IT Security Analyst

IT Security Analyst

IT Security and Policy

Full Time

87824BR

Job Summary

This role will require regular onsite work, 3 days per week.

This position supports UCSF IT Security, which develops, communicates, and supports University-wide information security policies and programs that ensure the confidentiality, integrity, and availability of UCSF Electronic Information Resources (EIRs).

This role reports directly to the Information Security Incident Response Manager. The primary responsibility is to perform and monitor standard electronic discovery (eDiscovery) processing and litigation functions, including data import / ingestion, export, job quality control, and case database administration. The role involves tracking eDiscovery data and electronically stored information (ESI) workflows and quality control according to standard operating procedures. The position also requires consultation with UCSF Legal Affairs and UC Legal to evaluate and recommend standardized procedures relating to the Electronic Discovery Reference Model (EDRM) : identifying, preserving, collecting, processing, analyzing, reviewing, producing, and presenting ESI and paper documents.

Additionally, the role includes incident response activities such as event and incident monitoring, threat detection and data correlation, and incident response actions using a wide range of security monitoring tools. Responsibilities include collecting potential breach evidence, participating in network and host forensic analysis, and following up with incident remediation activities.

Strong written and verbal communication skills are required. The senior analyst must be able to maintain eDiscovery processes and templates, coordinate with other process owners across the organization, and create or update documentation, and provide training.

This position requires a detail-oriented individual with strong analytical and critical-thinking skills. The candidate must be comfortable with working with client law firms and their clients to obtain data for ingestion, including through the use of SFTP, Box, Dropbox, etc., that can be ingested and processed while maintaining chain of custody. Perform or coordinate electronic and forensic collections and internal investigations. Track data acquisition from internal and external resources and verify data

integrity. Track and manage eDiscovery requests by outside counsel law firms to completion. Create productions and exports for delivery to clients. Candidate must be familiar with identifying abnormal network traffic and system activities. Candidate must be accustomed to correlating data across multiple systems and tools in order to identify the likelihood of compromise.

This position will interact with faculty, staff, and senior leaders across the organization. They will be responsible for presenting to non-IT UCSF departments including Privacy, Legal, and Risk. The Senior Security Analyst will author incident summaries, provide remediation recommendations, and have the ability to state a probability of compromise risk level to these non-IT teams.

This position acts as a Senior Information Security Analyst in order to monitor, detect, report, and remediate threats to the UCSF infrastructure, its assets, and its data. Responsible for detailed analysis of alerts and potential threats as well as data correlation and corroboration across a variety of network and host monitoring and threat detection tools. Responsible for clearly documenting the event, threat, and IR actions taken and / or recommended. Responsible for leading security incident investigations requiring task delegation and follow-up with junior team members.

The final salary and offer components are subject to additional approvals based on UC policy.

Your placement within the salary range is dependent on a number of factors including your work experience and internal equity within this position classification at UCSF. For positions that are represented by a labor union, placement within the salary range will be guided by the rules in the collective bargaining agreement.

The salary range for this position is $70.35 - $87.47 (Step Hourly Rate).

To learn more about the benefits of working at UCSF, including total compensation, please visit : https : / / ucnet.universityofcalifornia.edu / compensation-and-benefits / index.html

Department Description

The UCSF IT Security group's responsibilities include, but are not limited to :

• E-Discovery service
• Incident response and forensic analysis
• Threat hunting and event analysis
• Establishing policies and standards for information security
• Proving guidance and conducting risk assessments of systems and solutions
• Governance, risk, and compliance
• Architecting secure business solutions
• Architecting threat detection, security monitoring and forensic solutions
• Outreach and security awareness training and education
• Endpoint security, such as encryption, anti-malware, endpoint detection and response

Required Qualifications

Preferred Qualifications

CEDS - Certified eDiscovery Specialist

About UCSF

The University of California, San Francisco (UCSF) is a leading university dedicated to promoting health worldwide through advanced biomedical research, graduate-level education in the life sciences and health professions, and excellence in patient care. It is the only campus in the 10-campus UC system dedicated exclusively to the health sciences. We bring together the world's leading experts in nearly every area of health. We are home to five Nobel laureates who have advanced the understanding of cancer, neurodegenerative diseases, aging and stem cells.

Pride Values

UCSF is a diverse community made of people with many skills and talents. We seek candidates whose work experience or community service has prepared them to contribute to our commitment to professionalism, respect, integrity, diversity and excellence - also known as our PRIDE values.

In addition to our PRIDE values, UCSF is committed to equity - both in how we deliver care as well as our workforce. We are committed to building a broadly diverse community, nurturing a culture that is welcoming and supportive, and engaging diverse ideas for the provision of culturally competent education, discovery, and patient care. Additional information about UCSF is available at diversity.ucsf.edu

Join us to find a rewarding career contributing to improving healthcare worldwide.

Equal Employment Opportunity

The University of California is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, age, protected veteran status, or other protected status under state or federal law.

Organization

Campus

Job Code and Payroll Title

006365 IT SCRTY ANL 4 TX

Job Category

Clinical Systems / IT Professionals

Bargaining Unit

University Professional Technical Employees - Technical Unit (UPTE-TX)

Employee Class

Career

Percentage

100%

Location

San Francisco, CA

Campus

Mission Center Building (SF)

Work Style

Flexible

Shift

Days

Shift Length

8 Hours

Additional Shift Details

Mon-Fri 8-5 plus On Call as required