Organizational Area: Information Technology Services - Systems Development
Location: Oakland, CA
Posting Salary: salary to commensurate with experience
Position Summary: University of California, Office of the President (UCOP) is the systemwide headquarters for the University of California, managing operations and supporting the academic and research missions across its campuses.
The Information Technology Services group is seeking a dynamic Technical Lead, Information Security Operations to join our growing team.
As a leader within Information Security Operations, you will focus on designing, optimizing, and collaboratively implementing comprehensive security requirements across UCOP. This role has split responsibility, with the expectation that approx. 70% of your time will be spent on hands-on engineering work, and approx. 30% of your time will be spent guiding the team, scoping, work, and leading security initiatives.
You will be responsible for implementing and maintain security controls and processes that safeguard and protect UC System wide applications both on-premise and in the cloud (AWS/Azure). You will work closely with development and services teams to secure various platforms and the development pipeline, leveraging and utilizing AWS's security controls to meet regulatory and compliance standards.
The Technical Lead, Information Security Operations will serve as a security expert in security technology domains and implementation mechanisms, helping UCOP's project teams comply with our security policies and conform to industry best practices.
Special Conditions of Employment: Overtime
Other Special Conditions of Employment: There is a possibility of working remote for this position if not within reasonable commuting distance.
Successful completion of a background check is required for this critical position.
Must be able to provide 24x7 on call support as assigned.
Job Close Date:
Duty 1: Work closely with product and platform teams to engineer security controls based upon UCOP's information security policies, standards and control frameworks as they apply to services hosted in the cloud (AWS/Azure) and on-premise. Assess and understand UCOP's current cloud security posture and design/develop future architecture, providing recommendations for vulnerability remediation and risk reduction. Evaluate security technologies for UCOP environments in order to implement controls in the most streamlined and integrated manner. Function:Infrastructure Analysis, Planning and Documentation Percent: 15
Duty 2: Design and deploy automated security solutions for cloud and on-premise infrastructure and applications. Design and develop security solutions based upon approved security architectures and enable integration with UCOP's security operations team for risk management and response. Function:Systems Development and Implementation Percent: 30
Duty 3: Must be very proactive in understanding and staying up-to-date on the current projects in progress, projects in pipeline and operational issues. Similarly, must stay up-to-date with industry technology trends in security and cloud services solutions and disseminate this knowledge to other team members Function:Project Management Percent: 15
Duty 4: Mentor and manage junior personnel within the team and ensure group work is completed in a timely manner, as well as on budget. Outside the direct team, build and maintain relationships with other UCOP IT and non-IT groups. Function:Leadership Percent: 30
Duty 5: Provide 24x7 on call support and off-hour maintenance work as required. Function:Maintenance and Disaster Recovery Percent: 10
Job Requirements Bachelor's degree in computer science, information management or a related field, or an equivalent combination of education.
Minimum 8 years of IT experience with 3 years of security and design experience preferred focusing on cross-platform infrastructure technologies, services and product implementations.
Demonstrated experience designing and deploying mission critical applications and services leveraging AWS security architecture to maintain compliance and regulatory controls around sensitive data.
Minimum of 3 years of experience in Information Security roles with increasing responsibilities.
Well versed and knowledgeable of security incident response methodologies and technologies.
Demonstrated experience implementing security controls in an enterprise IT environment, spanning technology (SIEM, Scanning, EDR, DLP, etc.) and process (Baselines, Patterns, reporting, response).
Well-rounded background in network, host, database, and application security.
Excellent oral and written communication skills. This includes the ability to explain solution concepts and technologies to business leaders, as well as business concepts to technologists, and the ability to sell ideas and processes internally at all levels.
Experience designing and implementing encryption solutions such as PKI and encryption at rest technologies.
Working experience of continuous integration practices & tools Required
Clear understanding of the role security plays in PaaS and Continuous Delivery.
Experience in migrating enterprise companies from traditional data center infrastructure, application and data designs to hybrid or fully-cloud enabled practices. Preferred
AWS Certified Solutions Architect
Provide 24x7 on call support and off-hour maintenance work as required.
About us The University of California, one of the largest and most acclaimed institutions of higher learning in the world, is dedicated to excellence in teaching, research and public service. The University of California Office of the President is the corporate headquarters to the ten campuses, five medical centers and three Department of Energy National Labs and enrolls premier students from California, the nation and the world.
The University of California is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, age or protected veteran status.