UC Health Security Analyst

For UCOP internal applicants, please login to the internal candidate gateway at: Jobs at UCOP

UC OFFICE OF THE PRESIDENT

At the University of California (UC), your contributions make a difference. A world leader producing Nobel and Pulitzer Prize recipients with over 150 years of groundbreaking research transforming the world. Choose a career where you can leverage your knowledge, skills and aspirations to inspire and support some of the greatest minds in the world, and those who will follow in their footsteps. Working at the University of California is being part of a unique institution, and a vibrant and diverse community. At the University of California, Office of the President, we propel our mission through impactful work locally, in government centers and systemwide. We are passionate people, serving the greater good.

The University of California, one of the largest and most acclaimed institutions of higher learning in the world, is dedicated to excellence in teaching, research and public service. The University of California Office of the President is the headquarters to the 10 campuses, six academic medical centers and three national laboratories and enrolls premier students from California, the nation and the world. Learn more about the UC Office of the President

Department Overview
The UC Chief Information Security Office supports systemwide locations to address timely and pervasive issues such as identity theft, supplier security, cyber metrics, advisory services, data security breaches, data leakage, cyber security, and system outages across organizations of various sizes and industries, with the goal of enabling ongoing, secure, and reliable operations across the enterprise. We maintain an innovative, inclusive, and supportive work environment.

Position Summary
The UC Health Security Analyst role is a strategic role critical to the delivery of secure, quality technical solutions for the UC Health Data Warehouse (UCHDW) and the UC Health enterprise. This position is expected to support cyber security operations including defending against security incidents, analyzing security events/alerts, communication, and incident response. Strong experience with information security principles, cloud security, scripting, networking principles, and incident response is required.

Key Responsibilities

50% Support network monitoring, endpoint, and cloud security systems, correlating activity to detect anomalous behavior and unauthorized use. Triages alerts, supports incident response (including containment, mitigation, forensics, and technical guidance), and participates in root-cause analysis. Review cloud-centric detection to detect threats related to cloud environments and services used by the organization. Respond to and supports security incident response.

25% Assist cross-functional teams and internal customers to troubleshoot, diagnose, solve, and provide root cause analysis for all systems, infrastructure, and services related to the UC Health enterprise environment. Work with threat intelligence and/or threat-hunting teams. Support audit, risk assessment, and penetration testing activities. As the security liaison for the UC Health division, oversees and executes information security responsibilities defined in policies and standards. Responsibilities include but are not limited to: Monitoring security email lists, responding to security announcements, and reporting on status of security requests; reviewing and updating risk assessments and risk treatment plans; maintaining and updating inventory of institutional information, IT assets, and vendor supported services; reviewing access rights; and managing the implementation of security controls.

10% Produce technical documents as needed including policy and procedures. Supports the creation of business continuity/disaster recovery plans, including conducting disaster recovery tests, publishing test results, and making changes necessary to address deficiencies. Compile and analyzes security data for management reporting and cyber metrics. Provide timely and relevant updates to appropriate stakeholders and decision makers.

15% Serving as a subject matter expert to assist with, or lead, various security initiatives, procurement related activities, and projects in support of the UC Health enterprise. Collaborate with the UC Health division to maintain and improve existing security capabilities and develop and implement new security technologies. Additionally, this role will be the Unit Information Security Liaison providing dedicated support to the UC Health division, performing risk assessments and general information security functions, as well as being the primary information security contact for the division.

Experience
Required Qualifications

• Min 8 years of relevant work experience that is inclusive of at least 5 years as a technical analyst in Information Security, and at least 2 years of practical advisory expertise.

