Job posting: UC Berkeley, IT Security Analyst 4 - IS Operations

[Allison Henry <akhenry () BERKELEY EDU>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


We are currently recruiting for an IT Security Analyst 4 on our Security
Operations team. This position focuses on internal tools development and
system integration. Please see the full job description below and if
interested apply at jobs.berkeley.edu.

In addition, there is an open recruitment for an IT Security Analyst 4
on the Assessment and Compliance team at UC Berkeley (Job ID 16295).

- -- 
Allison Henry
System and Network Security
University of California, Berkeley
http://security.berkeley.edu

Job Title: IT Security Analyst 4 (0661U) #16296
Job ID:    16296
Location:  Main Campus-Berkeley

Departmental Overview

The Information Security Office (ISO) coordinates the risk management
process for UC Berkeley's information systems and directs campus-wide
efforts to adequately secure institutional data. The Information
Security Office is led by the Chief Information Security Officer and
consists of two teams, the Operations team and the Assessment team. The
Operations team, System and Network Security (SNS), is responsible for
implementing and operating detection programs and security services for
the campus, as well as incident response and breach management. The
Assessment team is responsible for managing the campus information
system asset inventory and overseeing compliance of campus information
systems to internal and external standards.

The Information Security Office works closely with IT Policy to develop
and maintain the security policy framework for campus. The ISO also
coordinates with other key groups involved in risk management for the
campus, and the ISO also coordinates with peers across higher education
to share information and solutions to information security challenges.
This position is part of the Security Operations team and reports to the
Operations manager.

The position is a one-year contract with the potential to extend.

Responsibilities

The primary areas of focus for this position are tools development and
system integration to support security operations. Security operations
generates and receives a large quantity of data about systems, networks,
and activities on these networked systems. Bringing this data together
to identify actionable security events and generate relevant security
metrics is an interesting challenge we face. This position will take a
leading role in designing and implementing new and better ways to
integrate this security data. The position will also lead the
development of tools to increase overall team productivity. A strong
combination of problem analysis and programming skills are required. The
successful candidate must be able to implement well-designed, modular
systems using all usual best practices of software development. As a
member of System and Network Security you will be part of growing team
of campus security professionals that operate and implement security
services for the University of California, Berkeley.

• Analyze internal and external data feeds and develop well-documented
and reliable data feeds

• Design efficient and cost-effective methods for normalizing and
combining event and network data

• Develop scripts and tools as needed by team members to support
operations and automate repetitive tasks

• Design, test and promote to production processes to create security
alerts and manage incident workflow

• Design and implement team and campus-facing tools

Required Qualifications

• Exceptional system design and system integration experience and
ability, including dealing with large volumes of structured and
semi-structured data

• Very strong programming skills in modern Perl

• Database experience in a modern relational database management system
(PostgreSQL strongly preferred)

• Web programming experience in Perl, including a strong understanding
of good security coding practices such as mitigating the OWASP top 10

• Shell scripting experience on UNIX

• Data modeling experience

• Database development experience, including database server-side
programming (i.e. writing stored procedure or function code), SQL
development, and using Perl to access databases

• Passion for information security

• Clear, concise writing ability

Preferred Qualifications

• Familiarity with configuring and programmatically interacting with
ticket tracking systems such as Request Tracker (RT)

• Catalyst MVC framework experience

• Reading knowledge of one or more other programming languages: Python,
PHP, Java, Ruby

Salary & Benefits

The salary range for the position of IT Security Analyst 4 is $71,600 -
$140,800 annually, depending on qualifications and experience. The
midpoint salary is $106,200.

For information on the comprehensive benefits package offered by the
University visit:

http://atyourservice.ucop.edu/forms_pubs/misc/benefits_of_belonging.pdf

How to Apply

Please submit your cover letter and resume as a single attachment when
applying. Applications must include a cover letter to be considered;
applications without cover letters will not be considered.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlHfT5UACgkQKzbis0Yjv22OaACgo1j24CQm3SCK2jxFArDMbIPp
L6YAoMBMZ381bAOZKFpv6jOd+JtbGCWz
=R6cA
-----END PGP SIGNATURE-----