The University of California Office of the President is a world leader in higher education, dedicated to excellence in teaching, research, and public service. The Cybersecurity Engineer/Architect will serve as a senior technical leader to assess security risks, develop security architectures, and establish security standards across the enterprise, ensuring the protection of UC data, systems, and networks from cyber threats.
Responsibilities:
- Implements Office of the President, institution-wide and / or multi-institutional security controls, up to and including the most complex, that are broad in scope to prevent unauthorized access or changes to mission-critical information and to prevent jeopardizing mission-critical hardware, software and network infrastructure
- Designs and implements secure architectures for enterprise applications and AI-driven systems
- Develops and maintains security standards, patterns, and reference architectures
- Collaborates with development teams to embed security practices into the software development lifecycle (SDLC), including DevSecOps
- Leads threat modeling, risk assessments, and security reviews for new and existing systems
- Conducts security risk assessments and produce written reports and secure design and configuration recommendations of AI in current products and products under consideration
- Evaluates and secures AI/ML models and platforms, ensuring ethical and secure use of data
- Collaborates with data science and engineering teams to embed security into AI workflows
- Makes recommendations for AI risk reduction factoring in UCOP system architecture, data sensitivity and toolsets
- Designs and implements AI security strategies to protect our systems from potential threats
- Architect and secure integrations between PeopleSoft HCM, pension systems, financial platforms, and third-party services
- Ensures compliance with regulatory requirements (e.g., HIPAA, PCI-DSS, SOC 2) across enterprise systems
- Design secure API gateways and enforce authentication, authorization, and data protection policies
- Monitors and responds to security events related to system integrations and data flows
- Partners with IT, DevOps, and business units to align security strategies with organizational goals
- Leads incident response and forensic investigations related to enterprise systems
- Partners with requesting business unit, legal and privacy stakeholders
- Supports stakeholders in ensuring that recommended controls are implemented
- Additional duties as required
Requirements:
- Min 8 years of demonstrated information security architecture and engineering experience in large, complex organizations
- Min 2 years of proven experience securing enterprise platforms including human capital management systems, pension administration systems, and financial systems
- Familiarity with cloud platforms (AWS, Azure, GCP) and hybrid environments
- Expert interpersonal skills sufficient to work effectively with both technical and non-technical personnel at various levels in the organization
- Expert experience using IT security systems and tools
- Demonstrated skills applying security controls to computer software and hardware
- Demonstrated skill at administering complex security controls and configurations to computer hardware, software and networks
- Demonstrated knowledge of secure hardware, software and network design techniques
- Demonstrated skill at analyzing and preventing security incidents of high complexity
- In-depth knowledge of computer hardware, software and network security issues and approaches
- Expert knowledge of IT security and demonstrated skill in the design and development of diverse and complex security policies and procedures
- Bachelor's degree in related area and / or equivalent experience / training
- Min 2 years of experience securing large-scale PeopleSoft HCM systems, .NET applications, and / or internally developed software solutions
- Strong knowledge of AI/ML security principles and data governance
- Expertise in API security, OAuth2, OpenID Connect, and integration platforms
- Proficiency in scripting and automation (Python, PowerShell, JSON, etc.)
- Expert knowledge of data encryption technologies and demonstrated experience selecting and applying appropriate data encryption technologies
- Advanced experience in incident response and digital forensics including reporting
- Thorough knowledge of other areas of IT and In-depth knowledge and understanding of department and campus, medical center or Office of the President processes and procedures
- Experience interfacing with upper management on a regular basis
- Master's degree in Computer Science, Cybersecurity, or related field
- CISSP, CISM, SABSA, AWS/Azure Security Specialty, or equivalent