The position will be working with the Information Security Engineering and System Engineering Domains.
- Application security testing and training (Ad-hoc)
- Provide interactive application security testing of California Department of Public Health (CDPH) applications as requested
- Perform re-tests, as necessary, to validate any remediation of findings by CDPH
- Provide overview/training to CDPH Security Operations Center (SOC) staff via screen sharing during interactive application security testing
- Provide overview/training on other CDPH testing tools used during engagement, e.g. SQLMap, Postman
- Reporting
- Provide output from Burp Suite applications testing and manual penetration testing in the form of actionable reports delivered to SOC staff within the mutually agreed to timeframe established prior to testing
- Provide remediation steps/recommendations for all vulnerabilities found
- Provide guidance to SOC staff on producing similar reports
The final salary and offer components are subject to additional approvals based on UC policy.
To see the salary range for this position (we recommend that you make a note of the job code and use that to look up): TCS Non-Academic Titles Search (https://tcs.ucop.edu/non-academic-titles)
Please note: An offer will take into consideration the experience of the final candidate AND the current salary level of individuals working at UCSF in a similar role.
For roles covered by a bargaining unit agreement, there will be specific rules about where a new hire would be placed on the range.
To learn more about the benefits of working at UCSF, including total compensation, please visit: https://ucnet.universityofcalifornia.edu/compensation-and-benefits/index.html
Department Description
The California Department of Public Health is dedicated to optimizing the health and well-being of the people in California. Immunizations are one of public health’s greatest achievements. Vaccines help prevent diseases and help keep Californians of all ages healthy. The Immunization program provides leadership and support to public and private sector efforts to protect the population against vaccine-preventable diseases.
Required Qualifications
- Bachelor's degree in related area and / or equivalent experience / training
- 3+ years directly related experience
- Experience using IT security systems and tools. Knowledge of data encryption techniques.
- Experience analyzing logs for security breaches
- Experience in incident response or digital forensics or data collection, examination or analysis
- Basic skill at reading and interpreting security logs
- Ability to follow department processes and procedures
- Interpersonal skills sufficient to work effectively with both technical and non-technical personnel at various levels in the organization
- Knowledge of other areas of IT, department processes and procedures
- Demonstrated skills applying security controls to computer software and hardware
- Demonstrated skill at administering complex security controls and configurations to computer hardware, software and networks
- Knowledge of computer hardware, software and network security issues and approaches
- Demonstrated experience selecting and applying appropriate data encryption technologies
Preferred Qualifications
- Certified Ethical Hacker (CEH)
- GIAC Certified Penetration Tester (GPEN)
- PenTest+
- EC-Council Certified SOC Analyst (ECSA)
- Certified Expert Penetration Tester (CEPT)
About UCSF
Pride Values
In addition to our PRIDE values, UCSF is committed to equity – both in how we deliver care as well as our workforce. We are committed to building a broadly diverse community, nurturing a culture that is welcoming and supportive, and engaging diverse ideas for the provision of culturally competent education, discovery, and patient care. Additional information about UCSF is available at diversity.ucsf.edu
Join us to find a rewarding career contributing to improving healthcare worldwide.
Equal Employment Opportunity
Organization
Job Code and Payroll Title
Job Category
Bargaining Unit
Employee Class
Percentage
Location
Shift
Shift Length
Additional Shift Details