University of California - Santa Barbara
Security Operations Engineer / Senior Security Operations Engineer
University of California - Santa Barbara, Santa Barbara, California, us, 93190
Department Marketing Statement
There is a reason UCSB has been named the Best Place to Work by our local media for several years running. Whether our employees are on our stunning campus, or working remotely or hybrid, they tell us they value the flexibility, stability and rich benefits we offer. Come join us as we support the mission of one of the finest public institutions in the nation. UC Santa Barbara is consistently recognized for excellence across broad fields of study. Set alongside the glorious California coast, our dynamic environment inspires scholarly ambition and creativity. Benefits of Belonging
Working at UC means being part of this vibrant institution that shines a light on what is possible. People make UC great, and UC recognizes your contributions by making this a great place to work. Excellent retirement and health are just one of the rewards. Brief Summary of Job Duties
This position may be filled at the Security Operations Engineer (IT Security Analyst 3) or Senior Security Operations Engineer (IT Security Analyst 4) level. The successful candidate will be hired at the level that is commensurate with their skills, knowledge, and experience. Security Operations Engineer (IT Security Analyst 3)
The Security Operations Engineer works within the Information Technology Services' Office of Information Security unit. This role is a member of the campus Security Operations and Engineering team, responsible for assisting with the administration and operations of core information security systems and tools. The position supports the Security Operations team in vital cybersecurity functions, including identifying network, systems, and applications and responding to compromises and incidents. The Security Operations Engineer assists with the deployment, configuration, operations, and maintenance of the enterprise's information security infrastructure. This includes, but is not limited to, supporting new security tools and technologies such as vulnerability management, intrusion detection and prevention, endpoint detection and response, logging, SIEM (Security Information and Event Management), and ticketing and case management. The Security Operations Engineer may also provide support during cybersecurity investigations or incidents. Senior Security Operations Engineer (IT Security Analyst 4)
The Senior Security Operations Engineer serves in the Information Technology Services' Office of Information Security unit and is a senior member of the campus Security Operations and Engineering team. Primary responsibility involves overseeing system engineering and administration of core information security systems and tools. The Senior Security Operations Engineer is responsible for the deployment, configuration, operations and maintenance of the enterprise's complex information security infrastructure. This role is also responsible for the continued deployment of new information security tools and technologies throughout the enterprise, including, but not limited to: asset discovery, vulnerability management, cloud security, code security, intrusion detection & prevention, network detection and response, endpoint detection and response, logging, SIEM (Security Information and Event Management), orchestration and automation, and ticketing and case management. The Senior Security Operations Engineer may also provide incident response support to security staff during complex cybersecurity investigations, breaches, or other important incidents. Required Qualifications (IT Security Analyst 3)
A Bachelor's degree in a related area and/or equivalent experience/training. 5-7 years of Information Technology experience. 2-4 years of experience using IT security systems and tools. 2-4 years of experience analyzing and interpreting security event logs. Some experience with cloud security tools and techniques. Preferred Qualifications (IT Security Analyst 3)
Knowledge of information security principles and technology. Knowledge of vulnerability management systems and endpoint detection and response systems. Experience in systems administration and infrastructure. Understanding of network traffic analysis, endpoint log analysis, remote access methods and systems, firewalls, encryption, authentication and authorization technology. Experience in incident response and digital forensics. Understanding of cloud computing (AWS, GCP, and/or Azure) security concepts. Understanding of the OSI networking model. Understanding of cybersecurity models like NIST Cyber Security Framework, the Cyber Kill Chain, and MITRE ATT&CK Framework. Required Qualifications (IT Security Analyst 4)
Bachelor's degree in related area and/or equivalent experience/training. 7-9 years Information Technology experience. 7-9 years Advanced skills in systems administration and infrastructure support. 4-6 years Advanced experience using IT security systems and tools. 4-6 years Advanced skill analyzing and interpreting security event logs. 1-3 years Experience with cloud security tools and techniques. Preferred Qualifications (IT Security Analyst 4)
Advanced knowledge of information security principles and technology. Advanced knowledge of vulnerability management systems, intrusion detection/prevention systems, and endpoint detection and response systems. Experience in systems administration and infrastructure, containers. Experience with DevSecOps and security automation tools. Understanding of network traffic analysis, endpoint log analysis, remote access methods and systems, stateful inspection firewalls, encryption, authentication and authorization technology. Advanced experience in incident response and digital forensics including data collection, examination, and analysis. Applied knowledge of cloud computing (AWS, GCP, and/or Azure) security concepts. Ability to quickly learn new or unfamiliar technologies and products, independently using documentation and online resources. Advanced knowledge of data encryption technologies and experience selecting and applying appropriate data encryption technologies. Applied understanding of OSI networking model. Applied knowledge of cybersecurity models- NIST Cyber Security Framework, NIST 800-171, the Cyber Kill Chain and MITRE ATT&CK Framework. Demonstrated skills applying security controls to computer software and hardware. Advanced interpersonal skills sufficient to work effectively with both technical and non-technical personnel across multiple distributed departments and IT organizations across campus. Special Conditions of Employment
Satisfactory conviction history background check. UCSB is a Tobacco-Free environment. Misconduct Disclosure Requirement
As a condition of employment, the final candidate who accepts a conditional offer of employment will be required to disclose if they have been subject to any final administrative or judicial decisions within the last seven years determining that they committed any misconduct; received notice of any allegation or are currently the subject of any administrative or disciplinary proceedings involving misconduct; have left a position after receiving notice of allegations or while under investigation in an administrative or disciplinary proceeding involving misconduct; or have filed an appeal of a finding of misconduct with a previous employer. Job Functions and Percentages of Time
Security Operations Engineer (IT Security Analyst 3)
60%:
Deployment and Operations of Security Systems and Tools.
