We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
New
University of California - San Francisco Campus and Health jobs

IT Security Analyst

University of California - San Francisco Campus and Health
United States, California, San Francisco
Jan 18, 2025

IT Security Analyst

IT Security and Policy

Full Time

83370BR

Job Summary

This position supports UCSF IT Security, which develops, communicates, and supports University-wide information security policies and programs that ensure the confidentiality, integrity, and availability of UCSF Electronic Information Resources (EIRs).

This role reports directly to the Information Security Incident Response Manager. The primary responsibility is to perform and monitor standard electronic discovery (eDiscovery) processing and litigation functions, including data import/ingestion, export, job quality control, and case database administration. The role involves tracking eDiscovery data and electronically stored information (ESI) workflows and quality control according to standard operating procedures. The position also requires consultation with UCSF Legal Affairs and UC Legal to evaluate and recommend standardized procedures relating to the Electronic Discovery Reference Model (EDRM): identifying, preserving, collecting, processing, analyzing, reviewing, producing, and presenting ESI and paper documents.

Additionally, the role includes incident response activities such as event and incident monitoring, threat detection and data correlation, and incident response actions using a wide range of security monitoring tools. Responsibilities include collecting potential breach evidence, participating in network and host forensic analysis, and following up with incident remediation activities.

Strong written and verbal communication skills are required. The senior analyst must be able to maintain eDiscovery processes and templates, coordinate with other process owners across the organization, and create or update documentation, and provide training.

This position requires a detail-oriented individual with strong analytical and critical-thinking skills. The candidate must be comfortable with working with client law firms and their clients to obtain data for ingestion, including through the use of SFTP, Box, Dropbox, etc., that can be ingested and processed while maintaining chain of custody. Perform or coordinate electronic and forensic collections and internal investigations. Track data acquisition from internal and external resources and verify data
integrity. Track and manage eDiscovery requests by outside counsel law firms to completion. Create productions and exports for delivery to clients. Candidate must be familiar with identifying abnormal network traffic and system activities. Candidate must be accustomed to correlating data across multiple systems and tools in order to identify the likelihood of compromise.

This position will interact with faculty, staff, and senior leaders across the organization. They will be responsible for presenting to non-IT UCSF departments including Privacy, Legal, and Risk. The Senior Security Analyst will author incident summaries, provide remediation recommendations, and have the ability to state a probability of compromise risk level to these non-IT teams.

This position acts as a Senior Information Security Analyst in order to monitor, detect, report, and remediate threats to the UCSF infrastructure, its assets, and its data. Responsible for detailed analysis of alerts and potential threats as well as data correlation and corroboration across a variety of network and host monitoring and threat detection tools. Responsible for clearly documenting the event, threat, and IR actions taken and/or recommended. Responsible for leading security incident investigations requiring task delegation and follow-up with junior team members.

The final salary and offer components are subject to additional approvals based on UC policy.

Your placement within the salary range is dependent on a number of factors including your work experience and internal equity within this position classification at UCSF. For positions that are represented by a labor union, placement within the salary range will be guided by the rules in the collective bargaining agreement.

The salary range for this position is $137,000 - $205,600 (Annual Rate).

To learn more about the benefits of working at UCSF, including total compensation, please visit: https://ucnet.universityofcalifornia.edu/compensation-and-benefits/index.html

Department Description

The UCSF IT Security group's responsibilities include, but are not limited to:

  • E-Discovery service
  • Incident response and forensic analysis
  • Threat hunting and event analysis
  • Establishing policies and standards for information security
  • Proving guidance and conducting risk assessments of systems and solutions
  • Governance, risk, and compliance
  • Architecting secure business solutions
  • Architecting threat detection, security monitoring and forensic solutions
  • Outreach and security awareness training and education
  • Endpoint security, such as encryption, anti-malware, endpoint detection and response

