Cybersecurity SIEM Engineer

#CA-FT

This position will primarily be responsible for the Security Information and Event Management (SIEM) platform. Playing a critical role in collecting, analyzing, and correlating security logs and events from diverse sources across our organization to proactively identify potential threats, ensure compliance, and enhance our overall security posture. The expertise of this role will be key in developing and tuning security rules, alerts, and dashboards to provide actionable insights for our security operations team, and partner IT teams.

Apply By Date: May 26, 2025 at 11:59pm. Selection activities may start at any time.

Minimum Qualifications - For full consideration, applicants are encouraged to upload license and/or certification if required of the position

• A bachelor's degree in computer science, information technology, cybersecurity, or a related field or equivalent work experience and/or relevant certifications
• 5+ years of experience in a SIEM engineering or security operations engineering role
• Experience with automation frameworks and tools (e.g., Ansible, Terraform, Jenkins, CI/CD)
• Experience integrating and ingesting logs from various sources: Windows, Linux, firewalls, proxies, cloud platforms (AWS, Azure, GCP).
• Experience with API integrations and webhooks for data ingestion and alert forwarding
• Experience with SIEM data governance, data retention policies, and secure data handling practices
• Experience integrating threat intelligence feeds with SIEM systems and participating in incident response activities
• Strong scripting or programming skills (e.g., Python, Bash, PowerShell)
• Proven hands-on experience with Elastic Stack (Elasticsearch, Logstash, Kibana, Beats) in a security context
• Knowledge of network protocols, operating system internals, and common attack techniques (MITRE ATT&CK, SIGMA rules)
• Knowledge of cloud-native security tooling and telemetry (e.g., AWS CloudTrail, GuardDuty, Azure Defender)
• The ability to analyze complex security logs, identify patterns, and troubleshoot issues
• Excellent communication and collaboration skills

Preferred Qualifications

• Familiarity with HIPAA, HITRUST, and healthcare-specific compliance requirements
• Experience working in large-scale, distributed environments, ideally in a healthcare
• Experience with SOAR platforms, case management tools, or custom alert triaging workflows
• Exposure to cloud-native security tooling and telemetry (e.g., AWS CloudTrail, GuardDuty, Azure Defender)

Key Responsibilities

• 75% - SIEM Management
• 15% - Incident Response Support
• 10% - IT Infrastructure Support

Department Overview

The UC Davis Health Cybersecurity team is dedicated to safeguarding institutional data, critical infrastructure, and operational technology within the UC Davis Health System organization. Taking a proactive and comprehensive approach to protecting the organization from cyber risks. Employing best practices, robust security controls, and education of the workforce, to strengthen the overall security posture and resilience of the enterprise.

POSITION INFORMATION

• Salary or Pay Range: $8,283.33 - $16,366.67
• Salary Frequency: Monthly
• Salary Grade: Grade 25
• UC Job Title: IT SCRTY ANL 4
• UC Job Code: 000661
• Number of Positions: 1
• Appointment Type: Staff: Career
• Percentage of Time: 100
• Shift (Work Schedule): Variable
• Location: UCDHAS Building (HSP165)
• Union Representation: 99 - Non-Represented (PPSM)
• Benefits Eligible: Yes
• This position is hybrid (mix of on-site and remote work)
• This position is not an H-1B visa opportunity.

Benefits

Outstanding benefits and perks are among the many rewards of working for the University of California. UC Davis offers a full range of benefits, resources and programs to help you bring your best self to work, as well as to help you and your family achieve your health, wellness, financial and career goals. Learn more about the benefits below and eligibility rules by visiting either our handy Benefits Summary for UC Davis Health Employees or Benefits Summary for UC Davis Employees and our Benefits Page.