Responsible for the deployment, configuration, operations, and maintenance of the enterprise's information security infrastructure. Includes supporting the deployment of security systems, tools, and technologies.
20%:
Vulnerability Management and Incident Response Support.
Provides support to security staff during cybersecurity investigations, breaches, and other important incidents.
10%:
Communications and Leadership.
Participates as an active member of the campus IT community. Assists on project teams and committees.
10%:
Continuing Education / Professional Development.
Keeps up-to-date on information security tools, systems, and techniques. Takes courses for professional development and additional certifications as appropriate.
Senior Security Operations Engineer (IT Security Analyst 4)
50%:
Deployment and Operations of Security Systems and Tools.
Responsible for the deployment, configuration, operations and maintenance of the enterprise's complex information security infrastructure. Responsible for the continued deployment of new information security systems, tools and technologies throughout the enterprise, including, but not limited to: asset discovery, vulnerability management, cloud security, code security, intrusion detection & prevention, network detection and response, endpoint detection and response, logging, SIEM, orchestration and automation, and ticketing and case management.
25%:
Vulnerability Management and Incident Response Support.
May provide incident response support to security staff during complex cybersecurity investigations, breaches, zero-day vulnerability response, or other important incidents.
15%:
Communications and Leadership.
Be an active and contributing member of the campus IT community. Be an enthusiastic advocate of information security. Participate in project teams, committees, and policy development. Lead committees appropriate to area of expertise.
10%:
Continuing Education / Professional Development.
Keep up-to-date on information security tools, systems and techniques. Take courses for professional development and additional certifications as appropriate.
Equal Employment Opportunity
UC Santa Barbara is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status or other protected status under state or federal law. Reasonable Accommodations
The University of California endeavors to make the UCSB Job site accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact Katherine Abad in Human Resources at 805-893-4664 or email katherine.abad@hr.ucsb.edu. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications. Payroll Title
Payroll Title:
IT SCRTY ANL 3 (007338) or IT SCRTY ANL 4 (000661) Job Code
Job Code:
007338 or 000661 Job Open Date
Job Open Date:
10/17/25 Application Review Begins
Application Review Begins:
11/3/25; open until filled Department Code
Department Code (Name):
ISEC (ENTERPRISE SECURITY SERVICES) Percentage of Time
Percentage of Time:
100% Union Code
Union Code (Name):
99 - Non-Represented (PPSM) Employee Class
Employee Class (Appointment Type):
Staff: Career FLSA Status
FLSA Status:
Exempt Classified Indicator Description
Classified Indicator Description (Personnel Program):
PSS (IT SCRTY ANL 3) or MSP (IT SCRTY ANL 4) Salary Grade
Salary Grade:
Grade 23 (ITS SCRTY ANL 3) or Grade 25 (IT SCRTY ANL 4) Pay Range
The budgeted salary range that the University reasonably expects to pay for this position is $99,070-$124,800/yr for the Analyst 3 level and $122,620-$156,500/yr for the Analyst 4 level. Salary offers are determined based on final candidate qualifications and experience; the budget for the position; and the application of fair, equitable, and consistent pay practices at the University. The full salary range for this position is $88,000-$161,800/yr for the Analyst 3 level and $108,100-$204,900/yr for the Analyst 4 level. Work Location
Work Location:
Onsite, Hybrid (SAASB, 4th Floor) or Remote Working Days and Hours
Working Days and Hours:
M-F, 8-5 Benefits Eligibility
Benefits Eligibility:
Full Benefits Remote or Hybrid Work Arrangement
Type of Remote or Hybrid Work Arrangement, if applicable:
Onsite, Hybrid or Remote Special Instructions
Special Instructions:
For full consideration, please include a resume and a cover letter as part of your application. Application Status
Application Status:
If you would like to check the status of your application, please log into the Candidate Gateway where you applied and click on 'my activities'.
