Special Selection Applicants: Apply by 02/18/2019. Eligible Special Selection clients should contact their Disability Counselor for assistance.
This is a position on the Health Information Security Operations team as an IT Security Analyst. The primary responsibility includes monitoring, detecting, protecting and maintaining the security of data, systems and networks as well as defining the security requirements that must be implemented in IT solutions. Team members plan, configures, designs, develops, implements and maintains tools, systems and procedures to insure the integrity, reliability and security of data, systems and networks.
Technical leader with a high degree of knowledge in the overall field and recognized expertise in specific areas; problem-solving frequently requires analysis of unique issues/problems without precedent and/or structure. May manage programs that include formulating strategies and administering policies, processes, and resources; functions with a high degree of autonomy. Seeking candidates with experience defining the security requirements for safeguarding an Active Directory domain and utilizing best practices for securing cloud solutions in Azure, AWS and Google Docs.
A Bachelor's Degree in health care, information technology, computer science, or related area; and/or equivalent combination of experience/training.
Minimum of five (5+) or more years of relevant experience i.e defining the security requirements for cloud solutions.
Thorough understanding of the risk assessment requirements and demonstrated skills to conduct, analyze and document risk assessments at the enterprise level as defined in HIPAA andHITECH.
Advanced knowledge of IT security. Extensive expertise in security policy creation and compliance monitoring, auditing methodology, and conducting technology risk assessments.
Advanced experience with web application and network/endpoint vulnerability scanning and remediation, pen testing, sensitive data discovery and data loss prevention systems.
Demonstrated skill at administering complex security controls and configurations to computer hardware, software and networks.
Understanding of network/host firewalls, application gateways/proxies, anti-malware, patch management, disk encryption, centralized configuration, log management, system hardening practices, etc.
Proven skills applying security controls to computer software and hardware. Solid understanding of information security policies, standards, industry best practices, and frameworks (ISO 27K, NIST 800-115, PCI DSS, HIPAA, FERPA, etc.).
Advanced experience in incident response and digital forensics including reporting. Expert knowledge of forensic processes, standards and tools.
Demonstrated knowledge of networking technology.
Advanced knowledge of data encryption technologies and experience selecting and applying appropriate data encryption technologies.
Expert understanding of cryptography and strengths/weaknesses of various encryption ciphers and hash functions.
Demonstrated knowledge of secure hardware, software and network design techniques.
Demonstrated skill at analyzing and preventing security incidents of high complexity.
Experience with defining security requirements for an Active Directory enterprise domain.
Ability to give work direction, create task assignments, and give instructions to subordinate technical staff to accomplish project goals/milestones.
Solid interpersonal skills sufficient to work effectively with both technical and non-technical personnel at various levels in the organization. Ability to quickly develop knowledge of department processes and procedures.
Ability to effectively prioritize tasks, manage time, organize activities and deliver overall high productivity. Works with a high degree of autonomy. Ability to function well in stressful situations, under tight deadlines, and in a generally fast-paced work environment.
Experience with SEIM and security log analysis tools such as Splunk, Stealth Watch, Fireye, Log Insight or similar tools.
Demonstrated healthcare experience.
Information Security certification such as CISSP, CISA, CISM, CCSFP, etc.
Employment is subject to a criminal background check and pre-employment physical.
Must be able to work various hours and locations based on business needs.
UC San Diego is an academic powerhouse and economic engine, recognized as one of the top 8 public universities by U.S. News and World Report. Innovation is central to who we are and what we do. Here, students learn that knowledge isn't just acquired in the classroom - life is their laboratory. UC San Diego's rich academic portfolio includes six undergraduate colleges, five academic divisions and five graduate and professional schools. The university's award-winning scholars are experts at the forefront of their fields with an impressive track record for achieving scientific, medical and technological breakthroughs.