Requisition Number: 03024020 Final Filing Date: 07-03-2019 Closing Date: Payroll Title: IT SECURITY ANL 3 Number of Positions: 1 Salary: $5,466.67-$11,183.33/MO Appointment Type: Career Appointment Description: 100% FTE, Fixed; Monday-Friday, 8am-5pm FOR FULL CONSIDERATION, PLEASE APPLY BEFORE 06/24/2019. Overtime Eligible (FLSA): Exempt Union/HEERA Representation: This position is not represented by a collective bargaining unit
Department: ENT APPS & INFRASTRUCTURE SVCS - 061419 Department Description: The mission of Information and Educational Technology (IET) is to create and support an information technology environment that enhances the ability of the UC Davis community to teach, do research and provide public service. In support of the University's mission, IET will deliver an infrastructure of technological services appropriate to the requirements of the campus community.
NO VISA SPONSORSHIP IS AVAILABLE FOR THIS POSITION
Location: Davis Allow Applicants to Attach: Resume Cover Letter
Job Summary: Under the general direction of the Assistant Chief Information Security Officer (ACISO), the Information Security Risk Analyst assesses and manages security and data protection solutions that support the mission of the university and protect the confidentiality, integrity, and availability of information assets owned or entrusted to UC Davis.
Evaluates, and supports the documentation, validation, and accreditation processes necessary to assure that new and existing information technology (IT) systems meet the University's information assurance (IA) and security requirements. This position prepares/maintains various security reports and dashboards, participates in technology assessment and audit activities, prepares and reviews system security architecture designs, and actively participates with business and campus units throughout the university community.
This Information Security Analyst also tracks and reports on security risks and control effectiveness to the CISO. Stays abreast of evolving Campus needs, technology and capabilities. Works with campus stakeholders to ensure data security needs and controls are aligned to support organizational goals and objectives and helps develop team decisions, and must maintain or preserve confidentiality when required to do so.
Physical Demands: Work at a computer for extended periods of time.
Work Environment: This position is a critical position and subject to a background check. Employment is contingent upon successful completion of background investigation including criminal history and identity check.
Vacation is restricted during peak work periods.
Work alternate or extended hours on short notice.
Occasional travel is required to campus and off campus worksites.
Due to the mission-critical services provided by this department, this position may work hours other than M-F 8-5, especially during system development, hardware or software installation, or in response to system problems.
Adhere to workplace safety practices, read information communicated about workplace safety, complete required safety training on time, and report any workplace safety issues promptly to their supervisor or the designated safety coordinator.
UC Davis is a smoke and tobacco free campus effective January 1, 2014. Smoking, the use of smokeless tobacco products, and the use of unregulated nicotine products (e-cigarettes) will be strictly prohibited on any UC Davis owned or leased property, indoors and outdoors, including parking lots and residential space.
Background Check Required: Yes
Minimum Qualifications: Experience assisting with and/or conducting independently the collection, examination, and analysis of information to identify gaps in systems in relation to requirements and industry standards.
Experience to coordinate several simultaneous activities with strict deadlines, complex scheduling requirements, and little or no tolerance for errors or delays.
Skills to apply IT security concepts to resolve problems in situations that require a review of a variety of factors.
Skills to monitor news sources and distill from the news source pertinent information.
Skills to organize and manage time to meet all task and project goals and to provide project reports as requested by clients and management.
Strong proficiency with common productivity software such as Microsoft Visio and Excel.
Preferred Qualifications: Bachelor's degree in related area and/or equivalent experience/training.
Two-three years as an information security professional or IT professional with applicable information security experience, preferably with experience assessing critical infrastructures using the Cyber Security Evaluation Tool (CSET).
CRISC, CISSP, CISA, GIAC or PCI certifications, including certifications that focus on critical infrastructure protection and assessment.
Knowledge of information security frameworks and standards such as ISO, NIST, NERC, DoD and regulations related to information security such as PCI, HIPAA, FISMA, SB 1386, etc.
Knowledge of the organization's core business/mission processes.
Knowledge of the organization's enterprise information technology (IT) goals and objectives University experience preferred.
Knowledge of network security architecture concepts, including topology, protocols, components, and principles (e.g., application of defense-in-depth).
Knowledge of Risk Management Framework (RMF) requirements.
Knowledge of computer network defense (CND) and vulnerability assessment tools, including open source tools, and their capabilities, as well as specialized tools, such as the CSET.
Knowledge of known vulnerabilities from alerts, advisories, errata, and bulletins.
Knowledge of information assurance (IA) principles and organizational requirements that are relevant to confidentiality, integrity, availability, authentication, and non-repudiation.
Knowledge of information technology (IT) supply chain security/risk management policies, requirements, and procedures.
Knowledge of current industry methods for evaluating, implementing, and disseminating information technology (IT) security assessment, monitoring, detection, and remediation tools and procedures, utilizing standards-based concepts and capabilities.
Knowledge of local specialized system requirements (e.g., critical infrastructure systems that may not use standard information technology [IT]) for safety, performance, and reliability.
Demonstrated ability to apply acquired job skills, policies, and procedures to complete substantive assignments, projects and tasks, while exercising judgement within defined guidelines and practices to determine appropriate action.
The University of California is an Equal Opportunity/Affirmative Action Employer advancing inclusive excellence. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, age, protected veteran status, or other protected categories covered by the UC nondiscrimination policy.
Copyright 2017 Jobelephant.com Inc. All rights reserved.
UC Davis is the home of the Aggies — go-getters, change makers and problem solvers who make their mark at one of the top public universities in the United States. Since we first opened in 1908, we’ve been known for standout academics, sustainability and Aggie Pride as well as valuing the Northern California lifestyle. These themes are woven into our 100-plus-year history and our reputation for solving problems related to food, health, the environment and society.Our 5,300-acre campus is in the city of Davis, a vibrant college town of about 68,000 located in Yolo County. The state capital is 20 minutes away, and world-class destinations such as the San Francisco Bay Area, Lake Tahoe and the Napa Valley are within a two-hour drive.
BACK TO TOP
The mission of the University Risk Management and Insurance Association is to advance the discipline of risk management
in higher education.