Security Analyst - San Francisco, United States - University of California
Description
Security AnalystPPH-Domestic-Core-IZ
Full Time
77068BR
Job Summary
This position supports the California Immunization System and involves work implementing and maintaining measures to safeguard the system from unauthorized access, data breaches, and cyber threats.
This includes tasks like setting up firewalls, intrusion detection systems, and encryption protocols, regularly updating software for security patches, conducting vulnerability assessments and penetration testing, monitoring network traffic for suspicious activity, educating users about security best practices, and responding to security incidents promptly and effectively.
Application security testing and training (Ad-hoc)
Provide interactive application security testing of California Department of Public Health (CDPH) applications as requested
Perform re-tests, as necessary, to validate any remediation of findings by CDPH
Provide overview/training to CDPH Security Operations Center (SOC) staff via screen sharing during interactive application security testing
Provide overview/training on other CDPH testing tools used during engagement, e.g. SQLMap, Postman
Reporting
Provide output from Burp Suite applications testing and manual penetration testing in the form of actionable reports delivered to SOC staff within the mutually agreed to timeframe established prior to testing
Provide remediation steps/recommendations for all vulnerabilities found
Provide guidance to SOC staff on producing similar reports
The final salary and offer components are subject to additional approvals based on UC policy.
To see the salary range for this position (we recommend that you make a note of the job code and use that to look up): TCS Non-Academic Titles Search
Please note:
An offer will take into consideration the experience of the final candidate AND the current salary level of individuals working at UCSF in a similar role.
For roles covered by a bargaining unit agreement, there will be specific rules about where a new hire would be placed on the range.
To learn more about the benefits of working at UCSF, including total compensation, please visit:Department Description
UCSF Institute for Global Health Sciences (IGHS) is dedicated to improving health and reducing the burden of disease in the world's most vulnerable populations.
It integrates UCSF expertise in all of the health, social, and biological sciences, and focuses that expertise on pressing issues in global health.
IGHS works with partners in countries throughout the world to achieve these aims. IGHS seeks to improve health worldwide, especially in developing countries, through research that informs policy.IGHS is committed to ensuring a diverse, equitable and inclusive work environment as we work towards becoming an anti-racist organization.
We strongly encourage applicants from diverse backgrounds.Please see our statement on anti-racism here:
.
The California Department of Public Health is dedicated to optimizing the health and well-being of the people in California. Immunizations are one of public health's greatest achievements. Vaccines help prevent diseases and help keep Californians of all ages healthy.
The Immunization program provides leadership and support to public and private sector efforts to protect the population against vaccine-preventable diseases.
Required QualificationsBachelor's degree in related area and / or equivalent experience / training
3+ years directly related experience
Experience using IT security systems and tools. Knowledge of data encryption techniques. Experience analyzing logs for security breaches
Experience in incident response and digital forensics including data collection, examination and analysis
Basic skill at reading and interpreting security logs
Ability to follow department processes and procedures
Interpersonal skills sufficient to work effectively with both technical and non-technical personnel at various levels in the organization
Knowledge of other areas of IT, department processes and procedures
Demonstrated skills applying security controls to computer software and hardware
Demonstrated skill at administering complex security controls and configurations to computer hardware, software and networks
Knowledge of computer hardware, software and network security issues and approaches
Demonstrated experience selecting and applying appropriate data encryption technologies
Preferred Qualifications
Certified Ethical Hacker (CEH)
GIAC Certified Penetration Tester (GPEN)
PenTest+
EC-Council Certified SOC Analyst (ECSA)
Certified Expert Penetration Tester (CEPT)
About UCSF
The University of California, San Francisco (UCSF) is a leading university dedicated to promoting health worldwide through advanced biomedical research, graduate-level education in the life sciences and health professions, and excellence in patient care.
We are home to five Nobel laureates who have advanced the understanding of cancer, neurodegenerative diseases, aging and stem cells.
Pride ValuesUCSF is a diverse community made of people with many skills and talents.
We seek candidates whose work experience or community service has prepared them to contribute to our commitment to professionalism, respect, integrity, diversity and excellence - also known as our PRIDE values.
In addition to our PRIDE values, UCSF is committed to equity - both in how we deliver care as well as our workforce.
We are committed to building a broadly diverse community, nurturing a culture that is welcoming and supportive, and engaging diverse ideas for the provision of culturally competent education, discovery, and patient care.
Join us to find a rewarding career contributing to improving healthcare worldwide.
Equal Employment Opportunity
The University of California San Francisco is an Equal Opportunity/Affirmative Action Employer.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran or disabled status, or genetic information.
OrganizationCampus
Job Code and Payroll Title
007338 IT SCRTY ANL 3
Job Category
Clinical Systems / IT Professionals, Professional (Non-Clinical), Technical & Technologist
Bargaining Unit
9- Policy-Covered (No Bargaining Unit)
Employee Class
Career
Percentage
100%
Location
Remote / Telecommute, Richmond, CA
Shift
Days
Shift Length
8 Hours
Additional Shift Details
Remote - if return to office, Richmond CDPH to be home location
#J-18808-Ljbffr