{"21622843":{"jobPath":"/jobs/21622843/it-multi-discipline-specialist","source":"naylor","job":"21622843","jobTitle":"IT Multi-Discipline Specialist"},"21564778":{"jobPath":"/jobs/21564778/business-development-associate-security-integration","source":"naylor","job":"21564778","jobTitle":"Business Development Associate - Security integration "},"21600937":{"jobPath":"/jobs/21600937/senior-it-auditor","source":"naylor","job":"21600937","jobTitle":"Senior IT Auditor"},"21568027":{"jobPath":"/jobs/21568027/it-audit-manager","source":"naylor","job":"21568027","jobTitle":"IT Audit Manager"},"21622607":{"jobPath":"/jobs/21622607/it-network-telecommunications-entry-wsu-tri-cities","source":"naylor","job":"21622607","jobTitle":"IT Network & Telecommunications - Entry WSU Tri Cities"},"21623685":{"jobPath":"/jobs/21623685/airport-risk-and-compliance-manager","source":"naylor","job":"21623685","jobTitle":"Airport Risk and Compliance Manager"},"21620351":{"jobPath":"/jobs/21620351/director-of-it-infrastructure","source":"naylor","job":"21620351","jobTitle":"Director of IT Infrastructure"},"21620352":{"jobPath":"/jobs/21620352/it-support-digital-services-coordinator","source":"naylor","job":"21620352","jobTitle":"IT Support & Digital Services Coordinator"},"21623666":{"jobPath":"/jobs/21623666/campus-security-officer-part-time","source":"naylor","job":"21623666","jobTitle":"Campus Security Officer Part-time"},"21622477":{"jobPath":"/jobs/21622477/assistant-professor-of-government-american-politics","source":"naylor","job":"21622477","jobTitle":"Assistant Professor of Government (American Politics)"},"21620356":{"jobPath":"/jobs/21620356/campus-security-officer","source":"naylor","job":"21620356","jobTitle":"Campus Security Officer"},"21623566":{"jobPath":"/jobs/21623566/senior-internal-audit-data-analyst","source":"naylor","job":"21623566","jobTitle":"Senior Internal Audit Data Analyst"},"21521706":{"jobPath":"/jobs/21521706/it-audit-division-director","source":"naylor","job":"21521706","jobTitle":"IT Audit Division Director"},"21555211":{"jobPath":"/jobs/21555211/director-safety-security","source":"naylor","job":"21555211","jobTitle":"Director, Safety & Security"},"21620258":{"jobPath":"/jobs/21620258/technology-audit-manager","source":"naylor","job":"21620258","jobTitle":"Technology Audit Manager"},"21623549":{"jobPath":"/jobs/21623549/manager-financial-risk-regulatory-multiple-positions","source":"naylor","job":"21623549","jobTitle":"Manager, Financial Risk & Regulatory - Multiple Positions"},"21564968":{"jobPath":"/jobs/21564968/senior-information-and-privacy-manager-investigations-temporary-position","source":"naylor","job":"21564968","jobTitle":"Senior Information and Privacy Manager, Investigations (Temporary Position)"},"21620457":{"jobPath":"/jobs/21620457/manager-it-infrastructure-operations-527393","source":"naylor","job":"21620457","jobTitle":"Manager IT Infrastructure Operations - 527393"},"21622538":{"jobPath":"/jobs/21622538/it-user-support-analyst","source":"naylor","job":"21622538","jobTitle":"IT User Support Analyst"},"21623552":{"jobPath":"/jobs/21623552/cyber-security-manager","source":"naylor","job":"21623552","jobTitle":"Cyber Security Manager"},"21622484":{"jobPath":"/jobs/21622484/museum-security-guard-part-time","source":"naylor","job":"21622484","jobTitle":"Museum Security Guard (Part-Time)"},"21623479":{"jobPath":"/jobs/21623479/director-of-government-relations","source":"naylor","job":"21623479","jobTitle":"Director of Government Relations"},"21623732":{"jobPath":"/jobs/21623732/information-security-incident-response-analyst-it-scrty-anl-4","source":"naylor","job":"21623732","jobTitle":"Information Security Incident Response Analyst IT SCRTY ANL 4"},"21620421":{"jobPath":"/jobs/21620421/information-security-engineer-1-2-3","source":"naylor","job":"21620421","jobTitle":"Information Security Engineer 1/2/3"},"21620367":{"jobPath":"/jobs/21620367/it-service-desk-support-staff-middlesex-community-college","source":"naylor","job":"21620367","jobTitle":"IT Service Desk Support Staff - Middlesex Community College"}}
Information Security Incident Response Analyst IT SCRTY ANL 4
UC Davis
Application
Details
Posted: 28-Aug-25
Location: Sacramento, California
Type: Full Time
Internal Number: 80587
UC Davis
Information Security Incident Response Analyst IT SCRTY ANL 4
Under the general direction of the Associate Chief Information Security Officer (ACISO), the Information Security Incident Response Analyst serves as a technical lead and subject matter expert responsible for managing advanced security operations and incident response efforts that support the mission of the university and protect the confidentiality, integrity, and availability of information assets owned or entrusted to UC Davis.
