Under the general direction of the Information Security Operations Center (SOC) Manager, the Information Security Endpoint Analyst executes and refines endpoint security investigation processes and participates in the incident response process in cases of confirmed compromise.
Specializing in Endpoint Detection and Response (EDR) analytics and associated incident response, this position's primary responsibilities involve analyzing EDR generated alerts, correlating alerts with the underlying endpoint activity and responding to evolving security incidents.
Conducts associated network security investigations with duties that extend the scope of EDR investigations to strengthen our organization's overall security posture. This involves correlating endpoint events to network traffic logs, iterating over endpoint and network events to trace the extent of the incident, and quarantining activity in cases of critical compromise.
This role also serves as the contact point for the intake of EDR based security incidents received from campus units and from third-party managed defense services. Responsible for conducting standard incident investigation workflows and for refining associated playbooks to increase SOC incident response maturity address the changing threat landscape.
The analyst also assists in EDR agent deployment and configuration of the EDR system console to match UC Davis specific requirements. This includes specialized security rules based upon use case, tuning the configuration to optimize performance and maintaining deployment scripts and methods.
To see IET job postings, please visit https://iet.ucdavis.edu/jobs
NO VISA SPONSORSHIP IS AVAILABLE FOR THIS POSITION
Apply By Date
11/25/2024 at 11:59pm
For Full Consideration Apply by 11/8/2024
Minimum Qualifications
For full consideration, applicants are encouraged to upload license, certification and/or educational degree if required of the position.
- Bachelor's degree in a STEM discipline or equivalent experience.
- Experience in cyber security, with a focus on EDR analytics and incident response.
- Experience with network security investigation and analysis.
- Knowledge of EDR tools and technologies (e.g., CrowdStrike, MS Defender for Endpoint, Trellix EDR, Sentinel One, etc.).
- Knowledge of analyzing security information and event management (SIEM) systems and familiarity with common operational security frameworks and standards (e.g., NIST, MITRE ATT&CK).
Preferred Qualifications
- Experience with EDR tools and technologies.
- Ability to work under pressure and manage multiple investigations simultaneously.
- Knowledge of API data access and scripting languages (e.g., Python, PowerShell).
- Interpersonal and written communication skills to communicate with all hierarchical and technical levels.
- Problem-solving skills and detail orientation to define and analyze issues and implement solutions independently and as part of a team.
Key Responsibilities
- 60% - Endpoint Detection and Response (EDR) Alert Investigations
- 20% - Network Security Investigation
- 20% - Other Duties
Department Overview
The Information Security Office (ISO), a division of Information & Educational Technology (IET), helps protect the confidentiality, availability, and integrity of UC Davis' information assets through consultation, services, and programs.
Department Specific Job Scope
The Information Security Endpoint Analyst works with other staff members and campus units to establish and maintain a strong and adaptive security posture that supports the mission of the University and protect the confidentiality, integrity, and availability of information assets owned or entrusted to UC Davis.
POSITION INFORMATION
- Salary or Pay Range: $99,400/yr. - $196,400/yr.
- Salary Frequency: Monthly
- Salary Grade: Grade 25
- UC Job Title: IT SCRTY ANL 4
- Number of Positions: 1
- Appointment Type: Staff: Career
- Percentage of Time: 100% Fixed
- Shift Hours: M-F, 8-5pm. Other hours may be required.
- Location: Davis/Hybrid In-State Only (Required to work onsite 4 days each week, remotely 1 day each week)
- Union Representation: 99 - Non-Represented (PPSM)
- Benefits Eligible: Yes
- Hybrid/Remote/Onsite: Hybrid In-State Only (Required to work onsite 4 days each week, remotely 1 day each week)
Benefits
Outstanding benefits and perks are among the many rewards of working for the University of California. UC Davis offers a full range of benefits, resources and programs to help you bring your best self to work, as well as to help you and your family achieve your health, wellness, financial and career goals. Learn more about the benefits below and eligibility rules by visiting either our handy Benefits Summary for UC Davis Health Employees or Benefits Summary for UC Davis Employees and our Benefits Page.