If you are represented by a union, benefits are negotiated between the University of California (UC) and your union and finalized in a contract. Read your bargaining unit's employment contract, stay abreast of current negotiations and learn about collective bargaining at UC: https://ucnet.universityofcalifornia.edu/labor/bargaining-units/index.html

* High quality and low-cost medical plans to choose from to fit your family's needs
* UC pays for Dental and Vision insurance premiums for you and your family
* Extensive leave benefits including Pregnancy and Parental Leave, Family & Medical Leave
* Paid Holidays annually as stipulated in the UC Davis Health Policies or Collective Bargaining Agreement
* Paid Time Off/Vacation/Sick Time as stipulated in the UC Davis Health Policies or Collective Bargaining Agreement
* Continuing Education (CE) allowance and Education Reimbursement Program as stipulated in the UC Davis Health Policies or Collective Bargaining Agreement
* Access to free professional development courses and learning opportunities for personal and professional growth
* WorkLife and Wellness programs and resources
* On-site Employee Assistance Program including access to free mental health services
* Supplemental insurance offered including additional life, short/long term disability, pet insurance and legal coverage
* Public Service Loan Forgiveness (PSFL) Qualified Employer & Student Loan Repayment Assistance Program for qualified roles
* Retirement benefit options for eligible roles including Pension and other Retirement Saving Plans. More information on our retirement benefits can be found here

Physical Demands

• Standing - Frequent 3 to 6 Hours
• Walking - Frequent 3 to 6 Hours
• Sitting - Frequent 3 to 6 Hours
• Lifting/Carrying 0-25 Lbs - Occasional Up to 3 Hours
• Pushing/Pulling 0-25 Lbs - Occasional Up to 3 Hours
• Bending/Stooping - Occasional Up to 3 Hours
• Squatting/Kneeling - Occasional Up to 3 Hours
• Keyboard use/repetitive motion - Occasional Up to 3 Hours

Mental Demands

• Sustained attention and concentration - Frequent 3 to 6 Hours
• Complex problem solving/reasoning - Frequent 3 to 6 Hours
• Ability to organize & prioritize - Frequent 3 to 6 Hours
• Communication skills - Frequent 3 to 6 Hours
• Numerical skills - Occasional Up to 3 Hours
• Constant Interaction - Occasional Up to 3 Hours
• Customer/Patient Contact - Occasional Up to 3 Hours
• Multiple Concurrent Tasks - Frequent 3 to 6 Hours

Work Environment

UC Davis is a smoke and tobacco free campus effective January 1, 2014. Smoking, the use of smokeless tobacco products, and the use of unregulated nicotine products (e-cigarettes) will be strictly prohibited on any UC Davis owned or leased property, indoors and outdoors, including parking lots and residential space.

Special Requirements - Please contact your recruiter with questions regarding which activities apply by position

• This is a critical position, as defined by UC Policy and local procedures, and as such, employment is contingent upon clearing a criminal background check(s) and may include drug screening, medical evaluation clearance and functional capacity assessment

Misconduct Disclosure Requirement: As a condition of employment, the final candidate who accepts a conditional offer of employment will be required to disclose if they have been subject to any final administrative or judicial decisions within the last seven years determining that they committed any misconduct; received notice of any allegations or are currently the subject of any administrative or disciplinary proceedings involving misconduct; have left a position after receiving notice of allegations or while under investigation in an administrative or disciplinary proceeding involving misconduct; or have filed an appeal of a finding of misconduct with a previous employer.

A Culture of Opportunity and Belonging

At UC Davis, we're committed to solving life's most urgent challenges and building a healthier, more resilient world. We believe in growing through every challenge, continually striving to improve, and welcoming new perspectives that strengthen our community. We recognize that a vibrant and innovative organization values both individual strengths and shared purpose. The best ideas often emerge when people with different experiences come together.

As you consider joining UC Davis, we invite you to explore our Principles of Community, our Clinical Strategic Plan and strategic vision for research and education. We believe you belong here. The University of California, Davis is an Equal Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, age or protected veteran status.

To view the University of California's Anti-Discrimination Policy, please visit: https://policy.ucop.edu/doc/1001004/Anti-Discrimination

Because we want you to feel seen and valued, our recruitment process at UC Davis supports openness and authenticity. Research shows that some individuals hesitate to apply unless they meet every qualification. You may be an excellent fit for this role-or the next one. We encourage you to apply even if your experience doesn't match every listed requirement. #YouBelongHere

To learn more about our background check program, please visit: https://hr.ucdavis.edu/departments/recruitment/ucd/selection/background-checks