Required Qualifications


  • Bachelor's degree in related area and / or equivalent experience / training.
  • Substantial experience with eDisocvery data collections, searching, exporting, tracking, quality assurance and presentation
  • 5+ years of relevant progressive experience
  • 1 or more years of experience in a dedicated eDiscovery role where the candidate is searching, collecting, and producing data for eDiscovery and investigation purposes or similar/related experience.
  • Knowledge of other areas of IT, department processes and procedures.
  • Understanding of privacy and legal issues in a regulated higher-education healthcare environment
  • Understanding of industry trends and threats
  • Strong interpersonal communications to work with colleagues and customers who have a wide range of technical skills and knowledge
  • OS: Windows, Unix, OSX, VMWare
  • Office: MS Suite
  • Enterprise IT: Distributed system technologies, load balancers, storage systems, enterprise email systems, web applications, cloud services, virtualization technologies, enterprise networking systems, enterprise firewalls
  • Substantial experience with creating productions and exports for delivery to clients
  • Substantial experience with performing or coordinating electronic and forensic collections and internal investigations.
  • Substantial experience with tracking and maintaining legal preservation, including the custodians, physical / electronic preservation collections, legal holds, and associated processes.
  • Skilled at reading and interpreting security logs as well as analyzing and correlating logs for evidence of security breaches.
  • Knowledge of the Cyber Kill Chain and ability to recognize mitigations and containment steps at each stage of an attack
  • Experience using IT security systems and tools such as SIEM, syslog, network threat detection, and malware analysis.
  • Demonstrated skills applying security controls to computer software and hardware.
  • Demonstrated skill at administering complex security controls and configurations to computer hardware, software and networks.
  • Knowledge of computer enterprise hardware, software, cloud and network security issues, architectures and approaches.
  • Ability to clearly and completely summarize a security event, directed investigation steps, and potential risk to the organization
  • Ability to follow department processes and procedures.
  • Interpersonal skills sufficient to work effectively with both technical and non-technical personnel at various levels in the organization.
  • Detail oriented recording of investigation notes, correlation logic, and determination of compromise

Preferred Qualifications


  • Security Tools: enterprise scale signature based host security suites, network vulnerability scanning, web application vulnerability scanning, host intrusion detection systems, system monitoring, system information and event management logging, network based malware sandbox threat detection, IDS/IPS, enterprise firewalling
  • Forensic Tools: Forensic Case Management, eDiscovery Tools, Disk Forensic Tools, Memory Forensic Tools, Forensic Image Mounting, Forensic Imaging Tools
  • CEDS - Certified eDiscovery Specialist
  • EnCE - EnCase Certified Examiner
  • Relevant security certifications (GCIH, GCIA, GCED, CISSP, OSCP, CCSP, CCSK, or other GIAC)

About UCSF

The University of California, San Francisco (UCSF) is a leading university dedicated to promoting health worldwide through advanced biomedical research, graduate-level education in the life sciences and health professions, and excellence in patient care. It is the only campus in the 10-campus UC system dedicated exclusively to the health sciences. We bring together the world's leading experts in nearly every area of health. We are home to five Nobel laureates who have advanced the understanding of cancer, neurodegenerative diseases, aging and stem cells.

Pride Values

UCSF is a diverse community made of people with many skills and talents. We seek candidates whose work experience or community service has prepared them to contribute to our commitment to professionalism, respect, integrity, diversity and excellence - also known as our PRIDE values.

In addition to our PRIDE values, UCSF is committed to equity - both in how we deliver care as well as our workforce. We are committed to building a broadly diverse community, nurturing a culture that is welcoming and supportive, and engaging diverse ideas for the provision of culturally competent education, discovery, and patient care. Additional information about UCSF is available at diversity.ucsf.edu

Join us to find a rewarding career contributing to improving healthcare worldwide.

Equal Employment Opportunity

The University of California San Francisco is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran or disabled status, or genetic information.

Organization

Campus

Job Code and Payroll Title

000661 IT SCRTY ANL 4

Job Category

Clinical Systems / IT Professionals

Bargaining Unit

99 - Policy-Covered (No Bargaining Unit)

Employee Class

Career

Percentage

100%

Location

San Francisco, CA

Campus

Mission Center Building (SF)

Work Style

Hybrid

Shift

Days

Shift Length

8 Hours

Additional Shift Details

Mon-Fri 8-5 + On Call as required

Applied = 0
MORE JOBS LIKE THIS

(web-6f6965f9bf-tv2z2)