If you are represented by a union, benefits are negotiated between the University of California (UC) and your union and finalized in a contract. Read your bargaining unit's employment contract, stay abreast of current negotiations and learn about collective bargaining at UC: https://ucnet.universityofcalifornia.edu/labor/bargaining-units/index.html
* High quality and low-cost medical plans to choose from to fit your family's needs
* UC pays for Dental and Vision insurance premiums for you and your family
* Extensive leave benefits including Pregnancy and Parental Leave, Family & Medical Leave
* Paid Holidays annually as stipulated in the UC Davis Health Policies or Collective Bargaining Agreement
* Paid Time Off/Vacation/Sick Time as stipulated in the UC Davis Health Policies or Collective Bargaining Agreement
* Continuing Education (CE) allowance and Education Reimbursement Program as stipulated in the UC Davis Health Policies or Collective Bargaining Agreement
* Access to free professional development courses and learning opportunities for personal and professional growth
* WorkLife and Wellness programs and resources
* On-site Employee Assistance Program including access to free mental health services
* Supplemental insurance offered including additional life, short/long term disability, pet insurance and legal coverage
* Public Service Loan Forgiveness (PSFL) Qualified Employer & Student Loan Repayment Assistance Program for qualified roles
* Retirement benefit options for eligible roles including Pension and other Retirement Saving Plans. More information on our retirement benefits can be found here
* UC Davis cares about building a community, which is why we provide resources to enhance diversity, equity and inclusion as well as Employee Resource Groups (ERGs) to support our staff
Physical Demands
- Standing - Occasional Up to 3 Hours
- Walking - Occasional Up to 3 Hours
- Sitting - Continuous 6 to 8+ Hours
- Lifting/Carrying 0-25 Lbs - Occasional Up to 3 Hours
- Keyboard use/repetitive motion - Continuous 6 to 8+ Hours
Mental Demands
- Sustained attention and concentration - Continuous 6 to 8+ Hours
- Complex problem solving/reasoning - Frequent 3 to 6 Hours
- Ability to organize & prioritize - Frequent 3 to 6 Hours
- Communication skills - Frequent 3 to 6 Hours
- Numerical skills - Occasional Up to 3 Hours
- Constant Interaction - Occasional Up to 3 Hours
- Customer/Patient Contact - Occasional Up to 3 Hours
- Multiple Concurrent Tasks - Frequent 3 to 6 Hours
Work Environment
- Occasionally work flexible, alternate, and/or extended hours including nights and weekends to address specific operational needs. Occasional travel to locations on and off campus. Vacation is restricted during peak work periods. Adhere to workplace safety practices, read information communicated about workplace safety, complete required safety training on time, and report any workplace safety issues promptly to their supervisor or the designated safety coordinator.
- UC Davis is a smoke and tobacco free campus effective January 1, 2014. Smoking, the use of smokeless tobacco products, and the use of unregulated nicotine products (e-cigarettes) will be strictly prohibited on any UC Davis owned or leased property, indoors and outdoors, including parking lots and residential space.
Special Requirements
- This is a critical position, as defined by UC policy and local procedures, and as such, employment is contingent upon successful completion of background check(s), including but not limited to criminal record history background check(s)
Diversity, Equity, Inclusion and Belonging
At UC Davis, we're solving life's most urgent challenges to bring a fuller, healthier, and more resilient world within reach. We grow from every challenge we take on and we don't just maintain - we improve. We recognize that creating an inclusive and intellectually vibrant organization means understanding and valuing both our individual differences and our common ground. The most comprehensive solutions come from the most diverse minds and you belong here. As you consider joining UC Davis, please explore our Principles of Community, our Clinical Strategic Plan and strategic vision for research and education, and our latest efforts to outgrow the expected. The University of California, Davis is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, age or protected veteran status.
For the University of California's Affirmative Action Policy, please visit: https://policy.ucop.edu/doc/4010393/PPSM-20
For the University of California's Anti-Discrimination Policy, please visit: https://policy.ucop.edu/doc/1001004/Anti-Discrimination
Because we want you to be seen, our recruiting process at UC Davis fosters authenticity, diversity, and inclusion. Studies have shown that some people may not apply to jobs unless they meet every single qualification. Each unique role at UC Davis has a set of requirements and you could be perfect for this role, or you could be perfect for the next role! Don't meet all the requirements? We still encourage you to apply! #YouBelongHere