Job Postings

Open Staff Positions:

Security Assessments Manager

As Manager, you will work with our amazingly talented and high-performing Security Assessments team. These professionals are dedicated to reducing institutional risk through the critical analysis of information technology systems. As manager you’ll be coordinating the critical analysis of these applications, networks, and systems in a complex, heterogeneous environment. The work will have a direct and meaningful impact on information security at our world-class research institution.

Responsibilities

  • Makes recommendations to senior management regarding issues of privacy, security and compliance for department or entire campus. Analyzes the needs of functional departments and helps to establish priorities for feasibility studies and assess systems and processes against both internal campus security policy and external compliance requirements.
  • Directly manages communication and awareness methods to drive and integrate campus-wide IT privacy and security strategies to reach all constituents, faculty, staff, students and affiliates. Coordinates with functional departments involved in system requirements, techniques, and controls; including application of campus security requirements, data and system classification, and assessment frameworks.
  • Manages campus, compliance with privacy and security regulations. Administers IT policies that directly affect subordinate employees and proposes or assists in the development of Campus policy related to Security Assessment engagements across the institution.
  • Manages programs, projects and activities to support UC policy on stewardship of electronic resources campus-wide. Using a risk-based approach, establish goals, direction, and scheduling for Assessments Team workload and job assignments.
  • Monitors and manages the daily operation of department / section through subordinate supervisors, the coordination of activities of a department with responsibility for results in terms of costs, methods, and employees. Develops and monitors operational and budget processes, staff FTE, finances, human resources, and space planning.
  • Manages and recommends changes to policies which affect the department.
  • May serve as the campus authority and representative in campuswide, systemwide or national meetings regarding privacy, security, policy, and communication expertise in the area of security assessments and vendor reviews.
  • Interacts with law enforcement, Human Resources, Academic Personnel, Student Affairs across the campus on issues of significance that involve compliance of campus electronic information resource.

Required Qualifications

  • Broad knowledge of information technology security functional areas and as it relates to student data; health information; research subjects; finance; including credit card and loan transactions; management of IT resources and applications; and general computer use practices.
  • Knowledge of procedures for budget and account management.
  • Demonstrated understanding of privacy and security regulations and best practices, including federal and state laws, policies and standards, as well as extensive knowledge about a wide range of privacy / security regulations relevant to higher education.
  • Demonstrated communication skills with project teams, stakeholders, and external contacts including both technical and non-technical audiences.
  • Demonstrated ability to change the thinking of, or gain acceptance from, others in sensitive situations, without damage to the relationship.
  • Broad knowledge of subject area sufficient for strategic planning, technology assessment and direction.
  • Demonstrated experience managing technical staff.
  • Experienced in leading change management activities and managing their impact within the department.
  • Broad knowledge of technical concepts and basic operating principles of data communications, computer hardware, vendor IT products, and software.
  • Demonstrated oral and written communication skills, including the ability to effectively present technical topics to large groups with potentially varied levels of technical sophistication.
  • The ability to work effectively with a diverse group of employees and embraces unique viewpoints and outlooks.
  • Strong communication skills and effective conflict resolution.
  • Bachelors degree in related area and/or equivalent experience/training

The successful candidate will have a thorough knowledge of many of the following areas:

  • ISO 27000 and NIST (800-53, 800-171) information security standards
  • FERPA, PCI, HIPAA, FISMA compliance
  • Information risk management concepts and application
  • Application security testing practices, especially using the OWASP project materials
  • Cloud and vendor security standards and assessment frameworks (CSA, SOC 2), including vendor and contract management issues

In addition, the following competencies are required:

  • Significant (mid-career) Information Security or Compliance work experience
  • A proven track record of providing effective leadership and coordinating the differing skills, outlooks, and experiences of highly technical teams to achieve shared goals
  • Experience with and commitment to building team cohesion through the principles of inclusivity, diversity, and equality
  • Exceptionally strong written and verbal communication skills, and ability to effectively communicate across a broad range of campus audiences
  • Disciplined, organized, methodical, and demonstrable experience developing and executing project plans
  • Alignment with our campus mission of excellence in teaching, research and public service, and appreciation for how this affects our approaches to Information Security

Preferred Qualifications

  • UC Berkeley campus and system-wide (Office of the President) security policies and standards, or similar policies and standards in Higher Education and/or Research environments
  • Minimum of 2 years of experience managing an information technology organization.

