Special Selection Applicants: Apply by 09/17/2020. Eligible Special Selection clients should contact their Disability Counselor for assistance.
Applies advanced IT security concepts to meet campus, medical center, Health Science units or Office of the President objectives to resolve broad and/or highly complex issues where analysis of situations or data requires an in-depth evaluation of variable factors. Selects methods, techniques and evaluation criteria to obtain results and meet regulatory requirements. Identify, detect and respond to threats and malicious activities that pose a risk to data, systems and electronic infrastructures.
Primary responsibilities include being the subject matter expert for Splunk, and other log collection tools used to monitor and detect malicious activities on order to protect and maintain the security of data, systems and networks. Log analysis tools need to collect and process logs from IT systems, network infrastructure, security tools and applications. Responsibilities also includes incident response, processing network firewall change requests and other tasks assigned to the operations team.
Implements highly complex and broad-scale security controls to prevent unauthorized access or changes to campus, medical center or Office of the President information, hardware, software and network infrastructure. Responsible for providing research, analysis and solutions to address attempted efforts to compromise security protocols. Proactively addresses the negative impact on the campus, medical center or Office of the President and the Internet community caused by theft, destruction, alteration or denial of access of information. Advises IT staff on security prevention, best practices and secure software.
Designs and maintains highly complex security systems. Responsible for administering highly complex security policies and configurations to control access to hardware, software and networks. Applies and recommends highly advanced encryption methods.
Directs forensic activity and produces reports in response to highly complex or broad-scale security incidents in accordance with campus, medical center or Office of the President policy. May lead a team of IT security professionals. Applies advanced IT security concepts, governmental regulations, departmental and campus, medical center or Office of the President policies and procedures to provide input to, define or revise incident response processes.
Bachelor's Degree in health care information technology, computer science, or related area; and/or equivalent combination of experience/training.
Five (5+) or more years of relevant experience as a senior cyber/information security analyst with responsibilities of configuring and using security, system and network logs to detect anomalies requiring additional investigation, respond and investigate cybersecurity events, managing security control solutions, and processing change requests.
Thorough understanding of the risk assessment requirements and demonstrated skills to conduct, analyze and document risk assessments at the enterprise level as defined in HIPAA and HITECH.
Advanced knowledge of IT security. Broad knowledge of other areas of IT. Knowledge of networking technology. Extensive expertise in security policy creation and compliance monitoring, auditing methodology, and conducting technology risk assessments.
Advanced experience with web application and network/endpoint vulnerability scanning and remediation, pen testing, sensitive data discovery and data loss prevention systems.
Demonstrated skill at administering complex security controls and configurations to computer hardware, software and networks.
Understanding of network/host firewalls, application gateways/proxies, anti-malware, patch management, disk encryption, centralized configuration, log management, system hardening practices, etc.
Proven skills applying security controls to computer software and hardware. Solid understanding of information security policies, standards, industry best practices, and frameworks. (ISO 27K, NIST 800-115, PCI DSS, HIPAA, FERPA, etc.).
Advanced experience in incident response and digital forensics including reporting. Expert knowledge of forensic processes, standards and tools.
Advanced knowledge of data encryption technologies and experience selecting and applying appropriate data encryption technologies.
Expert understanding of cryptography and strengths/weaknesses of various encryption ciphers and hash functions.
Demonstrated skill at analyzing and preventing security incidents of high complexity.
UC San Diego is an academic powerhouse and economic engine, recognized as one of the top 8 public universities by U.S. News and World Report. Innovation is central to who we are and what we do. Here, students learn that knowledge isn't just acquired in the classroom - life is their laboratory. UC San Diego's rich academic portfolio includes six undergraduate colleges, five academic divisions and five graduate and professional schools. The university's award-winning scholars are experts at the forefront of their fields with an impressive track record for achieving scientific, medical and technological breakthroughs.