaining cross-functional support for objectives and priorities. They will translate business strategy into actionable business requirements, set standards, measure progress, and remove obstacles that impact performance. The principal will also lead the team in proactively monitoring and responding to known or emerging threats against the KP network, effectively communicating investigative findings to non-technical audiences, and providing consultation in regular operations meetings with Cyber Risk Defense Center (CRDC) teams. The principal will demonstrate consulting value by recommending adjustments to the collection strategy for emerging security threats and will drive information fusion procedures across operations and engineering. They will serve as a liaison between stage teams and upper management, identifying issues and suggesting improvements. Additionally, the principal will lead the investigation and triage of a wide variety of security events, coordinate the response to high-impact cybersecurity incidents, and provide insight into the strategic direction for threat detection capabilities and incident response plans.
Responsibilities
• Analyze complex cyber threats and develop intelligence-based strategies to mitigate these threats.
,
• Communicate strategies to key stakeholders to ensure the protection of critical information.
,
• Drive the execution of multiple work streams by identifying customer and operational needs.
,
• Develop and update new procedures and policies to support cybersecurity objectives.
,
• Gain cross-functional support for objectives and priorities and translate business strategy into actionable requirements.
,
• Set standards, measure progress, and remove obstacles impacting performance.
,
• Lead the team in proactive monitoring and response to known or emerging threats against the KP network.
,
• Effectively communicate investigative findings to non-technical audiences.
,
• Provide consultation in regular operations meetings with Cyber Risk Defense Center (CRDC) teams.
,
• Drive closed loop processes on security efforts by providing feedback to TDA leads and leadership.
,
• Recommend adjustments to the collection strategy for emerging security threats.
,
• Drive information fusion procedures across operations and engineering.
,
• Serve as a liaison between stage teams and upper management to identify issues and suggest improvements.
,
• Lead the investigation and triage of a wide variety of security events across cybersecurity domains.
,
• Coordinate the response and resolution of high-impact cybersecurity incidents.
,
• Provide insight into the strategic direction for threat detection capabilities and incident response plans.
Requirements
• Minimum four (4) years in an informal leadership role working with project or technical teams.
,
• Bachelor's degree in Business Administration, Computer Science, Social Science, Mathematics, or related field.
,
• Minimum ten (10) years experience in IT or a related field, including four (4) years in information security or network engineering.
,
• Additional equivalent work experience may be substituted for the degree requirement.
Nice-to-haves
• Two (2) years of work experience in a role requiring interaction with executive leadership (e.g., Vice President level and above).
,
• Four (4) years experience in cybersecurity vulnerability, threat response, or investigation.
,
• Four (4) years work experience requiring the development of technical documents or presentations.
,
• Five (5) years experience in cybersecurity threat research or large scale data analytics.
,
• Global Information Assurance certification(s).
Benefits Apply tot his job