112256 - Incident Response and Threat Detection Supervisor
#112256 Incident Response and Threat Detection SupervisorInitial Review Date: Wed 10/20/2021
For the safety and well-being of the entire university community, the University of California requires, with few exceptions, that all students, faculty and staff be vaccinated against the COVID-19 virus before they will be allowed on campus or in a facility or office. For more information visit: https://ucnet.universityofcalifornia.edu/news/2021/10/flu-vaccination-requirement-for-uc-students,-faculty-and-staff-issued-for-2021-2022.html
UC San Diego Policy will not allow this position to receive work visa sponsorship.
Fully remote or Hybrid work will be considered.
UC San Diego is ranked the 9th best public university in the nation by U.S. News and World Report and is the largest employer based in San Diego County. Reporting to the VC-CFO, Information Technology Services (ITS) delivers Enterprise information technology services to the University of California, San Diego (UCSD) under the leadership of the campus Chief Information Officer (CIO).
Information Technology Services (IT Services) uses world-class services and technologies to empower UC San Diego's mission to transform California and the world as a student-centered, research-focused, service-oriented public university. As a strategic member of the UC San Diego community, IT Services embraces innovation in their delivery of IT services, infrastructure, applications, and support. IT Services is customer-focused and committed to collaboration, continuous improvement, and accountability.
Equity, Diversity, and Inclusion are core values at UC San Diego and within Information Technology Services. Crafting a culture around these values allows us to more deeply connect with and appreciate our employees, students, and campus partners. Information Technology Services is continuously working to build a community where we all feel safe, empowered, and encouraged to bring our authentic selves to work. We do this not only because it is what’s right, but because we know that diversity drives insight and innovation. We are proud to partner closely UC San Diego’s Office for Equity, Diversity, and Inclusion, as their dedication to this mission helps us all to drive change.
The Office of Information Assurance (OIA), a unit of ITS, manages the security and identity infrastructure for UC San Diego and is responsible for managing the campus cybersecurity program.
As a key member of OIA, the Lead Analyst for incident response and threat detection will coordinate and direct incident response activities and leverage the significant instrumentation we have of our environment to detect and respond to intrusions of the UC San Diego digital infrastructure. As a frequent target for state sponsored hackers, you will work with colleagues throughout UCSD and UCSD Health on techniques for detecting such attacks, and working with the security engineering and risk and compliance teams, recommend mitigations to these.
- Provides leadership and supervision to the incident response staff and performs highly technical customer support to organization users. Manages the incident response and threat detection function, including the creation and curation of runbooks, tabletop exercises, and integration with the NOC/SOC and security engineering team.
- Proactively analyzes network and systems traffic, event logs, and threat intelligence data, to properly identify and triage susceptibility of core campus technical assets, determine likelihood of exploitation and implement and/or refine preventative and detective security controls
- Participates in the development and monitoring of policies and procedures for department or department operations.
- Assesses, analyzes, and consults on the security of information assets - networks, endpoints, databases, applications, services, platforms, environments, etc. Contributes to asset inventory and categorization processes.
Must be able to obtain Federal Secret security clearance if needed.
Demonstrated skill at analyzing and preventing security incidents of high complexity.
Experience leading a team of IT or Security professionals.
Ability to elicit and communicate technical and non-technical information in a clear and concise manner.
Advanced interpersonal skills sufficient to work effectively with both technical and non-technical personnel at various levels in the organization
Experience mentoring, coaching, and developing junior or less experience staff.
* CISSP, GIAC or similar certifications preferred.
Our employees enjoy competitive compensation packages and educational opportunities in a diverse, stimulating workforce. This position is eligible for full: - Health/Dental/Vision Insurance- Vacation/Holidays - Life Insurance- UC Retirement Plan.
For more information about UCSD Benefits visit - http://blink.ucsd.edu/HR/benefits/index.html and UCSD Work/Life visit https://blink.ucsd.edu/HR/benefits/work-life/index.html
To calculate an approximate value of the UC Total Compensation package, please click here: http://ucnet.universityofcalifornia.edu/compensation-and-benefits/total-compensation-calculator.php
Employee must be available to work evenings and weekends.Employee must be available to travel as required.Job offer is contingent on clear background check.Must be able to obtain Federal Secret security clearance if needed.
Job offer is contingent on successful engagement in the UC COVID-19 Vaccination program (fully vaccinated with documented proof or approved exception/deferral).
The University of California is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, age, protected veteran status, gender identity or sexual orientation. For the complete University of California nondiscrimination and affirmative action policy see: http://www-hr.ucsd.edu/saa/nondiscr.html
UC San Diego is a smoke and tobacco free environment. Please visit smokefree.ucsd.edu for more information.