Open Staff Positions:
As Manager, you will work with our amazingly talented and high-performing Security Assessments team. These professionals are dedicated to reducing institutional risk through the critical analysis of information technology systems. As manager you’ll be coordinating the critical analysis of these applications, networks, and systems in a complex, heterogeneous environment. The work will have a direct and meaningful impact on information security at our world-class research institution.
The Security Assessments Team is a talented, and high-performing team of Information Security professionals dedicated to reducing institutional risk through the critical analysis of information technology systems. As manager of this highly technical group, you will encounter a wide variety of information systems critical to supporting the campus mission of teaching, research, and public service. You will have the opportunity to reduce institutional risk through coordinating critical analysis of these applications, networks, and systems in a complex, heterogeneous environment. Your work will have a direct and meaningful impact on information security at a world-class research institution.
Key responsibilities include:
Coordinate Security Assessments engagements across the institution
Using a risk-based approach, establish goals, direction, and scheduling for Security Assessments Team team workload
Review team work products to identify and escalate key risks to institutional data
Consult with institutional stakeholders to assess systems and processes against both internal campus security policy and external compliance requirements
Document assessment findings and remediation plans, and present reports to campus stakeholders and external vendors
Provide technical advice and consultation to personnel involved with development, deployment, administration, and security of the institution's systems and services
Interface with the campus Controller's office advising on best practices and assisting in addressing routine issues to comply with the PCI data security standards
Develop and participate in documentation of campus security requirements, data and system classification, and assessment frameworks
Stay informed about the latest developments in the information security field and contribute to outreach efforts educating campus users on emerging threats
Time will be split between team management tasks such as portfolio management, reviewing work products, and team logistics, and directly participating in assessments and other hands-on work (no more than 50%).
We’re looking for exceptional candidates meeting the following criteria:
Significant (mid-career) Information Security or Compliance work experience
A proven track record of providing effective leadership and coordinating the differing skills, outlooks, and experiences of highly technical teams to achieve shared goals
Experience with and commitment to building team cohesion through the principles of inclusivity, diversity, and equality
Exceptionally strong written and verbal communication skills, and ability to effectively communicate across a broad range of campus audiences
Disciplined, organized, methodical, and demonstrable experience developing and executing project plans
Alignment with our campus mission of excellence in teaching, research and public service, and appreciation for how this affects our approaches to Information Security
In addition, experience and qualifications in the following areas is desired:
ISO 27000 and NIST (800-53, 800-171) information security standards
FERPA, PCI, HIPAA, FISMA compliance
Information risk management concepts and application
Application security testing practices, especially using the OWASP project materials
Cloud and vendor security standards and assessment frameworks (CSA, SOC 2), including vendor and contract management issues
UC Berkeley campus and system-wide (Office of the President) security policies and standards, or similar policies and standards in Higher Education and/or Research environments
Salary & Benefits
The salary range for the position of Information Systems Manager 1 is $111,100 - $237,900 annually, depending on qualifications and experience. The midpoint salary is $174,500.
For information on the comprehensive benefits package offered by the University visit:
How to Apply
1. Select the appropriate link below to access our careers site.
2. Sign In to access your account or if you are not an existing user select the New User link to create one.
3. Review the job description and select the Apply button to begin your application.
External Applicants click here: https://careerspub.universityofcalifornia.edu/psp/ucb/EMPLOYEE/HRMS/c/HRS_HRAM.HRS_APP_SCHJOB.GBL?Page=HRS_APP_JBPST&Action=U&SiteId=21&FOCUS=Applicant&JobOpeningId=5970&PostingSeq=1
Internal Applicants click here: https://ucpath.universityofcalifornia.edu/peoplesoft-native/EMPLOYEE/HRMS/c/HRS_HRAM_EMP.HRS_APP_SCHJOB.GBL?Page=HRS_APP_JBPST&Action=U&FOCUS=Employee&SiteId=22&JobOpeningId=5970&PostingSeq=1
Open Student Positions:
#3461618 Security Operations Assistant
To apply, go to https://career.berkeley.edu/handshake and send resume, cover letter, and schedule to firstname.lastname@example.org
Security Operations Assistant (Assistant III)
Department: Information Security and Policy
Hours: 10-15 hours/week, hours TBD
Summer commitment: Desired
Start date: ASAP
The Information Security Office (ISO) collaborates with partners across the Berkeley campus to monitor network activity for vulnerabilities and security incidents, assess data and systems to align in accordance with policies, provide a centralized authentication and authorization system, clarify campus obligations needed to protect data, and to educate the community in becoming a culture of security.
ISO is comprised of five teams: Policy Program Management, Service Management, Security Operations, Development and Engineering, and Security Assessments. This position is part of the Security Operations team, and reports to the Information Security Operations Manager.
The Information Security Operations team is a close-knit group of talented information security professionals performing critical information security functions for the institution, including monitoring/detection, vulnerability scanning, incident/breach response, and network registration. This position supports the activities of the Security Operations team by assisting our Operations Center analysts with management of security incidents and security-related help desk requests.
Responsibilities may include:
* Triaging incident reports, queries, and other requests to our Security email contact address (email@example.com)
* Answering Security phone tree calls and responding as appropriate
* Drafting and reviewing templates, best-practice articles, and other communications
* Route escalated alerts to tier 2 and 3 analyst support
* Assist in documenting commonly occurring issues and fixes
* Fielding customer information security question and requests via phone and email
* Documents incident status and solutions in incident database tools
* Strong interest in the field of Information Security
* Excellent customer service skills
* Effective written communication skills
* Ability to troubleshoot
* Dependable and attentive to detail
* Ability to work autonomously on projects
* Adept in using the Google Productivity Suite
Preferred Qualifications :
* Working knowledge of key concepts in Information Security
* Awareness of campus policies, practices, and guidelines for Information Security
* Experience working in a front-line customer service or help desk role
* Familiarity with IT Service management software (RequestTracker RT, Jira, ServiceNow)
* Exposure to Information Security tools including vulnerability scanning, Security information and Event Management (SIEM) (Splunk, ArcSight, LogRhythm) or Vulnerability scanners (Nessus, Saint, NMap)
* Maintain confidentiality and objectivity in all matters business practices and clientele
* Be responsible with staff privileges, including use of equipment and access to restricted spaces
* Work assigned hours
* Report/meet with the hiring manager to discuss the status of assigned work
* Professional workplace behavior
Applicants must be currently enrolled students at UC Berkeley.