Marina del Rey, California
San Diego, California
Los Angeles, California
San Diego, California
La Jolla, California
La Jolla, California
La Jolla, California
Fresno, California, California
Newport Beach, California
La Jolla, California
Silicon Valley, California
San Jose, California
Location: Marina del Rey, California
Internal Number: REQ20131749
The University of Southern California (USC), founded in 1880, is part of the vibrant Los Angeles economy and is the largest private employer in the City of Los Angeles. As an employee of USC, you will be a part of a world-class research university. The University of Southern California/Information Sciences Institute (part of the Viterbi School of Engineering) is one of the nationâs largest, most successful university-affiliated computer research institutes. Our work ranges from theoretical basic research, such as core engineering and computer science discovery, to applied research and development, such as design and modeling of innovative prototypes and devices.
This position is primarily located at USCâs research facility, ISI â Information Sciences Institute, in Marina del Rey, CA.Â It is beautiful and sunny in Marina del Rey, California. Our offices overlook the ocean and are just minutes from the beach.Â This is a full-time opportunity with a flexible, hybrid in-office schedule.
IT Senior Security Operations Engineer will be responsible for the configuration, maintenance, tuning, and optimization of the Enterprise Security tools/platforms to assist with the general IT security, response to security threats from various platforms and technologies.
The Engineer will also monitor and analyze the event correlation and incident data to identify trends, false positives, and provide enhancements where necessary to improve the efficacy of the security alerts. In this role the selected individual will assist the security team to collaborate with the Enterprise IT Operations to identify, build, secure, implement, and improve infrastructure and security tools to enable governance and risk management of enterprise environment on-prem infrastructure, software development pipelines, and cloud services. In addition, the individual is expected to have skills in system configuration, data analytics and preferably skills in programming or scripting languages.
The selected candidate must be able to obtain and maintain a Top Secret security clearance. Eligibility for this clearance requires U.S. citizenship.Â
This position will report to the IT Security Manager.
- To be a key member of the team and provide real time threat analysis, detection, and remediation. And carry out in-depth investigation on security events, raise incidents and support the Incident Management process.
- Provide analysis and treading of security log data and network traffic from many monitoring points. Respond to system generated alerts, analyze logs and traffic patterns.
- Assist in implement, maintain, and operate IT security boundaries, process, and tools by collaborating with System Architects, System/Network/Web/Desktop Administrators for general infrastructure and regulation required cyber security programs, DFARS/FISMA, and related assessment/accreditation processes. And to protect infrastructure from common threat vectors, vulnerabilities, and security and compliance misconfigurations.
- Act as Subject Matter Expert for IAM, DLP, WAF, EDR, MDM, SIEM, SOAR and Advanced Mail Security solutions and be able to manage, operate, and configure the systems to support day-to-day work, ensuring performance impact is monitored, appropriately applied and managed and that tools are always available with applicable updates.
- Support security team operations in vulnerability risk assessments, data protection and integrity containments, and investigations on related security violations/incidents.
- Work alongside server, network and desktop operation support and necessary stakeholders in effectively investigating and remediating incidents and security issues. Ensures senior management and staff are informed of any changes and updates promptly.
- Support the management and remediation of information security risks by researching security trends, new techniques used in unauthorized access of data attempts to pre-emptively eliminate the possibility of system breaches. And review the quality of the threat intelligence information received from the Information Security organization and provides constructive feedback to the organization based on the needs of the assigned area.
- Manage configuration baselines to provide guidance on how systems and endpoints are managed and hardened against security threats and vulnerabilities.
- Assist in building security test plans to ensure successful implementation of new/existing solutions. And develop secure process and documentation for identity and information system authorization, security management, and continuous monitoring.
- Supports the security engineering lifecycle to design, build, deploy, and manage enterprise infrastructure and solutions to enable compliance with university policies and standards.
- Support security engineering projects and engage in those that actively evaluate existing solutions, looking for areas of improvement.
- Ensures procedures and service level agreements are defined, tracked, and met. Provides input on the reporting and metrics captures by governance and risk management.
- Stays current with proven/emerging technologies that could strengthen security posture, as well as any changes in legal, regulatory, and technology environments which may affect operations.
- Performs other related duties as assigned or requested. The university reserves the right to add or change duties at any time.
