The University of Southern California (USC), founded in 1880, is part of the vibrant Los Angeles economy and is the largest private employer in the City of Los Angeles. As an employee of USC, you will be a part of a world-class research university. The University of Southern California/Information Sciences Institute (part of the Viterbi School of Engineering) is one of the nation's largest, most successful university- affiliated computer research institutes. Our work ranges from theoretical basic research, such as core engineering and computer science discovery, to applied research and development, such as design and modeling of innovative prototypes and devices.

This position is primarily located at USC's research facility, ISI - Information Sciences Institute, in Marina del Rey, CA.

It is beautiful and sunny in Marina del Rey, California. Our offices overlook the ocean and are just minutes from the beach.

This is a full-time opportunity with a flexible, hybrid in- office schedule.

IT Security Operations Engineer will deploy, configure, maintenance, tune, and optimize Enterprise Security tools/platforms to assist with the general IT security, response to security threats from various platforms and technologies.

The Engineer will also monitor and analyze the event correlation and incident data to identify trends, false positives, and provide enhancements where necessary to improve the efficacy of the security alerts. In this role the selected individual will collaborate with Enterprise IT Operations to enhance cybersecurity, as part of continuous service improvement, in support of on-prem infrastructure, software development pipelines, and cloud services. In addition, the individual is expected to have skills in system configuration, data analytics and preferably skills in programming or scripting languages.

The Engineer will also assist in information security governance, risk, and compliance related tasks.

Due to the nature of this role, the incumbent must obtain and maintain Top Secret Security Clearance. Per government regulations, eligibility for this clearance requires U.S. citizenship.

This position will report to the IT Security Manager.

JOB RESPONSIBILITIES:

• To be a key member of the team and provide real time threat analysis, detection, and remediation. And carry out investigation on security events, raise incidents and support the Incident Management process.
• Provide analysis and treading of security log data and network traffic from many monitoring points. Respond to system generated alerts, analyze logs and traffic patterns.
• Assist in implement, maintain, and operate IT security boundaries, process, and tools by collaborating with System Architects, System/Network/Web/Desktop Administrators for general infrastructure and regulation required cyber security programs, DFARS/FISMA, and related assessment/accreditation processes. And to protect infrastructure from common threat vectors, vulnerabilities, and security and compliance misconfigurations.
• Manages and maintains IAM, DLP, WAF, EDR, MDM, SIEM, SOAR and Advanced Mail Security solutions and be able to manage, operate, and configure the systems to support day-to-day work, ensuring performance impact is monitored, appropriately applied and managed and that tools are always available with applicable updates.
• Support security team operations in vulnerability risk assessments, data protection and integrity containments, and investigations on related security violations/incidents.
• Work alongside server, network and desktop operation support and necessary stakeholders in effectively investigating and remediating incidents and security issues. Ensures senior management and staff are informed of any changes and updates promptly.
• Support the management and remediation of information security risks by researching security trends, new techniques used in unauthorized access of data attempts to pre-emptively eliminate the possibility of system breaches. And review the quality of the threat intelligence information received from the Information Security organization and provides constructive feedback to the organization based on the needs of the assigned area.
• Manage configuration baselines to provide guidance on how systems and endpoints are managed and hardened against security threats and vulnerabilities.
• Assist in building security test plans to ensure successful implementation of new/existing solutions. And develop secure process and documentation for identity and information system authorization, security management, and continuous monitoring.
• Supports the security engineering lifecycle to design, build, deploy, and manage enterprise infrastructure and solutions to enable compliance with university policies and standards.
• Support security engineering projects and engage in those that actively evaluate existing solutions, looking for areas of improvement.
• Ensures procedures and service level agreements are defined, tracked, and met. Provides input on the reporting and metrics captures by governance and risk management.
• Stays current with proven/emerging technologies that could strengthen security posture, as well as any changes in legal, regulatory, and technology environments which may affect operations.
• Performs other related duties as assigned or requested. The university reserves the right to add or change duties at anytime.
• Assist in ensuring information security governance, standards, and procedures are up-to-date and adhered to.

