"SENIOR CLOUD SECURITY ENGINEER - REMOTE IN CALIFORNIA"

SENIOR CLOUD SECURITY ENGINEER - REMOTE IN CALIFORNIA

Location: Oakland
Job ID: 84038

Position Summary
Having wide-ranging experience in IT security, applies professional concepts and Office of the President objectives to develop and lead implementation of security controls and functionality for cloud based hosting environments and cloud deployed systems, networks, and applications. Requires expertise in designing and applying secure-by-design principles to enterprise cloud hosting environments (including AWS and Azure), enterprise services deployed therein, and related emerging technologies such as artificial intelligence. May be called upon to resolve Office of the President, institution-wide and / or multi-institutional security issues, up to and including the most complex, with little or no precedent where analysis of situations and data requires an in-depth evaluation of various factors. Directs the selection of methods, techniques and evaluation criteria to obtain results. Serves in a lead capacity. Considered subject matter expert at this level.

Key Responsibilities

• 30% Cloud hosting security engineering - Implements Office of the President and institution-wide security controls, up to and including the most complex, that are broad in scope to prevent unauthorized access or changes to mission-critical information and to protect mission-critical cloud hosted IT resources. Works with senior and IT management to develop Office of the President security plans to mitigate risk of theft, destruction, alteration or denial of access of information from cloud hosting environments and workloads. Advises Office of the President and serves as Office of the President expert on security prevention, best practices and secure software and virtual hardware design.
• 30% Enterprise systems security - plan, develop, and implement security controls for hosted enterprise systems, including PeopleSoft HCM, customized .NET applications, and related software and technologies including secure workload configuration and operation in virtualized environments, secure connectivity between solution components, and appropriate controls around access and changes to same.
• 25% Access Control - plan, develop, and implement appropriate access controls to ensure only authorized access to cloud hosted IT resources and institutional information, including access request approval mechanisms, tracking of access authorizations over time, alignment of access with least privilege and separation of duties concepts and requirements, and implementation of formal access re-certification processes.
• 10% Governance and collaboration - partners with IT, and business units to align security strategies with organizational goals. Leads incident response and forensic investigations related to cloud hosted services. Partners with IT leadership and support teams, business units, legal and privacy stakeholders. Supports stakeholders in ensuring that recommended controls are implemented. Works with senior and IT management to establish Office of the President and institution-wide security policy and standards.
• 5% Additional duties as required

Experience
Required Qualifications

• Min 8 years of experience in design, implementation, and management of cloud hosting security controls in support of large-scale business services including operational use of cloud scripting / automation tools to deploy, manage, and confirm controls.
• Min 2 years of experience as a lead security engineer for one or more cloud hosted enterprise business systems (HR/Payroll, financials, ERP, retirement, etc.)

Preferred Qualifications

• Min 2 years of experience in Security controls design and implementation for enterprise PeopleSoft HCM solution deployed in an internally managed cloud hosting environment.

Skills and Abilities
Required Qualifications

• Expert interpersonal communication skills with the ability to work effectively with both technical and non-technical personnel at various levels in the organization.
• Expert experience using IT security systems and tools.
• Demonstrated skills applying security controls to computer software and hardware.
• Demonstrated skill at administering complex security controls and configurations to computer hardware, software and networks.
• Expert knowledge of data encryption technologies and demonstrated experience selecting and applying appropriate data encryption technologies.
• Demonstrated knowledge of secure hardware, software and network design techniques.
• Demonstrated skill at analyzing and preventing security incidents of high complexity.
• In-depth knowledge of computer hardware, software and network security issues and approaches.
• Expert knowledge of IT security and demonstrated skill in the design and development of diverse and complex security policies and procedures.
• Experience interfacing with upper management on a regular basis.
• Recognized as subject matter expert.
• Experience with API security for enterprise business systems and related tools and technologies (e.g. Mulesoft)
• Direct experience securing large-scale AWS hosted workloads.

Preferred Qualifications

• Advanced experience in incident response and digital forensics including reporting.
• Thorough knowledge of other areas of IT and In-depth knowledge and understanding of department and Office of the President processes and procedures.
• Experience leading a team of IT professionals.
• Experience with secure deployment of HR/Payroll add-on tools and services (e.g. Pathlock, chatbots, Salesforce, etc.)
• Direct experience securing Oracle PeopleSoft HCM and PeopleTools in a cloud hosting environment.

Education
Required Qualifications

• Bachelor's degree in related area and / or equivalent experience / training

Preferred Qualifications

• Master's degree in Computer Science, Cybersecurity, or related field

Licenses and Certifications
Preferred Qualifications

• CISSP, CISM, SABSA, AWS Security Specialty, or equivalent.

Job Title
IT Security Analyst 5 TX
Job Code
000663
Salary Grade
Grade 27
Approved Payscale:
$190,000 - $215,000

ADDITIONAL INFORMATION
This position is eligible for a remote work arrangement within the state of California. The selected candidate must reside within the state of California or be willing to relocate.

HOW TO APPLY
Please be prepared to attach a cover letter and resume with your application.

APPLICATION REVIEW DATE
The first review date for this job is(2/27/2026). The position will be open until filled.