#J-18808-Ljbffr
There is a reason UCSB has been named the Best Place to Work by our local media for several years running. Whether our employees are on our stunning campus, or working remotely or hybrid, they tell us they value the flexibility, stability and rich benefits we offer. Come join us as we support the mission of one of the finest public institutions in the nation. UC Santa Barbara is consistently recognized for excellence across broad fields of study. Set alongside the glorious California coast, our dynamic environment inspires scholarly ambition and creativity. Benefits of Belonging
Working at UC means being part of this vibrant institution that shines a light on what is possible. People make UC great, and UC recognizes your contributions by making this a great place to work. Excellent retirement and health are just one of the rewards. Brief Summary of Job Duties
This position may be filled at the Security Operations Engineer (IT Security Analyst 3) or Senior Security Operations Engineer (IT Security Analyst 4) level. The successful candidate will be hired at the level that is commensurate with their skills, knowledge, and experience. Security Operations Engineer (IT Security Analyst 3)
The Security Operations Engineer works within the Information Technology Services' Office of Information Security unit. This role is a member of the campus Security Operations and Engineering team, responsible for assisting with the administration and operations of core information security systems and tools. The position supports the Security Operations team in vital cybersecurity functions, including identifying network, systems, and applications and responding to compromises and incidents. The Security Operations Engineer assists with the deployment, configuration, operations, and maintenance of the enterprise's information security infrastructure. This includes, but is not limited to, supporting new security tools and technologies such as vulnerability management, intrusion detection and prevention, endpoint detection and response, logging, SIEM (Security Information and Event Management), and ticketing and case management. The Security Operations Engineer may also provide support during cybersecurity investigations or incidents. Senior Security Operations Engineer (IT Security Analyst 4)
The Senior Security Operations Engineer serves in the Information Technology Services' Office of Information Security unit and is a senior member of the campus Security Operations and Engineering team. Primary responsibility involves overseeing system engineering and administration of core information security systems and tools. The Senior Security Operations Engineer is responsible for the deployment, configuration, operations and maintenance of the enterprise's complex information security infrastructure. This role is also responsible for the continued deployment of new information security tools and technologies throughout the enterprise, including, but not limited to: asset discovery, vulnerability management, cloud security, code security, intrusion detection & prevention, network detection and response, endpoint detection and response, logging, SIEM (Security Information and Event Management), orchestration and automation, and ticketing and case management. The Senior Security Operations Engineer may also provide incident response support to security staff during complex cybersecurity investigations, breaches, or other important incidents. Required Qualifications (IT Security Analyst 3)
A Bachelor's degree in a related area and/or equivalent experience/training. 5-7 years of Information Technology experience. 2-4 years of experience using IT security systems and tools. 2-4 years of experience analyzing and interpreting security event logs. Some experience with cloud security tools and techniques. Preferred Qualifications (IT Security Analyst 3)
Knowledge of information security principles and technology. Knowledge of vulnerability management systems and endpoint detection and response systems. Experience in systems administration and infrastructure. Understanding of network traffic analysis, endpoint log analysis, remote access methods and systems, firewalls, encryption, authentication and authorization technology. Experience in incident response and digital forensics. Understanding of cloud computing (AWS, GCP, and/or Azure) security concepts. Understanding of the OSI networking model. Understanding of cybersecurity models like NIST Cyber Security Framework, the Cyber Kill Chain, and MITRE ATT&CK Framework. Required Qualifications (IT Security Analyst 4)
Bachelor's degree in related area and/or equivalent experience/training. 7-9 years Information Technology experience. 7-9 years Advanced skills in systems administration and infrastructure support. 4-6 years Advanced experience using IT security systems and tools. 4-6 years Advanced skill analyzing and interpreting security event logs. 1-3 years Experience with cloud security tools and techniques. Preferred Qualifications (IT Security Analyst 4)
Advanced knowledge of information security principles and technology. Advanced knowledge of vulnerability management systems, intrusion detection/prevention systems, and endpoint detection and response systems. Experience in systems administration and infrastructure, containers. Experience with DevSecOps and security automation tools. Understanding of network traffic analysis, endpoint log analysis, remote access methods and systems, stateful inspection firewalls, encryption, authentication and authorization technology. Advanced experience in incident response and digital forensics including data collection, examination, and analysis. Applied knowledge of cloud computing (AWS, GCP, and/or Azure) security concepts. Ability to quickly learn new or unfamiliar technologies and products, independently using documentation and online resources. Advanced knowledge of data encryption technologies and experience selecting and applying appropriate data encryption technologies. Applied understanding of OSI networking model. Applied knowledge of cybersecurity models- NIST Cyber Security Framework, NIST 800-171, the Cyber Kill Chain and MITRE ATT&CK Framework. Demonstrated skills applying security controls to computer software and hardware. Advanced interpersonal skills sufficient to work effectively with both technical and non-technical personnel across multiple distributed departments and IT organizations across campus. Special Conditions of Employment
Satisfactory conviction history background check. UCSB is a Tobacco-Free environment. Misconduct Disclosure Requirement
As a condition of employment, the final candidate who accepts a conditional offer of employment will be required to disclose if they have been subject to any final administrative or judicial decisions within the last seven years determining that they committed any misconduct; received notice of any allegation or are currently the subject of any administrative or disciplinary proceedings involving misconduct; have left a position after receiving notice of allegations or while under investigation in an administrative or disciplinary proceeding involving misconduct; or have filed an appeal of a finding of misconduct with a previous employer. Job Functions and Percentages of Time
Security Operations Engineer (IT Security Analyst 3)
60%:
Deployment and Operations of Security Systems and Tools.
