SENIOR CLOUD SECURITY ENGINEER - REMOTE IN CALIFORNIA

For UCOP internal applicants, please login to the internal candidate gateway at: Jobs at UCOP

UC OFFICE OF THE PRESIDENT

At the University of California (UC), your contributions make a difference. A world leader producing Nobel and Pulitzer Prize recipients with over 150 years of groundbreaking research transforming the world. Choose a career where you can leverage your knowledge, skills and aspirations to inspire and support some of the greatest minds in the world, and those who will follow in their footsteps. Working at the University of California is being part of a unique institution, and a vibrant and diverse community. At the University of California, Office of the President, we propel our mission through impactful work locally, in government centers and systemwide. We are passionate people, serving the greater good.

The University of California, one of the largest and most acclaimed institutions of higher learning in the world, is dedicated to excellence in teaching, research and public service. The University of California Office of the President is the headquarters to the 10 campuses, six academic medical centers and three national laboratories and enrolls premier students from California, the nation and the world. Learn more about the UC Office of the President

Department Overview
As a security first organization, Technology Delivery Services (TDS) is part of the Information Technology Services (ITS) Department. The TDS teams include Information Security, Planning (architecture and PMO), Application Development, HR & Payroll Development, Infrastructure, and Client Services teams. We maintain an innovative, inclusive, and supportive work environment.

Position Summary
Having wide-ranging experience in IT security, applies professional concepts and Office of the President objectives to develop and lead implementation of security controls and functionality for cloud based hosting environments and cloud deployed systems, networks, and applications. Requires expertise in designing and applying secure-by-design principles to enterprise cloud hosting environments (including AWS and Azure), enterprise services deployed therein, and related emerging technologies such as artificial intelligence. May be called upon to resolve Office of the President, institution-wide and / or multi-institutional security issues, up to and including the most complex, with little or no precedent where analysis of situations and data requires an in-depth evaluation of various factors. Directs the selection of methods, techniques and evaluation criteria to obtain results. Serves in a lead capacity. Considered subject matter expert at this level.

Key Responsibilities

30% Cloud hosting security engineering - Implements Office of the President and institution-wide security controls, up to and including the most complex, that are broad in scope to prevent unauthorized access or changes to mission-critical information and to protect mission-critical cloud hosted IT resources. Works with senior and IT management to develop Office of the President security plans to mitigate risk of theft, destruction, alteration or denial of access of information from cloud hosting environments and workloads. Advises Office of the President and serves as Office of the President expert on security prevention, best practices and secure software and virtual hardware design.

30% Enterprise systems security - plan, develop, and implement security controls for hosted enterprise systems, including PeopleSoft HCM, customized .NET applications, and related software and technologies including secure workload configuration and operation in virtualized environments, secure connectivity between solution components, and appropriate controls around access and changes to same.

25% Access Control - plan, develop, and implement appropriate access controls to ensure only authorized access to cloud hosted IT resources and institutional information, including access request approval mechanisms, tracking of access authorizations over time, alignment of access with least privilege and separation of duties concepts and requirements, and implementation of formal access re-certification processes.

10% Governance and collaboration - partners with IT, and business units to align security strategies with organizational goals. Leads incident response and forensic investigations related to cloud hosted services. Partners with IT leadership and support teams, business units, legal and privacy stakeholders. Supports stakeholders in ensuring that recommended controls are implemented. Works with senior and IT management to establish Office of the President and institution-wide security policy and standards.

5% Additional duties as required

Experience
Required Qualifications

• Min 8 years of experience in design, implementation, and management of cloud hosting security controls in support of large-scale business services including operational use of cloud scripting / automation tools to deploy, manage, and confirm controls.

• Min 2 years of experience as a lead security engineer for one or more cloud hosted enterprise business systems (HR/Payroll, financials, ERP, retirement, etc.)

Preferred Qualifications

• Min 2 years of experience in Security controls design and implementation for enterprise PeopleSoft HCM solution deployed in an internally managed cloud hosting environment.

Skills and Abilities
Required Qualifications

• Expert interpersonal communication skills with the ability to work effectively with both technical and non-technical personnel at various levels in the organization.

• Expert experience using IT security systems and tools.

