Under direct supervision of the Information Security Officer, provides technical and operational support as needed.
Application Administration and Maintaining Security Operations. Design, Develop, Implement, and support technical security and network controls and assist with developing and implementing the campus information security program. Provide technical design, analysis, support, and troubleshooting of assigned network applications, tools, and interfaces. Maintain and support assigned systems to ensure minimal downtime and loss of productivity and service.
Performs daily operation tasks, including checking campus Anti-Virus Console, Firewall Security rules, DLP Scanner, Web Scanner, Vulnerability Scanner, Compliance Scanner, and other software as assigned. Design, build, develop, implement, and perform network vulnerability scans, PCI Scanning, and provide remediation alternatives. Prepare and maintain documentation, including the inventory of confidential campus data and other high-risk information assets. Create guidelines for complying with campus requirements by devising solutions or documenting practices already in use on campus. Analyze and implement functional requirements; research, design, develop, test, and implement applications, modifications, and interfaces. Use technology tools appropriately for application development and support. Install, implement, test, and troubleshoot software as needed, including testing new software packages for deployment. Use System Development Life Cycle (SDLC) methodologies and procedures to facilitate application source code management and modifications. Analyze and implement network system, user system, and application needs; recommend and implement appropriate solutions. Develop and conduct user needs assessments. Analyze and implement security requirements and develop and implement procedures to meet these requirements. Regularly review assigned responsibilities to identify and manage security risks. Escalate security issues as appropriate.
Consult and collaborate with functional and technical staff to identify and document software and network deployment requirements and routine security operations. Determine, evaluate and implement alternative approaches to meet user needs and recommend optimal solutions. Provide support to campus employees regarding security concerns. Perform ongoing information security risk assessments throughout campus. Develop training materials and conduct training sessions and presentations—document assignment status as required by supervisor. Escalate problems or unexpected resource requirements. Apply general knowledge of requirements for accessibility compliance where appropriate. Provide training to other employees as needed and provide lead work direction to student assistants. Use available resources to maintain and enhance technical currency. Maintain and develop interpersonal skills. Perform other job-related duties and special projects as assigned.
SUPERVISOR/OTHER WORK RELATIONSHIPS:
Reports to the Information Security Officer. Maintains close working relationship with other IT Consultants and Helpdesk staff, Network Technicians, and other IT staff as needed. Outside contacts include software and hardware vendors and colleagues in similar positions at other institutions, particularly within the CSU.
REQUIREMENTS OF POSITION:
AA degree required. Bachelor’s degree preferred. Five years of related professional experience with an Associate degree in computer science or related field and professional information security technical certification(s) or a Bachelor’s degree in computer science or related field. Experience performing forensic analysis. Experience responding to security audits. Ability to conduct information security risk assessment. Knowledge of relational or key-value database engines such as Oracle, MySQL, SQLite, Red is, Riak, Cassandra, Hadoop/H Base. Demonstrated experience using a common scripting language (e.g., Perl, Python, PHP) Experience developing and maintaining software in C, C++, or Java.
A background check (including a criminal records check) must be completed satisfactorily before any candidate can be offered a position with the CSU. Failure to satisfactorily complete the background check may affect the application status of applicants or continued employment of current CSU employees who apply for the position.
The person holding this position is considered a ‘mandated reporter’ under the California Child Abuse and Neglect Reporting Act and is required to comply with the requirements set forth in CSU Executive Order 1083 Revised July 21, 2017as a condition of employment.