University of California - San Francisco
Network Security Engineer
University of California - San Francisco, San Francisco, California, United States, 94199
Overview
Network Security Engineer within the University of California, San Francisco's (UCSF) Information Technology (IT) department. The role ensures the security and integrity of UCSF's network infrastructure and supports the planning, design, optimization, implementation, audit, and troubleshooting of network security systems. The Engineer partners with security operations, governance, and system administrators to design and deploy solutions to harden UCSF platforms. Responsibilities
Configure/Install and manage network security devices and technologies including Firewalls, DNS/DHCP/IPAM, VPN, Network Access Control, Web Filtering, CASB and SASE systems, Intrusion Detection/Prevention, Network Packet Brokers, and Network Traffic Visibility solutions. Fulfill project requests for clients (Firewall Policy, VPN tunnel creation, DDI, CASB Incident Response, applying web filter entries, etc.). Manage and mitigate vulnerabilities for devices backed by the Network Security Team. Resolve problems and break/fix incidents on the enterprise network and its network security systems. Provide administrative-level technical network security implementation for enterprise and Data Center environments of UCSF. Assist in the development of network device hardening standards. Apply professional communications concepts, industry practices, and relevant policies to resolve highly complex issues. Establish methods, techniques and evaluation criteria to obtain results. Interface with management, IT-Security and vendors to develop and implement new solutions to meet business requirements. Serve as an escalation point for junior staff. Salary and Benefits
The final salary and offer components are subject to additional approvals based on UC policy. Your placement within the salary range is dependent on work experience and internal equity within this position classification at UCSF. For positions represented by a labor union, placement within the salary range will be guided by the rules in the collective bargaining agreement. The salary range for this position is $136,000 - $204,000 (Annual Rate). To learn more about the benefits of working at UCSF, including total compensation, please visit: https://ucnet.universityofcalifornia.edu/compensation-and-benefits/index.html Department Description
University of California, San Francisco (UCSF) is a leading academic healthcare organization. Infrastructure Services (IS) provides 24/7 support and upholds high standards of responsiveness and reliability. The Network Security Engineer reports to the Manager, Network Security, and is responsible for the physical design, documentation, and implementation of network security services. The department supports clinical, research, and academic environments and emphasizes innovation and excellence. Required Qualifications
Bachelor's Degree, or equivalent combination of experience/training in relevant fields. 5-7 years of experience in network services, information technology, network security, or network operations. Cisco Certified Network Professional (CCNP) or equivalent. Advanced knowledge of network security devices, features, and technologies (firewalls, IDS/IPS, NAC, web filtering, CASB/SASE, etc.). Advanced knowledge of VPN technologies, security protocols, and authentication services. Strong understanding of enterprise TCP/IP networks (OSPF, STP, 802.1Q, QoS, tunneling, etc.). Experience with private/public cloud security architectures (e.g., AWS, Azure). Experience with Cisco and Juniper Routing and Switching; ability to diagnose and resolve complex network issues; on-call rotation experience. Excellent communication and analytical skills; ability to present to stakeholders; ability to work independently and in a team. Preferred Qualifications
Juniper Routing and Switching expertise. Experience with SASE, CASB, network device management tools. Structured cabling systems knowledge; experience with packet/flow analysis; scripting (Python/Bash); monitoring tools. Palo Alto Networks CNSE, CISSP, AWS certifications; other CCNP certifications. License/Certification
CCNP or equivalent. About UCSF
UCSF is a leading university dedicated to health sciences, with a focus on research, education, and patient care. We emphasize innovation and excellence in IT services to support our mission. Pride Values
UCSF values professionalism, respect, integrity, diversity, and excellence. We commit to equity and a diverse community, welcoming diverse ideas for education, discovery, and patient care. For more information, visit diversity.ucsf.edu. Equal Employment Opportunity
The University of California is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, age, protected veteran status, or other protected status under state or federal law. Organization
Campus Job Code and Payroll Title
000545 COMM AND NETWORK TCHL ANL 4 Job Category
Clinical Systems / IT Professionals Bargaining Unit
99 - Policy-Covered (No Bargaining Unit) Employee Class
Career Percentage
100% Location
San Francisco, CA Campus
Mission Center Building (SF) Work Style
Flexible Shift
Days Shift Length