Skills and Abilities
Required Qualifications

• Expert technical understanding of a broad range of cyber security concepts and countermeasures including endpoint security, perimeter security, virtual networks, VPNs, cloud encryption, account management, application security, cryptography, and network security.
• Comprehensive knowledge of supplier contract review processes related to information security.
• Strong experience with AWS cloud computing and native cloud security tools,
• Strong understanding of Cloud Access Security Brokers (CASB), Cloud Workload Protection Platform (CWPP), Cloud Security Posture Management (CSPM), and cloud web application firewalls.
• Proven ability to develop reports for varying levels of leadership.
• Strong knowledge of cloud management platforms.
• Strong knowledge of identity access management and supporting security technologies (role-based access control, MFA, Management Groups, Policy, Okta) and applicable working knowledge of cloud security frameworks, standards, and best practices.
• Demonstrated business acumen and problem solving.
• Experience with cloud deployment, technical and security architecture, database architecture, virtualization, technical solution architecture, Amazon AWS, and systems infrastructure.
• Broad knowledge of information technology security functional areas and as it relates to student data; health information; and management of IT resources and applications.
• Demonstrated understanding of privacy and security regulations and best practices, including federal and state laws, policies and standards, as well as extensive knowledge about a wide range of privacy / security regulations relevant to higher education and / or medical center and patient information.
• Demonstrated communication skills with project teams, stakeholders, and external contacts including both technical and non-technical audiences.
• Demonstrated interpersonal skills in order to work with both technical and non-technical personnel at various levels in organization.
• Strong ability to influence, gain consensus and buy-in from various stakeholders across UC.
• Ability to rapidly acquire new knowledge and skills; strong analytical ability and data-driven mindset.
• Strong problem-solving and troubleshooting skills.
• Broad knowledge of technical concepts and principles of data communications, computer hardware, products, software, and services.
• Demonstrated oral and written communication skills, including the ability to effectively present technical topics to large groups with potentially varied levels of technical sophistication.

Education
Required Qualifications

• Bachelor's degree in related area and / or equivalent experience.

Licenses and Certifications
Preferred Qualifications

• CISSP, CISM, GIAC series

Travel Requirements
5% Travel to UC locations, industry conferences and training.

Job Title
IT Security Analyst 4

Job Code
000661

Salary Grade
Grade 25

Payscale:
$155,000 - $178,000

Full Salary Range:
$109,200 - $207,800

The University of California, Office of the President, is required to provide a reasonable estimate of the compensation range for this role. This range takes into account the wide range of factors that are considered in making compensation decisions including but not limited to experience, skills, knowledge, abilities, education, licensure and certifications, and other business and organizational needs. It is not typical for an individual to be offered a salary at or near the top of the range for a position. Salary offers are determined based on final candidate qualifications and experience. The full salary range shows the growth potential for this position and the pay scale is the budgeted salary or hourly range that the University reasonably expects to pay for this position.

Benefits: For information on the comprehensive benefits package offered by the University visit: Benefits of Belonging

ADDITIONAL INFORMATION

HOW TO APPLY

Please be prepared to attach a cover letter and resume with your application.

APPLICATION REVIEW DATE

The first review date for this job is (4/9/25). The position will be open until filled.

CONDITIONS OF EMPLOYMENT

Background Check Process: Successful completion of a background check is required for this critical position. Background check process at UCOP

Smoke Free Work Environment: The University of California, Office of the President, is smoke & tobacco-free as of January 1, 2014. UC Smoke & Tobacco Free Policy

As a condition of employment, you will be required to comply with the University of California Policy on Vaccination Programs, as may be amended or revised from time to time. Federal, state, or local public health directives may impose additional requirements.

As a condition of employment, the finalist will be required to disclose if they are subject to any final administrative or judicial decisions within the last seven years determining that they committed any misconduct, are currently being investigated for misconduct, left a position during an investigation for alleged misconduct, or have filed an appeal with a previous employer.

• "Misconduct" means any violation of the policies or laws governing conduct at the applicant's previous place of employment, including, but not limited to, violations of policies or laws prohibiting sexual harassment, sexual assault, or other forms of harassment, discrimination, dishonesty, or unethical conduct, as defined by the employer.
  • UC Sexual Violence and Sexual Harassment Policy
  • UC Anti-Discrimination Policy for Employees, Students and Third Parties
  • APM - 035: Affirmative Action and Nondiscrimination in Employment

EEO STATEMENT

The University of California, Office of the President, is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, age or protected veteran status. For the University of California's Affirmative Action Policy please visit: https://policy.ucop.edu/doc/4010393/PPSM-20. For the University of California's Anti-Discrimination Policy, please visit: https://policy.ucop.edu/doc/1001004/Anti-Discrimination.

The University of California, Office of the President, strives to make this job board accessible to any and all users. If you have comments regarding the accessibility of our website or need assistance completing the application process, please contact us at: Accessibility or email the Human Resource Department at: epost@ucop.edu.