$ per hour
Summer Required

The Lead Information Security Analyst ...
Leads, manages, and enables the team to reach its maximum potential:
  • Works with Chief Security Officer (CSO) to establish goals for the team and assignment of projects to team members.
  • Regularly checks in with the team to ensure all members are aware of team's progress and overall direction.
  • Delegates tasks/duties and maintains close contact with every member to provide support, guidance, and resources.
  • Provides updates for and collaborates with the CSO and other staff to accomplish Student Affairs - Information Technologies (SAIT) goals.
  • In consultation with the CSO, hires and trains new staff in collaboration with team and supervisor.
  • Conducts performance evaluations for team members.
  • Participates in the student leads group in SAIT to help determine larger organizational goals.
Spearheads network security operations:
  • Responds promptly to possible threats and security incidents, coordinating with the appropriate people, teams, and resources.
  • Establishes security baselines and expectations, collaboratively performing regular security and configuration audits to enforce them.
  • Works with CSO and team to establish and enforce security policies.
Coordinates ongoing security awareness education and training:
  • Spearheads relevant security-centered educational programs and events for staff and students.
  • Trains the appropriate people and staff in relevant security skills.
Ensures appropriate staffing and coverage:
  • Maintains employee availability and critical task coverage schedules.
  • Ensures prompt response to ISP tickets by team members.
  • Ensures that pro-active security activity is appropriately monitored and analyzed in a timely manner
Examples of Projects and Daily Tasks:
  • Incident response:.
    • Be on-call for a shift of incident monitoring - may require checking for security incidents in the morning and at night during shift day
    • Block or take potentially compromised machines off the network.
    • Perform forensics analysis on devices that may contain sensitive data.
    • Alert the appropriate personnel in the event of a possible threat or attack.
  • Keep track of each team member's projects, deadlines, and general well-being with regular check-in meetings and one-on-ones.
  • Coordinate with the Unix Operations and Marketing teams to hold a workshop on top web security attacks for students and staff.
  • Make high-level decisions on tools, policies, and processes.
  • Meet regularly with the CSO to discuss the threat landscape and suggest improvements to existing procedures.
What You'll Bring to the Job
Required Skills:
  • Effective written and verbal communication skills and the ability to interact professionally with diverse groups of clients and staff
  • Ability to manage and supervise teams and projects
  • Experience prioritizing tasks and delegating responsibility
  • Expertise in teaching, mentoring, or training others (including those who do not have a technical background)
  • Ability and motivation to learn new technologies quickly and with minimal supervision
  • Understanding of security and scripting concepts
  • Minimum GPA of 2.0
  • Knowledge of security tools, including vulnerability scanners and intrusion detection systems
  • Advanced Scripting experience
  • UNIX system administration experience
  • Windows system and domain administration experience
  • Knowledge of internet architecture and protocols
  • Understanding of firewall management and configuration
  • Network and computer forensics experience
  • Experience writing documentation
  • Attention to detail
  • Penetration testing experience
  • Minimum GPA of 2.3
What You'll Learn on the Job
  • Working in a team environment
  • Interacting with colleagues from every generation
  • Emergency incident response and planning
  • Penetration testing techniques, tools, and related skills
  • Appropriate balance of planning and flexibility
  • Hands-on supervisory and leadership skills
  • Project management and public speaking
Availability & Training Requirements
  1. The period of employment for this position begins upon hire and continues at least through the end of 2017-2018 academic year.
  2. Must be a currently enrolled UC Berkeley student.
  3. Must be available for 2-5 hours per week of training during the spring 2017 semester, including sessions on:
    • February 17
    • April 7
    • April 14
    • 2 days during the week of May 15 (dates/times TBD)
  4. Must be available to work 20-40 hours per week during the summer.
  5. Must be available to work 12-20 hours per week during the academic year.
  6. Must provide at least 3 hours per week of work during business hours at the Residential and Student Services Building (RSSB).
  7. Must be available to respond to emergency situations that may occur at any time on any day.
  8. Must participate in Residential Computing Consultant (RCC) training from August 7-11, 2017.
  9. Required to attend all-staff training on August 18, 2017
  10. Must clear a criminal background check due to the level of data access and access to systems and physical spaces required by the position.
  11. Continued employment is contingent upon satisfactory job performance evaluation by the Technical Services Manager.
The Interview
What to Expect

Lead Information Security Engineer interview candidates will meet with a panel of current SAIT Information Security staff, including, but not limited to, the Chief Security Officer and the current Lead InfoSec Engineer, as well as possibly a member of another team that regularly works with InfoSec, e.g., the Lead Unit Supervisor or the Lead Unix Operations Engineer. The interview will last about one hour and will include general behavioral and leadership questions as well as specific technical questions related to security, software engineering, UNIX systems, Windows systems, and computer networking. Candidates will likely be asked about specific technologies and past work experiences, particularly those highlighted on their resume. They will also be asked to bring a BearFacts transcript to verify that they meet the minimum GPA requirement.

Sample Interview Questions
  • What is a firewall?
  • What is cross-site scripting?
  • What is whitelisting? Blacklisting? When is each preferable over the other?
  • Describe a time you led a team or project. What were some of the key challenges, and what were your solutions to those challenges?
  • You are auditing the security of the piece of software that stores user login information. What are some things you would look for and write about in your report?

This job is currently not open for hiring

Have a question? Email us at