[Micronet] Job posting: IT Security Analyst 3

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[Micronet] Job posting: IT Security Analyst 3

Allison Henry
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Micronetters, we are currently recruiting for an IT Security Analyst 3
to maintain internal systems and provide support to our Security
Operation programs. Please see the full job description below and if
interested apply at jobs.berkeley.edu.

Also, we will be posting an additional Security Analyst 4 position
shortly, which will focus on development and systems integration.

- --
Allison Henry
System and Network Security
University of California, Berkeley
http://security.berkeley.edu


Job Title: IT Security Analyst 3 #16025 (7338U)
Job ID:    16025
Location:  Main Campus-Berkeley

This position is part of the Security Operations team and reports to
the Operations manager. The position is a one-year contract with the
potential to extend.

Responsibilities

• Maintain security operations environment and working with other
operations staff to implement and extend security operations programs.

• Maintain the operations environment includes system administration
work: managing hardware replacement cycles, updating the standard RHEL
image, documentation of the baseline image and machines, coordinating
with other security staff to install and configure additional software
on top of the baseline image, very aggressive system patching, account
management, monitoring of services, responding to monitoring alerts,
and monitoring the backup process.

• Implementing several efficiency-related projects to system
administration will be an early responsibility for the position.

• Implement and extend security operations programs covers a very wide
array of activities, but will focus initially on log collection and
analysis in our SIEM deployment.

• Design and implement various logging and log relay strategies to
receive logs from a diverse set of applications and technologies on
campus managed by different teams, receiving and processing data from
critical infrastructure (BigFix, flow data, Secunia, hardware
firewalls, load balances, Active Directory, Kerberos, and others),
maintaining and ensuring logs from campus groups meet minimum
requirements, writing custom parsers for unusual log formats,
developing correlations in the SIEM, analyzing logs, and responding to
potentially critical security alerts identified by this log analysis.

• Future efforts will include tuning of operation security systems
(Nessus, Snort, Intrushield, Bro, and others), work with network taps
including potentially 100Gbit networking and openflow, evaluation of
new security software and appliances in order to meet specific
security standard objectives for campus, and participation in design
discussions for changes to the operational environment.

Required Qualifications

Three or more years of experience managing RHEL systems is required,
including experience with hardware, basic networking, secure
configuration, monitoring and backups. A strong interest in security
and ability to demonstrate an understanding of security concepts is
essential. Knowledge of and ability to adhere to security best
practices for supported platforms is essential, including system
hardening, monitoring, hardware/host firewall configuration and
management, etc. Strong written communication skills, in order to
clearly document system design, configuration, and security practices,
are also required. Experience with two or more of the following is
required:

• Virtualization technologies
• Vulnerability scanning and detection
• Intrusion detection
• Log collection and analysis
• Web servers
• Virtualized networking, Openflow, IPv6 or other beyond-the-basics
networking

The ideal candidate has a strong desire to learn about the topics on
the above list which are not already known

Preferred Qualifications

• Experience with Network Intrusion Detection Systems
• Windows, Mac or BSD administration experience
• Bash, perl or python scripting experience
• Familiarity with hardening standards such as CIS, NIST, NSA
• GSEC certification

Salary & Benefits

For information on the comprehensive benefits package offered by the
University visit:

http://atyourservice.ucop.edu/forms_pubs/misc/benefits_of_belonging.pdf

How to Apply

Please visit jobs.berkeley.edu and search for this posting for this
posting. Please submit your cover letter and resume as a single
attachment when applying.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlHIuy8ACgkQKzbis0Yjv2263ACgmuw4WDUaqsOvkBGnpmdWHmCc
k/AAn09HJZz0x9A/GVkQqAuo0okUnvay
=KHBi
-----END PGP SIGNATURE-----

 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.