MINIMUM QUALIFICATIONS

• Must be able to obtain and maintain Top Secret Security Clearance. Per government regulations, eligibility for this clearance requires U.S. citizenship.
• Bachelor's degree in a related field or equivalent experience and knowledge
• 4 years of hands-on experience with security engineering technologies and solutions (e.g., EDR/XDR, Cloud security tools, file integrity monitoring, information security configuration, data security platforms, CASB, DLP, IDS/IPS, firewalls).
• Experience with log management or security information management tools
• Excellent understanding of security controls frameworks (e.g., DFARS, FedRAMP, and NIST SP 800Series)
• Excellent understanding of the security threat landscape
• Experience in creating and deploying security hardening guidelines. Proven understanding of CIS benchmarks and customer service metrics.
• Experience in managing different operating systems and configuration standards.
• Knowledge with Linux (Ubuntu/RedHat/CentOS), MacOS, Windows Operating Systems and Windows Domain. Excellent understanding of information security engineering process from acquisition, design, build, and operation.
• Knowledge of network security zones, firewalls, SIEMs, IDS and SOAR workflows. Knowledge of log formats for syslog, http logs, DB logs and how to gather forensics for traceability back to event. Knowledge of packet capture and analysis.
• Excellent understanding of the technology stack from OS, system, network, and applications.
• Ability to plan, organize and document complex system design activities.
• Knowledge of common internet protocols, network analysis, and network/security applications
• Demonstrated understanding of information security engineering implementation processes (e.g., acquisition, design, build, operation).
• Strong attention to detail with the ability to multi-task, prioritize, and manage time effectively and able to cope successfully under pressure and with shifting priorities.
• Ability to work off hours when needed.
• Excellent customer service skills, interpersonal skills and professional demeanor, and verbal and written communication skills

PREFERRED QUALIFICATIONS

• Active Top Secret security clearance

• 2-3 yearsof experience as a System/Network Administrator or equivalent

• Experience with cyber security products (i.e., Nessus/Tenable, SentinelOne, DataDog,
  Splunk, etc.)

• Experience with Linux (Ubuntu/RedHat/CentOS), MacOS and Windows Operating Systems and Windows Domain infrastructure (i.e., Group Policy Objects, Active Directory)

• Experience with database administration, access management and systems/data backup, storage, and recovery.

• Experience with configuration management products (i.e., Ansible, SCCM, Jamf, Chef,
  Puppet, etc.)
• Experience in scripting languages (i.e., Python, PowerShell, etc.)

• Industry standard certifications such as:CompTIA Security , CompTIA Network , CompTIA CySa , Cisco CCNA, ED-Council CEH, and/or relevant specialized degree in Cyber Forensics
  or Computer Science.

The annual base salary range for this position is $121,118 - $130,000. When extending an offer of employment, the University of Southern California considers factors such as (but not limited to) the scope and responsibilities of the position, the candidate's work experience, education/training, key skills, internal peer equity, federal, state and local laws, contractual stipulations, grant funding, as well as external market and organizational considerations.

The University of Southern California values diversity and is committed to equal opportunity in employment.

Minimum Education: Bachelor's degree Additional Education Requirements Combined experience/education as substitute for minimum education Minimum Experience: 4 years with security engineering technologies and solutions (e.g., EDR/XDR, Cloud security tools, file integrity monitoring, information security configuration, data security platforms, CASB, DLP, IDS/IPS, firewalls). Addtional Experience Requirements Combined experience/education as substitute for minimum work experience Minimum Skills: Excellent understanding of information security engineering process from acquisition, design, build, and operation. Excellent understanding of security controls frameworks (e.g., CIS Top20, NIST CSF, 800- 53). Experience defining and deploying security hardening guidelines. Excellent understanding of the technology stack from OS, system, network and applications. Proven understanding of CIS benchmarks and customer service metrics. Experience managing different operating systems and configuration standards. Ability to plan, organize and document complex system design activities. Excellent written and oral communication skills, able to interact with a broad spectrum of people on a technical and professional level to share complex information. Proven analytical, consulting and problem-solving skills, with exceptional attention to detail. Excellent organizational skills and proven ability to manage multiple projects and priorities simultaneously. Ability to teach/train others. Experience with database administration, access management and systems/data backup, storage and recovery.