Salary & Benefits

Annual salary up to $174,500. Salary commensurate with experience. For information on the comprehensive benefits package offered by the University visit: http://ucnet.universityofcalifornia.edu/compensation-and-benefits/index....

How to Apply

1. Select the appropriate link below to access our careers site. 
2. Sign In to access your account or if you are not an existing user select the New User link to create one. 
3. Review the job description and select the Apply button to begin your application.

External Applicants click here: https://careerspub.universityofcalifornia.edu/psp/ucb/EMPLOYEE/HRMS/c/HRS_HRAM.HRS_APP_SCHJOB.GBL?Page=HRS_APP_JBPST&Action=U&SiteId=21&FOCUS=Applicant&JobOpeningId=5970&PostingSeq=1

Internal Applicants click here: https://ucpath.universityofcalifornia.edu/peoplesoft-native/EMPLOYEE/HRMS/c/HRS_HRAM_EMP.HRS_APP_SCHJOB.GBL?Page=HRS_APP_JBPST&Action=U&FOCUS=Employee&SiteId=22&JobOpeningId=5970&PostingSeq=1


Open Student Positions:

#3461618 Security Operations Assistant
To apply, go to https://career.berkeley.edu/handshake and send resume, cover letter, and schedule to jakef@berkeley.edu


Security Operations Assistant (Assistant III)
Department: Information Security and Policy
Unit: IST/OCIO
Hours: 10-15 hours/week, hours TBD
Salary: $21/hour
Duration: Ongoing
Summer commitment: Desired
Start date: ASAP
       

The Information Security Office (ISO) collaborates with partners across the Berkeley campus to monitor network activity for vulnerabilities and security incidents, assess data and systems to align in accordance with policies, provide a centralized authentication and authorization system, clarify campus obligations needed to protect data, and to educate the community in becoming a culture of security.

ISO is comprised of five teams: Policy Program Management, Service Management, Security Operations, Development and Engineering, and Security Assessments. This position is part of the Security Operations team, and reports to the Information Security Operations Manager.


The Information Security Operations team is a close-knit group of talented information security professionals performing critical information security functions for the institution, including monitoring/detection, vulnerability scanning, incident/breach response, and network registration. This position supports the activities of the Security Operations team by assisting our Operations Center analysts with management of security incidents and security-related help desk requests.


Responsibilities may include:
* Triaging incident reports, queries, and other requests to our Security email contact address (security@berkeley.edu)
* Answering Security phone tree calls and responding as appropriate
* Drafting and reviewing templates, best-practice articles, and other communications
* Route escalated alerts to tier 2 and 3 analyst support
* Assist in documenting commonly occurring issues and fixes
* Fielding customer information security question and requests via phone and email
* Documents incident status and solutions in incident database tools


Required Qualifications:
* Strong interest in the field of Information Security
* Excellent customer service skills
* Effective written communication skills
* Ability to troubleshoot
* Dependable and attentive to detail
* Ability to work autonomously on projects
* Adept in using the Google Productivity Suite


Preferred Qualifications :
* Working knowledge of key concepts in Information Security
* Awareness of campus policies, practices, and guidelines for Information Security
* Experience working in a front-line customer service or help desk role
* Familiarity with IT Service management software (RequestTracker RT, Jira, ServiceNow)
* Exposure to Information Security tools including vulnerability scanning, Security information and Event Management (SIEM) (Splunk, ArcSight, LogRhythm) or Vulnerability scanners (Nessus, Saint, NMap)


Expectations
* Maintain confidentiality and objectivity in all matters business practices and clientele
* Be responsible with staff privileges, including use of equipment and access to restricted spaces
* Work assigned hours
* Report/meet with the hiring manager to discuss the status of assigned work
* Professional workplace behavior

Applicants must be currently enrolled students at UC Berkeley.