Information Security Analyst

April 2020 - May 2021 (Summer Preferred)

This position provides an excellent learning opportunity for students who may be new to working within an IT setting. We provide extensive training for all new staff around technical concepts, troubleshooting strategies, and customer service skills that they will need in the position. We encourage applicants who may have limited IT experience, but who are eager to grow, to apply!


InfoSec Team

Learn more about the Information Security team

The Interview

What to Expect

Candidates will meet with a panel of current staff, including the SAIT Security Supervisor, Lead Information Security Analyst, and/or other SAIT career or student staff. The interview will last about one hour and will include general questions about your experiences and ideas about information security, working with clients, project management, and selected technical concepts relevant to the role. Candidates will also be asked to bring an unofficial transcript to verify that they meet the minimum GPA requirement.

Sample interview questions

  • Give an example of a presentation on a technical topic that you might present differently to different audiences. What specifically are some of the key differences?
  • Describe a time you completed a technical project. What were some of the key challenges, and what were your solutions to those challenges?
  • Choose one of the following concepts and tell us what you know about it: firewalls, cross-site scripting, whitelisting/blacklisting.
  • You are auditing the security of the piece of software that stores user login information. What are some things you would look for and write about in your report?

About the Team

The Information Security team enforces UC Berkeley's information security policies with the goal of maintaining network security and protecting the privacy of student and other sensitive data. Through scanning of systems and security reviews for applications and systems, the team ensures security standards for servers and workstations are met. The team also collaborates with other teams in SAIT to promote safe computing practices and awareness for both students and staff.

Terms of Employment

  • Must be a currently enrolled UC Berkeley student with a minimum GPA of 2.0.
  • Period of employment begins in April 2020 and runs through at least May 2021.
  • Offer is contingent upon successful clearance of:
    • Criminal background check
  • Must be available to work:
    • Academic Year 2019-20: 8-12 hours per week
    • Summer (preferred): 20/40 hours/week, with up to 2 weeks off with advnace supervisor approval
    • In response to emergency situations that may occur at any time on any day
  • Must attend the following: All-STS Staff Orientation on August 25, 2020 (10AM-3PM)
  • Continued employment is contingent upon satisfactory job performance evaluation by supervisor(s).

Job Description

Proactively Works to Improve the Security Posture of SAIT and its Clients
  • Responds promptly to possible threats and security incidents, coordinating with the appropriate people, teams, and resources.
  • Presents SAIT's security training to both technical and non-technical audiences.
  • Analyzes and presents SAIT's security landscape to both technical and non-technical audiences using supported findings and building necessary tools along the way
  • Analyzes network traffic and vulnerability scans to help align SAIT goals with the best security practices
  • When applicable, conducts penetration testing of software and services to ensure they meet campus security standards
Collaborates with the Information Security Team and Other Staff
  • Assists in supporting security-centered educational programs and awareness among SAIT staff and students.
  • Works with other teams to accomplish Student Affairs - Information Technologies (SAIT) security goals.
  • Acts as a resource for other students and staff, especially for security-related matters.
  • Provides regular progress updates to supervisors and the team.
  • Assists in hiring and training new staff.
Examples of Projects and Daily Tasks
  • Respond to a real or potential security incident, including monitoring, analysis and escalation, as well as blocking and/or removal of potentially compromised devices from the network.
  • Give presentations on security topics for student and career staff as needed, such as different methods of authentication.
  • Manage automated processes such as intrusion detection system alerts and system scans.
  • Coordinate with the Unix Operations team to set up a server for pentesting a service. 
  • Assist with collection and/or maintenance of inventory information for the purpose of protecting devices, data, and applications.
  • Other duties as assigned.

What You'll Learn on the Job

  • Working in a team environment
  • Interacting with colleagues from every generation
  • Emergency incident response and planning
  • Penetration testing techniques, tools, and related skills
  • Appropriate balance of planning and flexibility

Required Qualifications

  • Familiarity with or strong willingness to learn about basic information security concepts (e.g. firewalls, threat analysis, etc.)
  • Strong presentation and customer service skills, with the ability to engage diverse audiences and adapt communication style
  • Strong attention to detail, organizational skills, analytical and problem solving skills, and ability to complete routine processes required for security integrity
  • Interest in teaching, mentoring, or training others (including those who do not have a technical background)
  • Ability to complete work assignments autonomously and within the context of a team
  • Ability and motivation to learn new technologies quickly and with limited supervision

Preferred Qualifications

  • Knowledge of security tools, including vulnerability scanners and intrusion detection systems
  • Understanding of any of the following: firewall management and configuration, basic web technologies, and/or computer networking, internet architecture and protocols
  • Familiarity with at least one scripting/programming language
  • Experience in teaching or training others
  • Experience writing documentation