This position is vital to the Security Operations Center’s (SOC) ability to conduct complex security incident investigations, gather and preserve digital evidence, and respond to advanced threats. This role central to our incident response lifecycle and also instrumental in threat hunting, post incident analysis, and improving security posture through investigative insights.
The Analyst leads the detection, analysis, and response to complex and high impact security incidents and threats against university assets and work closely with campus stakeholders and partners to ensure that incidents are resolved quickly and effectively.
The Analyst must stay abreast of evolving campus needs, technology capabilities, and threat intelligence from various sources to optimize data protection measures.
The Analyst tracks and reports on security risks and control effectiveness to the CISO and other campus stakeholders such as the Chief Information Officer, and security and IT professionals located at the Davis, Sacramento campuses, and other UC campuses.
The Analyst operates with a high degree of autonomy, exercises independent thinking to creatively solve problems and issues, makes independent decisions, and must maintain or preserve confidentiality when required to do so.
Candidates must already possess authorization to work in the United States to be considered.
Apply By Date: By Friday, September 19, 2025 at 11:50p Pacific; screening and selection actions can begin any time
Minimum Qualifications
• Bachelor's degree in a related area and/or equivalent experience/training.
• Three or more years of experience in incident response or related, focusing on cyber-security threat detection, vulnerability analysis, and incident response using forensic analysis techniques such as file carving, timeline creation and memory capture.
• Experience in performing cyber threat hunting, including log analysis, and digital forensics using XDR and SEIM tools.
• Experience communicating and documenting complex technical subjects to both technical and non-technical audiences.
• Proficiency in conducting incident after-action reviews and recommending mitigation strategies to avoid recurrence.
• Strong collaboration skills, with the ability to work with technical and non-technical stakeholders and advance positive working relationships and a strong rapport with team members, stakeholders, and customers.
• Work effectively under pressure and within time constraints to solve problems and complete deliverables.
Preferred Qualifications
• CISSP, CISM, CISA, or GIAC certifications.
• Experience in complex higher education environments, serving academic and administrative functions of a large public university.
• Experience with common security assessment and analysis tools such as Nmap, Tenable, Burp Suite, and FireEye.
• Experience with security technologies such as SIEM, web application firewalls, VPN infrastructure, Intrusion Detection and Prevention Systems, multi-factor authentication, DNS, SMTP, DHCP, 802.1x access control, Anti-malware, Data Leakage/Loss Prevention.
• Experience with Microsoft platforms, including Windows Event Log analysis, Active Directory and Group Policy.
• Experience with project management.
• Knowledge of mainstream Linux forensic investigation methods including system logs, file system formats and memory analysis.
• Knowledge of cloud security and zero-trust architectures.
• Demonstrated knowledge of incident response methodologies, techniques, and frameworks, including NIST and ISO 27001.
• Knowledge of the MITRE ATT&CK framework.
Key Responsibilities
65% - Incident Response
20% - Security Governance, Standards Development, and Strategic Support
15% - Information Security Consulting & Reporting
Department Overview
The Information Security Office (ISO) helps protect UC Davis' information assets' confidentiality, availability, and integrity through consultation, services, and programs. The ISO offers support, assistance, education, and advice, manages specific security processes, and helps individuals and departments understand how they are responsible for information security at UC Davis and how to meet that responsibility.
Position Information
• Salary Range: $99,400.00 - $196,400.00
• Salary Frequency: Annual
• Salary Grade: Grade 25
• UC Job Title: IT SCRTY ANL 4
• UC Job Code: 000661
• Number of Positions: 1
• Appointment Type: Staff: Career
• Percentage of Time: 100
• Shift Hours: M-F, 8-5pm. Other hours may be required.
• Location: Davis, CA – local, commutable residency required
• Union Representation: 99 - Non-Represented (PPSM)
• Benefits Eligible: Yes
• Hybrid/Remote/Onsite: Hybrid (mix of on-site and remote work from home office within commutable distance.)
Benefits
Outstanding benefits and perks are among the many rewards of working for the University of California. UC Davis offers a full range of benefits, resources and programs to help you bring your best self to work, as well as to help you and your family achieve your health, wellness, financial and career goals. Learn more about the benefits below and eligibility rules by visiting either our handy Benefits Summary for UC Davis Health Employees or Benefits Summary for UC Davis Employees and our Benefits Page.
The University of California, Davis is an Equal Opportunity Employer. All qualified applicants will be considered for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin,disability, age or protected veteran status.
To view the University of California’s Anti-Discrimination Policy, please visit:https://policy.ucop.edu/doc/1001004/Anti-Discrimination
To view full job description and submit an on-line application visit UC Davis Career Opportunities at
