This is a joint position between Information Technology Services (ITS) and Scripps Institution of Oceanography (SIO).
Reporting to the VC-CFO, Information Technology Services (ITS) delivers Enterprise information technology services to the University of California, San Diego (UCSD) under the leadership of the campus Chief Information Officer (CIO). Enterprise IT Security (a department within ITS) is responsible for the infrastructure, policies, standards and training necessary to ensure the achievement of the security and privacy goals of the University. Collaborating closely with various campus resources and partners, the department identifies, responds to and mitigates information security/privacy risks, threats and vulnerabilities.
Scripps Information Technology is responsible for the administrative, instructional, and research computational infrastructure at Scripps Institution of Oceanography, Vice Chancellor of Marine Sciences, in support of Scripps’ mission to “seek, teach, and communicate scientific understanding of the oceans, atmosphere, Earth, and other planets for the benefit of society and the environment.” Scripps IT manages helpdesk services, web and application development, core business data systems, campus network infrastructure, and the SIO server hosting and colocation facility, for the entire Scripps community, including the Birch Aquarium and the Nimitz Marine Facility in Point Loma.
The Information Systems Security Officer (ISSO) is responsible for designing, deploying and managing data and systems security solutions for Scripps Institution of Oceanography (SIO) utilizing various network, endpoint and cloud technologies. The environment offers exposure to a wide variety of security threats and challenges along with the most cutting-edge security technologies and market-leading security products. The position monitors and responds to security events in the administrative and academic infrastructure at SIO, and drives deployment and integration of security services across the organization. The ISSO also monitors and reports on the compliance of the technology infrastructure at SIO with various security frameworks.
• Applies and administers security services provided by the campus-wide security office within the embedded organization (SIO), such as: implementing segmentation using firewall technologies, managing the security of a directory services and group policy environment, and managing endpoint security systems such as anti-virus, vulnerability scanning, patch management and full disk encryption.
• Acts as a security consultant, advocating for improved security posture, and providing security expertise to the organization's users, including academics, staff and students. Advises customers on security prevention, best practices, secure software standards, and platform security (Windows, Mac, and Linux).
• Directs forensic activity, utilizing SIEM and threat detection technologies to monitor, detect and respond to malicious activities. Participates on CIRT teams to respond to local security incidents, perform analysis, forensics and remediation activities on compromised systems within the organization.
• Assesses, analyzes, and consults on the security of assets, sensitive or regulated information and associated systems. Ensures and reports on compliance with relevant policies/regulation such as ITAR, NIST 800-171 and FERPA.
• Manages miscellaneous security technologies including but not limited to sensitive data scanning, PKI certificates, password management systems and cloud security on platforms such as AWS, Google G Suite, and Microsoft Office 365.
UC San Diego is a higher education environment offering stability and excellent benefits including a defined benefit retirement plan, as well as access to a world-renown health care system. We are a fast-paced environment, but also believe in maintaining a healthy work-life balance and are committed to employee growth and well-being. Our international reputation for excellence is due in large part to the innovative and entrepreneurial nature of the UC San Diego community. UC San Diego faculty, staff, and students are encouraged to be creative and are rewarded for individual as well as collaborative achievements.
Our employees enjoy competitive compensation packages and educational opportunities in a diverse, stimulating workforce. This position is eligible for full: 1) Health/Dental/Vision Insurance 2) Vacation/Holidays (15 vacation days and 13 paid holidays a year) 3) Life Insurance 4) UC Retirement Plan.
• Employee must be available to work evenings, weekends, and holidays.
• Employee must be available to travel as required.
• Must be willing and able to work on a rotating on-call basis.
For more information about UCSD Benefits visit - http://blink.ucsd.edu/HR/benefits/index.html and UCSD Work/Life visit https://blink.ucsd.edu/HR/benefits/work-life/index.html
To calculate an approximate value of the UC Total Compensation package, please click here: http://ucnet.universityofcalifornia.edu/compensation-and-benefits/total-compensation-calculator.php
San Diego is ranked #22 in US News best places to live and is renowned for its sunny/temperate climate, proximity to the ocean, mountains, deserts and year-round outdoor activities.
The University of California is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, age, protected veteran status, gender identity or sexual orientation. For the complete University of California nondiscrimination and affirmative action policy see: http://www-hr.ucsd.edu/saa/nondiscr.html
• Advanced experience with network/host firewall, VPN, SIEM, vulnerability scanning, anti-virus, endpoint patching, disk encryption, centralized configuration, log management, system hardening practices, sensitive data discovery, database security, file encryption, certificate and password management systems.
• Expert endpoint and server systems management knowledge of various platforms (Windows, Linux, Mac, Android, iOS, etc.), securing Microsoft technologies (AD, Group Policy, Windows, SQL, and IIS), Apple technologies (MacOS, iOS, and Munki), and Linux technologies (RHEL, Apache, MySQL, Ansible).
• Advanced experience using IT security systems/ tools (nmap, Wireshark, tcpdump, sysinternals, Qualys/Nessus, grep, awk, sed, regex and Splunk) and scripting (Perl, Python, or BASH).
• Advanced experience in incident response and digital forensics including reporting. Knowledge of forensic processes, standards and tools for network forensics and system image collection and analysis.
• Bachelor's degree in Computer Science, Information Security or a closely-related field AND four (4) years of related experience in information security in an enterprise or academic environment OR eight (8) years of relevant experience.
• Professional security certifications such as GIAC, CEH, CISSP are preferred.
• Familiarity with official standards for handling and protecting sensitive federal data such as NIST 800-53/171, ITAR and FIPS 200.
• Experience with cloud security concepts, security capabilities and security automation on platforms such as Google G Suite, Microsoft Office 365 and AWS.
• Familiarity with the diverse IT requirements of a large academic research organization.
• Job offer is contingent upon satisfactory clearance based on Background Check results.
• U.S. person status is required for this position in order to comply with the Arms Export Control and Export Administration Act. U.S. persons are U.S. citizens, legal permanent residents as defined by 8 U.S.C. 1101(a)(20) or protected individuals as defined by 8 U.S.C. 1324b(a)(3). Must have, or be able to obtain and maintain, appropriate DOD security clearance.