Network Security Engineer

Job Summary

Join to apply for the Network Security Engineer role at University of California, San Francisco
. The Network Security Engineer within UCSF’s Information Technology (IT) department will ensure the security and integrity of UCSF’s network infrastructure. The Engineer supports the planning, design, optimization, implementation, audit, and troubleshooting of network security systems and improves the overall security posture of UCSF and its assets. The Engineer partners with security operations, governance, and system administrators to design and deploy required solutions to harden UCSF platforms.

San Francisco, CA – Mission Center Building (SF)

Full‑time

• Configure, install and manage network security devices and technologies including firewalls, DDI (DNS, DHCP and IP Address Management), VPN, Network Access Control, Web Filtering, CASB, SASE, Intrusion Detection/Prevention, Network Packet Brokers and Traffic Visibility solutions.
• Fulfill project requests and tasks for clients such as firewall policy, VPN tunnel creation, DDI, CASB incident response, web filter entries, etc.
• Manage and mitigate vulnerabilities for the devices backed by the Network Security Team.
• Resolve problems and break/fix incidents on the enterprise network and its security systems.
• Provide administrative‑level technical network security implementation skills for enterprise and data center environments.
• Assist in developing network device hardening standards.
• Apply professional communications concepts, industry practices, and relevant policies to resolve highly complex issues.
• Establish methods, techniques and evaluation criteria to obtain results.
• Interface with management, IT‑Security, and vendors to develop and implement new solutions meeting business requirements.
• Serve as an escalation point for junior staff.

The salary range for this position is $113,800 - $242,800 (Annual Rate). Final salary and offer components are subject to additional approvals based on UC policy.

Benefits:
To learn more about the benefits of working at UCSF, including total compensation, please visit (Use the "Apply for this Job" box below)..html

• Bachelor’s Degree, or equivalent combination of experience/training in computer science, engineering, computer information systems, etc.
• 5‑7 years of experience in network services, information technology, network security, or network operations.
• Cisco Certified Network Professional (CCNP) and/or equivalent experience/training.
• Advanced knowledge of network security devices and technologies such as firewalls, IDS/IPS, NAC, web filtering, network packet brokers, load balancing, DDI, VPN, and network traffic visibility solutions.
• Advanced knowledge of VPN technologies and network security protocols, technologies, standards, and tools.
• Advanced understanding of modern enterprise TCP/IP data networks, including OSPF, STP, RSTP, 802.1Q, Multicast, QoS, and tunneling protocols.
• Advanced knowledge of security architectures in private and public cloud environments (AWS, Azure).
• Experience with Cisco Routing and Switching products and BGP, intrusion detection, proxies, firewalls, load balancing, packet capture, and/or data loss prevention.
• Understanding of implications of work on other areas of IT and business.
• Proven ability to learn effectively, meet deadlines, work independently and as part of a team with minimal supervision, and participate in a 24/7 on‑call rotation.
• Excellent communication skills to convey technical information to both technical and non‑technical personnel.
• Advanced ability to gather, organize and analyze data for functional assignments.
• Advanced problem‑solving skills with experience diagnosing and resolving network connectivity issues, certificates and PKI, universal 1X or SSL decryption, web proxy and content filtering solutions for data loss prevention.
• Familiarity with network security best practices and ability to implement and maintain firewall rules, access controls, and IDS/IPS.
• Excellent interpersonal skills to work effectively with colleagues and stakeholders across departments.

• Adv…