UC San Diego is ranked the 9th best public university in the nation by News and Report and is the largest employer based in San Diego County. Reporting to the VC-CFO, Information Technology Services (ITS) delivers Enterprise information technology services to the University of California, San Diego (UCSD) under the leadership of the campus Chief Information Officer (CIO).
Information Technology Services (ITS) uses world-class services and technologies to empower San Diego's mission to transform California and the world as a Student—centered, research-focused, service-oriented public university. AS a Strategic member of the UC San Diego community, ITS embraces innovation in their delivery of IT services, infrastructure, applications, and support. ITS is customer focused and committed to collaboration, continuous improvement, and accountability.
IT Security (a department Within ITS) is responsible for the design, deployment and administration Of network, endpoint, application and information asset protection Systems. IT Security Staff also work Closely With the IT Infrastructure and Operations department to provide the network/security infrastructure.
The Senior Network Security Engineer (IT Security Analyst 4) is responsible for designing, deploying and managing the core campus network security infrastructure, including network firewalls, VPN, IDS/IPS, SIEM, application gateways/proxies for a 100,000-node network one Of the largest networks in San Diego. The position Serves as a senior network security architect, subject matter expert and technical implementation lead on advanced/complex, campus-wide Core network security System deployments. The Senior Analyst will be engaged in a number of major project activities, including the design and deployment of a campuswide network firewall infrastructure as well as VPN, SIEM and DDOS deplownents.
Serves as technical lead responsible for the design, delivery and performance of security infrastructure and services, such as the firewall, VPN, SIEM, load balancers. application gateways, proxies, etc.
Ensures that the network security services are effective in enforcing the security policy Of the Campus, and responsive to the needs of the customer.
Closely collaborates with the network engineering staff to architect, deplm,', configure and maintain the campus core network infrastructure.
Monitors and responds to the most complex issues and events, analyzes and troubleshoots network traffic, and resolves the most advanced network-security challenges.
Leads risk activities to identify potential threats/vulnerabilities to network Identifies suspicious behavior, and addresses threats to the enterprise network infrastructure.
Serves as an expert resource on regulations.'frameworks such as IS027k, HIPAA, FERPA, PCI, etc. and ensures compliance of security infrastructure.
Must be available to work evenings, weekends, and holidays.
Must be able to work on a rotating on-call basis.
Must be available to travel as required.
A Bachelor's Degree in Computer Science, Information Security or a closely-related field AND six (6) years of related experience in information security in an enterprise environment OR ten (10) years of recent relevant experience.
Expert knowledge and ability to deploy network security infrastructure in a large enterprise/campus environment, including network firewalls (Cisco, Juniper, Fortinet. Palo Alto), Cisco Routers/Switches (Catalyst 6sxx, Nexxus 7k and 9k), VPN, Wireless, IDS/IPS, SIEM, application gateways/proxies, load balancers, etc.
Proven skill at administering complex security controls and configurations to computer hardware, software and networks. Expert in implementing controls in network security systems such as designing, implementing and managing network firewall policies across a multi-tenant environment.
Advanced experience using IT security systems and tools, such as nmap, Wireshark, tcpdump, grep, awk, sed, regex, Splunk, and basic Linux admin.
Advanced knowledge of data encryption technologies and experience selecting and applying appropriate data encryption technologies. Understanding of cryptography and strengths/weaknesses of various encryption ciphers and hash functions (AES, 3DES, SHA, MD5, etc.)
Professional certifications such as CCIE/CCNP, GIAC, CEH, or ClSSP.
Job offer is contingent upon a satisfactory clearance based on background check results.
Our employees enjoy competitive compensation packages and educational opportunities in a diverse, stimulating workforce.
This position is eligible for full benefits first day of hire:
a) Health/Dental/Vision Insurance
b) Vacation/holidays (18 vacation days & 13 paid holidays a year)
The University of California is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, age, protected veteran status, gender identity or sexual orientation. For the complete University of California nondiscrimination and affirmative action policy see: http://www-hr.ucsd.edu/saa/nondiscr.html