UC San Diego is ranked the 9th best public university in the nation by U.S. News and World Report and is the largest employer based in San Diego County. Reporting to the VC-CFO, Information Technology Services (ITS) delivers Enterprise information technology services to the University of California, San Diego (UCSD) under the leadership of the campus Chief Information Officer (CIO).
As the Information Security Office of the University of California, San Diego we lead information assurance, community security awareness, identity and access management, and security architecture and engineering, as well as helping researchers align with an ever-changing regulatory landscape. We are a service oriented organization focused on supporting mission-centric activities, advancing the competitiveness of the campus.
Under the mentorship of the CISO and in partnership with other campus administrators, this position is tasked with crafting and steering our risk and compliance program. We are looking for a mid-career security engineer or analyst with good technical skills, who is passionate about working at the intersection of technology and risk management. This position will require an individual with good interpersonal skills, and a willingness to partner with researchers, or IT staff working with regulated or otherwise protected information and systems.
If you are comfortable embracing a broad portfolio of challenges, enjoy taking a holistic view of information risk, can review a system architecture diagram as easily as you can read a NIST publication, you're the person we'd like to talk to.
Responsibilities • You will perform risk assessments of vended products and new projects • You will engage in contract review and negotiations to best protect the University s interests, members of our community, and compliance with legal and policy obligations • Lead and/or act as a domain authority for initiatives related to data security and regulatory compliance including acting as a liaison and technical lead for PCI compliance • You will support and help guide compliance in our migration to AWS, Azure, and GCP • Help craft and monitor our program for controlled unclassified information for both cloud and on premise solutions • You will make recommendations for security controls and ensures remediation of any deficiencies to ensure compliance with campus policy and regulatory requirements such a PCI, HIPAA, FERPA, and iTAR.
Our employees enjoy competitive compensation packages and educational opportunities in a diverse, stimulating workforce. This position is eligible for full: 1) Health/Dental/Vision Insurance 2) Vacation/Holidays (15 vacation days and 13 paid holidays a year) 3) Life Insurance 4) UC Retirement Plan.
Employee must be available to work evenings, weekends, and holidays.
Employee must be available to travel as required.
Must be willing and able to work on a rotating on-call basis.
A Bachelor's Degree in Computer Science, Information Security or a closely-related field AND six (3) years of related experience in information security in an enterprise environment
Advanced knowledge of IT security. Extensive expertise in security policy creation and compliance monitoring, auditing methodology, and conducting technology risk assessments.
Advanced experience with web application and network/endpoint vulnerability scanning and remediation, pen testing, sensitive data discovery and data loss prevention systems.
Proven skills applying security controls to computer software and hardware. Solid understanding of information security policies, standards, industry best practices, and frameworks. (ISO 27K, NIST 800-115, PCI DSS, HIPAA, FERPA, etc.).
Advanced experience using IT security systems and tools.
Advanced knowledge of data encryption technologies and experience selecting and applying appropriate data encryption technologies.
Ability to give work direction, create task assignments, and give instructions to subordinate technical staff to accomplish project goals/milestones.
Job offer is contingent upon satisfactory clearance based on Background Check results.
Ability to obtain and maintain a DOD security clearance.
The University of California is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, age, protected veteran status, gender identity or sexual orientation. For the complete University of California nondiscrimination and affirmative action policy see: http://www-hr.ucsd.edu/saa/nondiscr.html