Educause Security Discussion mailing list archives
Job posting: University of California, Berkeley, IT Security Analyst 3
From: Allison Henry <akhenry () BERKELEY EDU>
Date: Mon, 24 Jun 2013 08:58:48 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 We are currently recruiting for an IT Security Analyst 3 to maintain internal systems and provide support to our Security Operation programs. Please see the full job description below and if interested apply at jobs.berkeley.edu. Also, we will be posting an additional Security Analyst 4 position shortly, which will focus on development and systems integration. - -- Allison Henry System and Network Security University of California, Berkeley http://security.berkeley.edu Job Title: IT Security Analyst 3 #16025 (7338U) Job ID: 16025 Location: Main Campus-Berkeley Departmental Overview The Information Security Office (ISO) coordinates the risk management process for UC Berkeley's information systems and directs campus-wide efforts to adequately secure institutional data. The Information Security Office is led by the Chief Information Security Officer and consists of two teams, the Operations team and the Assessment team. The Operations team, System and Network Security (SNS), is responsible for implementing and operating detection programs and security services for the campus, as well as incident response and breach management. The Assessment team is responsible for managing the campus information system asset inventory and overseeing compliance of campus information systems to internal and external standards. The Information Security Office works closely with IT Policy to develop and maintain the security policy framework for campus. The ISO also coordinates with other key groups involved in risk management for the campus, and the ISO also coordinates with peers across higher education to share information and solutions to information security challenges. This position is part of the Security Operations team and reports to the Operations manager. The position is a one-year contract with the potential to extend. Responsibilities ? Maintain security operations environment and working with other operations staff to implement and extend security operations programs. ? Maintain the operations environment includes system administration work: managing hardware replacement cycles, updating the standard RHEL image, documentation of the baseline image and machines, coordinating with other security staff to install and configure additional software on top of the baseline image, very aggressive system patching, account management, monitoring of services, responding to monitoring alerts, and monitoring the backup process. ? Implementing several efficiency-related projects to system administration will be an early responsibility for the position. ? Implement and extend security operations programs covers a very wide array of activities, but will focus initially on log collection and analysis in our SIEM deployment. ? Design and implement various logging and log relay strategies to receive logs from a diverse set of applications and technologies on campus managed by different teams, receiving and processing data from critical infrastructure (BigFix, flow data, Secunia, hardware firewalls, load balances, Active Directory, Kerberos, and others), maintaining and ensuring logs from campus groups meet minimum requirements, writing custom parsers for unusual log formats, developing correlations in the SIEM, analyzing logs, and responding to potentially critical security alerts identified by this log analysis. ? Future efforts will include tuning of operation security systems (Nessus, Snort, Intrushield, Bro, and others), work with network taps including potentially 100Gbit networking and openflow, evaluation of new security software and appliances in order to meet specific security standard objectives for campus, and participation in design discussions for changes to the operational environment. Required Qualifications Three or more years of experience managing RHEL systems is required, including experience with hardware, basic networking, secure configuration, monitoring and backups. A strong interest in security and ability to demonstrate an understanding of security concepts is essential. Knowledge of and ability to adhere to security best practices for supported platforms is essential, including system hardening, monitoring, hardware/host firewall configuration and management, etc. Strong written communication skills, in order to clearly document system design, configuration, and security practices, are also required. Experience with two or more of the following is required: ? Virtualization technologies ? Vulnerability scanning and detection ? Intrusion detection ? Log collection and analysis ? Web servers ? Virtualized networking, Openflow, IPv6 or other beyond-the-basics networking The ideal candidate has a strong desire to learn about the topics on the above list which are not already known Preferred Qualifications ? Experience with Network Intrusion Detection Systems ? Windows, Mac or BSD administration experience ? Bash, perl or python scripting experience ? Familiarity with hardening standards such as CIS, NIST, NSA ? GSEC certification Salary & Benefits For information on the comprehensive benefits package offered by the University visit: http://atyourservice.ucop.edu/forms_pubs/misc/benefits_of_belonging.pdf How to Apply Please visit jobs.berkeley.edu and search for this posting for this posting. Please submit your cover letter and resume as a single attachment when applying. -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org iEYEARECAAYFAlHIbLgACgkQKzbis0Yjv208fQCgwDYFQkAROqoE9fp7zRzzuIcV rnEAoKGiBxABHiAxxNTO3CQLVMCDihOg =/Pmx -----END PGP SIGNATURE-----
Current thread:
- Job posting: University of California, Berkeley, IT Security Analyst 3 Allison Henry (Jun 24)