8 Hours Additional Shift Details
Mon-Fri, 9-5, as required after hours support
#J-18808-Ljbffr
Network Security Engineer within the University of California, San Francisco's (UCSF) Information Technology (IT) department. The role ensures the security and integrity of UCSF's network infrastructure and supports the planning, design, optimization, implementation, audit, and troubleshooting of network security systems. The Engineer partners with security operations, governance, and system administrators to design and deploy solutions to harden UCSF platforms. Responsibilities
Configure/Install and manage network security devices and technologies including Firewalls, DNS/DHCP/IPAM, VPN, Network Access Control, Web Filtering, CASB and SASE systems, Intrusion Detection/Prevention, Network Packet Brokers, and Network Traffic Visibility solutions. Fulfill project requests for clients (Firewall Policy, VPN tunnel creation, DDI, CASB Incident Response, applying web filter entries, etc.). Manage and mitigate vulnerabilities for devices backed by the Network Security Team. Resolve problems and break/fix incidents on the enterprise network and its network security systems. Provide administrative-level technical network security implementation for enterprise and Data Center environments of UCSF. Assist in the development of network device hardening standards. Apply professional communications concepts, industry practices, and relevant policies to resolve highly complex issues. Establish methods, techniques and evaluation criteria to obtain results. Interface with management, IT-Security and vendors to develop and implement new solutions to meet business requirements. Serve as an escalation point for junior staff. Salary and Benefits
The final salary and offer components are subject to additional approvals based on UC policy. Your placement within the salary range is dependent on work experience and internal equity within this position classification at UCSF. For positions represented by a labor union, placement within the salary range will be guided by the rules in the collective bargaining agreement. The salary range for this position is $136,000 - $204,000 (Annual Rate). To learn more about the benefits of working at UCSF, including total compensation, please visit: https://ucnet.universityofcalifornia.edu/compensation-and-benefits/index.html Department Description
University of California, San Francisco (UCSF) is a leading academic healthcare organization. Infrastructure Services (IS) provides 24/7 support and upholds high standards of responsiveness and reliability. The Network Security Engineer reports to the Manager, Network Security, and is responsible for the physical design, documentation, and implementation of network security services. The department supports clinical, research, and academic environments and emphasizes innovation and excellence. Required Qualifications
Bachelor's Degree, or equivalent combination of experience/training in relevant fields. 5-7 years of experience in network services, information technology, network security, or network operations. Cisco Certified Network Professional (CCNP) or equivalent. Advanced knowledge of network security devices, features, and technologies (firewalls, IDS/IPS, NAC, web filtering, CASB/SASE, etc.). Advanced knowledge of VPN technologies, security protocols, and authentication services. Strong understanding of enterprise TCP/IP networks (OSPF, STP, 802.1Q, QoS, tunneling, etc.). Experience with private/public cloud security architectures (e.g., AWS, Azure). Experience with Cisco and Juniper Routing and Switching; ability to diagnose and resolve complex network issues; on-call rotation experience. Excellent communication and analytical skills; ability to present to stakeholders; ability to work independently and in a team. Preferred Qualifications
Juniper Routing and Switching expertise. Experience with SASE, CASB, network device management tools. Structured cabling systems knowledge; experience with packet/flow analysis; scripting (Python/Bash); monitoring tools. Palo Alto Networks CNSE, CISSP, AWS certifications; other CCNP certifications. License/Certification
CCNP or equivalent. About UCSF
UCSF is a leading university dedicated to health sciences, with a focus on research, education, and patient care. We emphasize innovation and excellence in IT services to support our mission. Pride Values
UCSF values professionalism, respect, integrity, diversity, and excellence. We commit to equity and a diverse community, welcoming diverse ideas for education, discovery, and patient care. For more information, visit diversity.ucsf.edu. Equal Employment Opportunity
The University of California is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, age, protected veteran status, or other protected status under state or federal law. Organization
Campus Job Code and Payroll Title
000545 COMM AND NETWORK TCHL ANL 4 Job Category
Clinical Systems / IT Professionals Bargaining Unit
99 - Policy-Covered (No Bargaining Unit) Employee Class
Career Percentage
100% Location
San Francisco, CA Campus
Mission Center Building (SF) Work Style
Flexible Shift
Days Shift Length
8 Hours Additional Shift Details
Mon-Fri, 9-5, as required after hours support
#J-18808-Ljbffr