DESCRIPTION

Primary responsibility involves ensuring cybersecurity security solutions are properly integrated with technologies to maximize benefit and achieve security objectives to protect data, systems, networks and cloud resources used throughout UC San Diego Health. Plans, configures, designs, develops, implements and maintains tools, systems and procedures to insure the integrity, reliability and security of data, systems and networks. Technical leader with a high degree of knowledge in the overall field of cybersecurity and recognized expertise in specific areas. Problem-solving skills frequently requiring analysis of unique issues / problems without precedent and / or structure. Manage projects that include formulating strategies, processes, functions, budget and resources needed with a high degree of autonomy.

MINIMUM QUALIFICATIONS

• Nine (9) years of related experience, education/training, OR a Bachelor's Degree in related area plus five (5) years of related experience/training. Note: Related experience includes selecting security solutions to be used across an enterprise based upon specific security goals, determine and plan how the solution would be deployed to meet objectives, execute deployment and transition support to operational teams. Experience evaluating existing security solutions and identifying opportunities to get more value by leveraging unused capabilities or new features after upgrading the system.

• Thorough understanding of the risk assessment requirements and demonstrated skills to help conduct, analyze and document risk assessments at the enterprise level as defined in HIPAA and HITECH.

• Advanced knowledge of IT security. Extensive expertise in conducting technology risk assessments. Advanced experience with implementing security controls for web application, cloud solutions, networks, endpoints using industry preferred security solutions to protect sensitive data and critical infrastructures.

• Demonstrated skill at administering complex security controls and configurations to computer hardware, software and networks.

• Understanding of network/host firewalls, application gateways/proxies, anti-malware, patch management, disk encryption, centralized configuration, log management, system hardening practices, etc.

• Proven skills applying security controls to computer software and hardware. Solid understanding of information security policies, standards, industry best practices, and frameworks. (ISO 27K, NIST 800-115, PCI DSS, HIPAA, FERPA, etc.).

• Broad knowledge of other areas of IT. Knowledge of networking technology.

• Advanced knowledge of data encryption technologies and experience selecting and applying appropriate data encryption technologies. Expert understanding of cryptography and strengths/weaknesses of various encryption ciphers and hash functions.

• Demonstrated skill at analyzing and preventing security incidents of high complexity.

• Thorough knowledge of secure hardware, software and network design techniques. Ability to give work direction, create task assignments, and give instructions to subordinate technical staff to accomplish project goals/milestones.

• Ability to effectively prioritize tasks, manage time, organize activities and deliver overall high productivity. Works with a high degree of autonomy. Ability to function well in stressful situations, under tight deadlines, and in a generally fast-paced work environment

• Advanced interpersonal skills sufficient to work effectively with both technical and non-technical personnel at various levels in the organization. Ability to quickly develop knowledge of department processes and procedures.

PREFERRED QUALIFICATIONS

• Healthcare experience
• Experience selecting, architecting and implementing security controls for Microsoft O365 and Amazon Web Services to protect identifiable, or other highly sensitive data.

SPECIAL CONDITIONS

• Must be able to work various hours and locations based on business needs.
• Employment is subject to a criminal background check and pre-employment physical.