Manager of Security Engineering and Services

Job Level
Mid-level position
Job Category
Manager / Supervisor
Sector
  • Information Technology
Job Status
Areas of Responsibility
  • Security
  • Services / Service Management

UC San Diego is ranked the 9th best public university in the nation by U.S. News and World Report and is the largest employer based in San Diego County. Reporting to the VC-CFO, Information Technology Services (ITS) delivers Enterprise services to the University of California, San Diego (UCSD) under the leadership of the campus Chief Information Officer (CIO).

Our employees enjoy competitive compensation packages and educational opportunities in a diverse, stimulating workforce. This position is eligible for full: 

  • Health/Dental/Vision Insurance

  • Vacation/Holidays (15 vacation days and 13 paid holidays a year)

  • Life Insurance

  • UC Retirement Plan.

Using state of the art processes and technologies, ITS empowers UC San Diego's mission: to transform California and the world as a student-centered, service, and research driven public university. We are a vital member of the UC San Diego community, we embrace innovation in our IT services and infrastructure and seek individuals who are customer-focused and committed to collaboration, diversity, continuous improvement, and accountability. The Manager of Security Engineering and Services leads the day to day operations of security services and is deeply involved in security architecture and engineering. ITS is rapidly executing a cloud-first strategy, migrating our data centers to AWS and re-engineering our enterprise systems (finance, student, Identity, infrastructure) and requiring careful attention to security. As a service organization we support a large distributed IT community in helping secure the campus computing environment. 

Responsibilities:

  • You will work with the Chief Information and Security Officer (CISO) and will provide enterprise security services and infrastructure required to fulfill the security and privacy goals of the University.

  • You will lead a team of security analysts and specialists who are responsible for the design, deployment and administration of security services, as well as acting as domain authorities for internal and campus units. Examples of these customer-facing services include: network firewalls, client VPN, web proxies, SSL certificates, anti-malware, AWS regions, and vulnerability scanning systems.

  • Co-manager of the Security Operations Center (SOC)

  • Plays a key role in our cloud strategy, partnering with networking and our enterprise architecture board as a SME for security design patterns.

  • As a senior part of the CISO's team you will develop and implement strategic initiatives for the security office, providing direction and mentorship to staff.

Preferred Qualifications:

  • Tell us about your professional security certifications, degrees, or training completed such as CISSP, GIAC, CCIE/CCNA Security, ITIL though they are not required.

QUALIFICATIONS

  • Bachelor’s degree or equivalent work experience with an emphasis in computer science, data processing, computer information systems, or in a closely-related field, and six (6) years of related experience in information security in an enterprise environment or ten (10) years of recent meaningful experience.

  • Demonstrated skill in leading technical staff; experience leading, developing, encouraging and enabling technical staff across multiple disciplines and functions (network, application, endpoint, security, project management, etc.).

  • Advanced knowledge of IT security. We prefer experience with network protection (Cisco/Juniper network/firewall, VPN, IDS/IPS, SIEM, and proxy systems), endpoint protection (AV, vulnerability scanning, patch management, disk encryption, and MDM systems), and application and information protection (web application scanning, certificate, DLP, database/file security, and password management) systems within an enterprise environment

  • Demonstrated experience in running security operations in an enterprise academic and research environment. Experience with risk management, system assessments, system hardening practices, cloud security, etc.

  • Knowledge of PCI, HIPAA, FERPA, ITAR, NIST, and ISO27k policies and security frameworks. Familiarity with PCI compliance and SAQ attestations and implementing required security controls.

  • Broad knowledge of other areas of IT. Knowledge of networking technology (WAN/LAN, TCP/IP, OSI model, routing, DNS, DHCP, ARP, web proxies, wireless, etc.). Experience in log parsing tools such as grep, awk, sed, regex and Splunk.

SPECIAL CONDITIONS

Job offer is contingent on clear Background Check. Must be willing and able to travel. Occasional evenings and weekends may be required. Ability to obtain and maintain a DOD security clearance.