• Demonstrated skills applying security controls to computer software and hardware.

• Demonstrated skill at administering complex security controls and configurations to computer hardware, software and networks.

• Expert knowledge of data encryption technologies and demonstrated experience selecting and applying appropriate data encryption technologies.

• Demonstrated knowledge of secure hardware, software and network design techniques.

• Demonstrated skill at analyzing and preventing security incidents of high complexity.

• In-depth knowledge of computer hardware, software and network security issues and approaches.

• Expert knowledge of IT security and demonstrated skill in the design and development of diverse and complex security policies and procedures.

• Experience interfacing with upper management on a regular basis.

• Recognized as subject matter expert.

• Experience with API security for enterprise business systems and related tools and technologies (e.g. Mulesoft)

• Direct experience securing large-scale AWS hosted workloads.

Preferred Qualifications

• Advanced experience in incident response and digital forensics including reporting.

• Thorough knowledge of other areas of IT and In-depth knowledge and understanding of department and Office of the President processes and procedures.

• Experience leading a team of IT professionals.

• Experience with secure deployment of HR/Payroll add-on tools and services (e.g. Pathlock, chatbots, Salesforce, etc.)

• Direct experience securing Oracle PeopleSoft HCM and PeopleTools in a cloud hosting environment.

Education
Required Qualifications

• Bachelor's degree in related area and / or equivalent experience / training

Preferred Qualifications

• Master's degree in Computer Science, Cybersecurity, or related field

Licenses and Certifications
Preferred Qualifications

• CISSP, CISM, SABSA, AWS Security Specialty, or equivalent.

Travel Requirements
5% Incidental / infrequent travel as needed only

Job Title
IT Security Analyst 5 TX

Job Code
000663

Salary Grade
Grade 27

Approved Payscale:
$190,000 - $215,000

The University of California, Office of the President, is required to provide a reasonable estimate of the compensation range for this role. This range takes into account the wide range of factors that are considered in making compensation decisions including but not limited to experience, skills, knowledge, abilities, education, licensure and certifications, and other business and organizational needs. It is not typical for an individual to be offered a salary at or near the top of the range for a position. Salary offers are determined based on final candidate qualifications and experience. The full salary range shows the growth potential for this position and the pay scale is the budgeted salary or hourly range that the University reasonably expects to pay for this position.

Benefits: For information on the comprehensive benefits package offered by the University visit: Benefits of Belonging

ADDITIONAL INFORMATION

This position is eligible for a remote work arrangement within the state of California. The selected candidate must reside within the state of California or be willing to relocate.

HOW TO APPLY

Please be prepared to attach a cover letter and resume with your application.

APPLICATION REVIEW DATE

The first review date for this job is (2/27/2026). The position will be open until filled.

CONDITIONS OF EMPLOYMENT

Background Check Process: Successful completion of a background check is required for this critical position. Background check process at UCOP

Smoke Free Work Environment: The University of California, Office of the President, is smoke & tobacco-free as of January 1, 2014. UC Smoke & Tobacco Free Policy

As a condition of employment, you will be required to comply with the University of California Policy on Vaccination Programs, as may be amended or revised from time to time. Federal, state, or local public health directives may impose additional requirements.

As a condition of employment, the finalist will be required to disclose if they are subject to any final administrative or judicial decisions within the last seven years determining that they committed any misconduct, are currently being investigated for misconduct, left a position during an investigation for alleged misconduct, or have filed an appeal with a previous employer.

• "Misconduct" means any violation of the policies or laws governing conduct at the applicant's previous place of employment, including, but not limited to, violations of policies or laws prohibiting sexual harassment, sexual assault, or other forms of harassment, discrimination, dishonesty, or unethical conduct, as defined by the employer.
  • UC Sexual Violence and Sexual Harassment Policy
  • UC Anti-Discrimination Policy for Employees, Students and Third Parties
  • APM - 035: Affirmative Action and Nondiscrimination in Employment

EEO STATEMENT

The University of California is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, age, protected veteran status, or other protected status under state or federal law.

The University of California, Office of the President, strives to make this job board accessible to any and all users. If you have comments regarding the accessibility of our website or need assistance completing the application process, please contact us at: Accessibility or email the Human Resource Department at: epost@ucop.edu.