Fast Facts

UC Davis is seeking an Information Security Incident Response Analyst to manage advanced security operations and incident response efforts, ensuring the protection of the university's information assets.

Responsibilities: Lead detection, analysis, and response to complex security incidents; collaborate with stakeholders to resolve incidents; maintain security governance and develop strategies to enhance security measures.

Skills: Experience in incident response, cyber-security threat detection, vulnerability analysis, digital forensics, and security technologies; strong collaboration and communication skills.

Qualifications: Bachelor's degree in a related area with three or more years in incident response and cyber security; preferred certifications include CISSP, CISM, or CISA.

Location: Davis, CA – local, commutable residency required

Compensation: $99400 - $196400 / Annually

UC Davis

Information Security Incident Response Analyst IT SCRTY ANL 4

Under the general direction of the Associate Chief Information Security Officer (ACISO), the Information Security Incident Response Analyst serves as a technical lead and subject matter expert responsible for managing advanced security operations and incident response efforts that support the mission of the university and protect the confidentiality, integrity, and availability of information assets owned or entrusted to UC Davis. 

This position is vital to the Security Operations Center’s (SOC) ability to conduct complex security incident investigations, gather and preserve digital evidence, and respond to advanced threats. This role central to our incident response lifecycle and also instrumental in threat hunting, post incident analysis, and improving security posture through investigative insights. 

The Analyst leads the detection, analysis, and response to complex and high impact security incidents and threats against university assets and work closely with campus stakeholders and partners to ensure that incidents are resolved quickly and effectively. 

The Analyst must stay abreast of evolving campus needs, technology capabilities, and threat intelligence from various sources to optimize data protection measures. 

The Analyst tracks and reports on security risks and control effectiveness to the CISO and other campus stakeholders such as the Chief Information Officer, and security and IT professionals located at the Davis, Sacramento campuses, and other UC campuses. 

The Analyst operates with a high degree of autonomy, exercises independent thinking to creatively solve problems and issues, makes independent decisions, and must maintain or preserve confidentiality when required to do so. 

Candidates must already possess authorization to work in the United States to be considered.

To see IET job postings, please visit https://iet.ucdavis.edu/jobs

Apply By Date: By Friday, September 19, 2025 at 11:50p Pacific; screening and selection actions can begin any time

Minimum Qualifications 

• Bachelor's degree in a related area and/or equivalent experience/training.

• Three or more years of experience in incident response or related, focusing on cyber-security threat detection, vulnerability analysis, and incident response using forensic analysis techniques such as file carving, timeline creation and memory capture.

• Experience in performing cyber threat hunting, including log analysis, and digital forensics using XDR and SEIM tools.

• Experience communicating and documenting complex technical subjects to both technical and non-technical audiences.

• Proficiency in conducting incident after-action reviews and recommending mitigation strategies to avoid recurrence.

• Strong collaboration skills, with the ability to work with technical and non-technical stakeholders and advance positive working relationships and a strong rapport with team members, stakeholders, and customers.

• Work effectively under pressure and within time constraints to solve problems and complete deliverables.

Preferred Qualifications

• CISSP, CISM, CISA, or GIAC certifications. 

• Experience in complex higher education environments, serving academic and administrative functions of a large public university. 

• Experience with common security assessment and analysis tools such as Nmap, Tenable, Burp Suite, and FireEye. 

• Experience with security technologies such as SIEM, web application firewalls, VPN infrastructure, Intrusion Detection and Prevention Systems, multi-factor authentication, DNS, SMTP, DHCP, 802.1x access control, Anti-malware, Data Leakage/Loss Prevention. 

• Experience with Microsoft platforms, including Windows Event Log analysis, Active Directory and Group Policy. 

• Experience with project management. 

• Knowledge of mainstream Linux forensic investigation methods including system logs, file system formats and memory analysis.

• Knowledge of cloud security and zero-trust architectures.

• Demonstrated knowledge of incident response methodologies, techniques, and frameworks, including NIST and ISO 27001.

• Knowledge of the MITRE ATT&CK framework.

Key Responsibilities

65% - Incident Response

20% - Security Governance, Standards Development, and Strategic Support

15% - Information Security Consulting & Reporting

Department Overview

The Information Security Office (ISO) helps protect UC Davis' information assets' confidentiality, availability, and integrity through consultation, services, and programs. The ISO offers support, assistance, education, and advice, manages specific security processes, and helps individuals and departments understand how they are responsible for information security at UC Davis and how to meet that responsibility. 

Position Information

• Salary Range: $99,400.00 - $196,400.00

• Salary Frequency: Annual

• Salary Grade: Grade 25

• UC Job Title: IT SCRTY ANL 4

• UC Job Code: 000661

• Number of Positions: 1

• Appointment Type: Staff: Career

• Percentage of Time: 100

• Shift Hours: M-F, 8-5pm. Other hours may be required. 

• Location: Davis, CA – local, commutable residency required

• Union Representation: 99 - Non-Represented (PPSM)

• Benefits Eligible: Yes

• Hybrid/Remote/Onsite: Hybrid (mix of on-site and remote work from home office within commutable distance.)

Benefits

Outstanding benefits and perks are among the many rewards of working for the University of California. UC Davis offers a full range of benefits, resources and programs to help you bring your best self to work, as well as to help you and your family achieve your health, wellness, financial and career goals. Learn more about the benefits below and eligibility rules by visiting either our handy Benefits Summary for UC Davis Health Employees or Benefits Summary for UC Davis Employees and our Benefits Page.

The University of California, Davis is an Equal Opportunity Employer. All qualified applicants will be considered for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin,disability, age or protected veteran status.

To view the University of California’s Anti-Discrimination Policy, please visit:https://policy.ucop.edu/doc/1001004/Anti-Discrimination 

To view full job description and submit an on-line application visit UC Davis Career Opportunities at 

http://50.73.55.13/counter.php?id=308224

Job ID # 80587

The University of California, Davis is an Affirmative Action/Equal Opportunity Employer