- The selected candidate must be able to obtain and maintain a Top Secret security clearance. Eligibility for this clearance requires U.S. citizenship.Â
- Bachelorâs degree in a related field or equivalent experience and knowledge
- 6 years of hands-on experience with security engineering technologies and solutions (e.g., EDR/XDR, Cloud security tools, file integrity monitoring, information security configuration, data security platforms, CASB, DLP, IDS/IPS, firewalls).
- Experience with log management or security information management tools
- Excellent understanding of security controls frameworks (e.g., DFARS, FedRAMP, and NIST SP 800 Series)
- Excellent understanding of the security threat landscape
- Experience in creating and deploying security hardening guidelines. Proven understanding of CIS benchmarks and customer service metrics.
- Experience in managing different operating systems and configuration standards.
- Knowledge with Linux (Ubuntu/RedHat/CentOS), MacOS, Windows Operating Systems and Windows Domain. Excellent understanding of information security engineering process from acquisition, design, build, and operation.
- Knowledge of network security zones, firewalls, SIEMs, IDS and SOAR workflows. Knowledge of log formats for syslog, http logs, DB logs and how to gather forensics for traceability back to event. Knowledge of packet capture and analysis.
- Excellent understanding of the technology stack from OS, system, network, and applications.
- Ability to plan, organize and document complex system design activities.
- Knowledge of common internet protocols, network analysis, and network/security applications
- Demonstrated understanding of information security engineering implementation processes (e.g., acquisition, design, build, operation).
- Strong attention to detail with the ability to multi-task, prioritize, and manage time effectively and able to cope successfully under pressure and with shifting priorities.
- Ability to work off hours when needed.
- Excellent customer service skills, interpersonal skills and professional demeanor, and verbal and written communication skills
- Active Top Secret security clearance
- 2-3 years of experience as a System/Network Administrator or equivalent
- Experience with cyber security products (i.e., Nessus/Tenable, SentinelOne, DataDog, Splunk, etc.)
- Experience with Linux (Ubentu/RedHat/CentOS), MacOS and Windows Operating Systems and Windows Domain infrastructure (i.e., Windows Server 2016, Group Policy Objects, Active Directory)
- Experience with database administration, access management and systems/data backup, storage and recovery.
- Experience with configuration management products (i.e., Ansible, SCCM, Jamf, Chef, Puppet, etc.)
- Industry standard certifications such as:Â Â CompTIA Security+, CompTIA Network+, CompTIA CySa+, Cisco CCNA, ED-Council CEH, and/or relevant specialized degree in Cyber Forensics or Computer Science.
The annual base salary range for this position is $130,000 - $140,000. When extending an offer of employment, the University of Southern California considers factors such as (but not limited to) the scope and responsibilities of the position, the candidateâs work experience, education/training, key skills, internal peer equity, federal, state and local laws, contractual stipulations, grant funding, as well as external market and organizational considerations.
The University of Southern California values diversity and is committed to equal opportunity in employment.
Minimum Education: Bachelor's degreeAdditional Education RequirementsCombined experience/education as substitute for minimum educationMinimum Experience: 6 years deploying security engineering technologies and solutions (e.g., EDR/XDR, Cloud security tools, file integrity monitoring, information security configuration, data security platforms, CASB, DLP, IDS/IPS, firewalls).Addtional Experience RequirementsCombined experience/education as substitute for minimum work experienceMinimum Skills: Excellent understanding of information security engineering processes, from acquisition and design to build and operation.Excellent understanding of security controls frameworks (e.g., CIS Top20, NIST CSF, 800-53).Extensive experience defining and deploying security hardening guidelines.Proven subject matter expertise in the different technology stack from OS, system, network, application, etc.Excellent leadership and people management skills. Proven understanding of CIS benchmarks and customer service metrics.Experience managing different operating systems and configuration standards.Ability to plan, organize and document complex system design activities.Excellent written and oral communication skills, able to interact with a broad spectrum of people on a technical and professional level to share complex information.Proven analytical, consulting and problem-solving skills, with exceptional attention to detail.Excellent organizational skills and proven ability to manage multiple projects and priorities simultaneously.Ability to manage, teach and train others.Experience with database administration, access management and systems/data backup, storage and recovery.