Responsible for the deployment, configuration, operations, and maintenance of the enterprise's information security infrastructure. Includes supporting the deployment of security systems, tools, and technologies.
20%:
Vulnerability Management and Incident Response Support.
Provides support to security staff during cybersecurity investigations, breaches, and other important incidents.
10%:
Communications and Leadership.
Participates as an active member of the campus IT community. Assists on project teams and committees.
10%:
Continuing Education / Professional Development.
Keeps up-to-date on information security tools, systems, and techniques. Takes courses for professional development and additional certifications as appropriate.
Senior Security Operations Engineer (IT Security Analyst 4)
50%:
Deployment and Operations of Security Systems and Tools.
Responsible for the deployment, configuration, operations and maintenance of the enterprise's complex information security infrastructure. Responsible for the continued deployment of new information security systems, tools and technologies throughout the enterprise, including, but not limited to: asset discovery, vulnerability management, cloud security, code security, intrusion detection & prevention, network detection and response, endpoint detection and response, logging, SIEM, orchestration and automation, and ticketing and case management.
25%:
Vulnerability Management and Incident Response Support.
May provide incident response support to security staff during complex cybersecurity investigations, breaches, zero-day vulnerability response, or other important incidents.
15%:
Communications and Leadership.
Be an active and contributing member of the campus IT community. Be an enthusiastic advocate of information security. Participate in project teams, committees, and policy development. Lead committees appropriate to area of expertise.
10%:
Continuing Education / Professional Development.
Keep up-to-date on information security tools, systems and techniques. Take courses for professional development and additional certifications as appropriate.
Equal Employment Opportunity
UC Santa Barbara is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status or other protected status under state or federal law. Reasonable Accommodations
The University of California endeavors to make the UCSB Job site accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact Katherine Abad in Human Resources at 805-893-4664 or email katherine.abad@hr.ucsb.edu. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications. Payroll Title
Payroll Title:
IT SCRTY ANL 3 (007338) or IT SCRTY ANL 4 (000661) Job Code
Job Code:
007338 or 000661 Job Open Date
Job Open Date:
10/17/25 Application Review Begins
Application Review Begins:
11/3/25; open until filled Department Code
Department Code (Name):
ISEC (ENTERPRISE SECURITY SERVICES) Percentage of Time
Percentage of Time:
100% Union Code
Union Code (Name):
99 - Non-Represented (PPSM) Employee Class
Employee Class (Appointment Type):
Staff: Career FLSA Status
FLSA Status:
Exempt Classified Indicator Description
Classified Indicator Description (Personnel Program):
PSS (IT SCRTY ANL 3) or MSP (IT SCRTY ANL 4) Salary Grade
Salary Grade:
Grade 23 (ITS SCRTY ANL 3) or Grade 25 (IT SCRTY ANL 4) Pay Range
The budgeted salary range that the University reasonably expects to pay for this position is $99,070-$124,800/yr for the Analyst 3 level and $122,620-$156,500/yr for the Analyst 4 level. Salary offers are determined based on final candidate qualifications and experience; the budget for the position; and the application of fair, equitable, and consistent pay practices at the University. The full salary range for this position is $88,000-$161,800/yr for the Analyst 3 level and $108,100-$204,900/yr for the Analyst 4 level. Work Location
Work Location:
Onsite, Hybrid (SAASB, 4th Floor) or Remote Working Days and Hours
Working Days and Hours:
M-F, 8-5 Benefits Eligibility
Benefits Eligibility:
Full Benefits Remote or Hybrid Work Arrangement
Type of Remote or Hybrid Work Arrangement, if applicable:
Onsite, Hybrid or Remote Special Instructions
Special Instructions:
For full consideration, please include a resume and a cover letter as part of your application. Application Status
Application Status:
If you would like to check the status of your application, please log into the Candidate Gateway where you applied and click on 'my activities'.
#J-18808-Ljbffr