Network Security Administrator
Role details
Job location
Tech stack
Job description
The Network Security Administrator within the University of California, San Francisco's (UCSF) Information Technology (IT) department will ensure the security and integrity of UCSF's network infrastructure. The Administrator will be entrusted with the duty of managing and maintaining UCSF's network services to ensure seamless connectivity and efficient communication across campus, with a focus on protecting UCSF's data and systems from unauthorized access, cyber-attacks, and other vulnerabilities. The Network Security Administrator will:
-
Configure/Install and manage various network security devices, features, and technologies including, but not limited to Firewalls, DDI (DNS, DHCP and IP Address Management), VPN, Network Access Control solutions, Web Filtering solutions, CASB and SASE systems, Intrusion Detection/Prevention systems, Network Packet Brokers, and Network Traffic Visibility solutions
-
Fulfill project requests and tasks for our clients (Firewall Policy, VPN tunnel creation, DDI, CASB Incident Response, applying web filter entries, etc.)
-
Manage and mitigate vulnerabilities for the devices that are backed by the Network Security Team
-
Resolve problems and break/fix incidents on the enterprise network and its network security systems.
-
Provide administrative-level technical network security implementation skill set for enterprise and Data Center environments of UCSF
-
Assist in the development of network device hardening standards
-
Apply professional communications concepts, industry practices, and relevant policies, procedures, and objectives to resolve highly complex issues.
-
Identify methods, techniques and evaluation criteria to obtain results.
-
Interface with management, IT-Security and vendors to develop and implement new solutions to meet business requirements Partnering closely with colleagues and stakeholders, the Network Security Administrator will play a crucial role in securing the network solutions that
Partnering closely with colleagues and stakeholders, the Network Security Administrator will play a crucial role in securing the network solutions that meet the evolving needs of our organization. The Network Security Administrator's expertise will be instrumental in implementing security measures to safeguard the integrity and confidentiality of UCSF data. The Network Security Administrator will positively impact UCSF's operations and culture by ensuring UCSF's IT infrastructure is operable, secure, efficient, and effective in service of the university's academic, medical, and research mission. This team member will advance the University's mission by delivering exceptional information technology services comprehensively and consistently across faculty, staff, and students. This role will execute UCSF's vision while modeling UCSF's culture and values., The Network Services team within Infrastructure Services holds a critical role in managing, maintaining, and developing the company's computer network infrastructure, particularly ensuring reliable technical accessibility for individuals engaged in vital medical and health research work. Their core responsibilities include providing secure internet and network services, managing IT services, and maintaining data systems. They support end-users, manage system updates, repairs, and connectivity issues, and play an essential role in troubleshooting network issues, optimizing performance, and implementing protocols. They also oversee software and hardware updates, and manage data storage, disaster recovery, and network resilience. Beyond this, Network Services provides specialized technical support to other employees in the organization, with a focus on those involved in medical and health research., (To be completed by Supervisor)
65%
Yes
- Implements complex communications and network system changes on Firewalls, DDI (DNS, DHCP and IP Address Management), VPN, Network Access Control solutions, Web Filtering solutions, CASB and SASE systems, Intrusion Detection/Prevention systems, Network Packet Brokers, and Network Traffic Visibility solutions
- Participates in the configuration and testing of complex network diagnostic tools and software.
- Participate in an on-call rotation for high and critical 24x7 incident response as needed.
20%
Yes
- Responsible for general network issue determination and resolution. Troubleshoots complex issues in network systems software and distribution and access electronics for medium and large network installations. Works directly with vendor/manufacturer technical support to isolate and resolve complex hardware and software issues. Configures and troubleshoots systems that support network security services
10%
Yes
- Coordinates all phases of multiple, complex network projects: procurement, implementation and documentation. Consults with other units on new or retrofit building projects and to provide advice and guidance on restricting or allowing access on the UCSF communications infrastructure
5%
Yes
- Identifies and selects training opportunities for professional development. Participates in cross-functional group discussions, activities and efforts.
- Actively promotes the organization's core values and consistently integrates innovation, employee fulfillment, teamwork, respect, excellence, integrity, service, and accountability into each aspect of their work.
- Maintains current knowledge of University policy and procedures; effectively, consistently and fairly applies University policy and/or campus/division procedures for assigned area and team members supervised; complies with University, Campus and division policies and procedures regarding privacy of information, authorized use of University resources and the security of University systems and data.
- Performs other related responsibilities as requested and when necessary. The University reserves the right to add or change duties at any time.
Requirements
- 3-5 years of experience working in one or more of the following fields: network services, information technology, network security, or network operations.
- Demonstrated knowledge of various network security devices, features and technologies like firewalls, Intrusion Detection/Prevention systems, Network Access Control solutions, Web Filtering solutions, Network packet brokers, DDI (DNS, DHCP and IP Address Management), VPN, and network traffic visibility solutions
- Demonstrated knowledge of various VPN technologies
- Experience with network monitoring and management tools such as Datadog, Panorama, or Firemon.
- Understanding of ITIL framework and its application in network management and service delivery.
- Demonstrated knowledge of network security protocols, technologies, standards and tools
- Demonstrated knowledge of various authentication protocols and solutions
- Demonstrated understanding of modern enterprise TCP/IP data networks using standards and technologies including but not limited to: OSPF, STP, RSTP, 802.1Q, Multicast, Quality of Service and tunneling protocols
- Demonstrated knowledge, skills and experience with Cisco Routing and Switching products
- Understands implications of work on other areas of IT and Business.
- Self-motivated and works independently and as part of a team with minimal supervision
- Clearly understands the communications and network needs of the organization and has skills needed to address those needs
- Ability to diagnose and resolve network connectivity issues in a timely manner.
- Familiarity with network security best practices and the ability to implement and maintain firewall rules, access controls, and intrusion detection/prevention systems., * Bachelor's Degree, or equivalent combination of experience/training in one or more of the following fields: computer science, engineering, computer information systems, etc.
- Demonstrated knowledge of security architectures in private and public cloud environments
- Demonstrated knowledge, skills and experience with Juniper Routing and Switching products
- Demonstrated knowledge and experience with network device management tools, technologies and products like SASE, CASE and CASB solutions
- Thorough knowledge of structured cabling systems, network facilities, electrical, UPS, etc.
- Experience with virtualization technologies such as VMware or Hyper-V.
- Familiarity with cloud networking concepts and experience working with cloud service providers (e.g., AWS, Azure, Google Cloud Platform).
- Experience with network automation and scripting languages such as Python or PowerShell.
- CERTIFICATIONS
- Security +, PCNSA, CCNA, or ITIL
- CCNA Security, CCNP Security, CEH or equivalent