Network Analyst II, Security Operations

Staff - Non Union

Job Category M&P - AAPS Job Profile AAPS Salaried - Information Systems and Technology, Level D Job Title Network Analyst II, Security Operations Department UBC IT | Network | Operations Compensation Range $8,305.08 - $12,952.33 CAD Monthly

The Compensation Range is the span between the minimum and maximum base salary for a position. The midpoint of the range is approximately halfway between the minimum and the maximum and represents an employee that possesses full job knowledge, qualifications and experience for the position. In the normal course, employees will be hired, transferred or promoted between the minimum and midpoint of the salary range for a job.

Posting End Date June 5, 2025

Note: Applications will be accepted until 11:59 PM on the Posting End Date.

Job End Date

At UBC, we believe that attracting and sustaining a diverse workforce is key to the successful pursuit of excellence in research, innovation, and learning for all faculty, staff and students. Our commitment to employment equity helps achieve inclusion and fairness, brings rich diversity to UBC as a workplace, and creates the necessary conditions for a rewarding career.

Job Summary

The Network Analyst II, Security Operations position is part of the UBC IT NETwork and Infrastructure Services Team. This Team is responsible for supporting and growing the University’s large and complex Enterprise Data Network. UBC’s Date network is a key pillar of UBC’s Operational needs and it spans multiple UBC campuses (400+ buildings), Lower Mainland teaching hospitals, various satellite UBC sites, and UBC’s Cloud Presence. The successful candidate will be responsible for the Cybersecurity hardening of UBC network assets related to the large Cisco-based Enterprise Campus Data Network. Assets range from core Cisco network equipment (routers, firewall appliances, DNS servers, etc) to network operational servers (Plixer, AKIPS, Procera, SolarWinds, etc), and Cloud Networking. Duties may include Network related security investigation, recommendations, incident reviews, OS patching/upgrades, automation processes for security hardening

network security reviews, writing reports, collaboration with UBC CyberSecurity Team, etc. The position will have both project and operational network security responsibilities.

The Network Analyst II, Security Operations is responsible for designing, developing, implementing, configuring, automating, and maintaining network security solutions to meet the evolving security and business needs of the organization. This role provides advanced technical expertise in monitoring, detecting, and mitigating security threats while ensuring compliance with modern network security principles, including zero trust architecture.

This position leads initiatives to enhance security configurations, optimize performance monitoring, and improve capacity management across both on-premises and hybrid cloud environments. The Network Analyst II also plays a key role in supporting UBC’s external network connections, including the BCNET backbone, and contributes to the continuous enhancement of network detection and response (NDR) capabilities.

A fixed work schedule is set for this role, but flexibility is required as some work must be performed outside regular business hours. The position may be required to act in an on-call capacity in the event of a cybersecurity incident or major service disruption.

Organizational Status
Reports to the Manager, Network and Infrastructure Services. Works independently and collaboratively with UBC IT teams, the Cybersecurity team, and other relevant stakeholders across academic and administrative units. Interfaces with technology professionals from other institutions, research communities, and industry partners.

Work Performed

• Design and develop Network Security solutions that align with the UBC Cybersecurity guidelines. Integrating these new solutions with existing systems and solutions. Collaborating with vendors to ensure solutions will not impact operations.
• Collaborate with the Cybersecurity Group to address vulnerabilities related to network devices reported by the vendors and 3rd parties, follow security advisories/recommendations, and perform or coordinate patches and upgrades accordingly.
• Analyze network systems to assess the overall security risks, ensuring conformity with UBC Cybersecurity guidelines, up-to-date patching, and develop network policies or rules in order to best protect the network systems.
• Manage and troubleshooting firewall rules & ACLs on the firewall and routers protecting the network infrastructure and operations.
• Monitor and analyze Logs/Alerts specifically related to security of internal network infrastructure devices. Develop, recommend, and undertake mitigation steps to proactively reduce Cybersecurity risks related to logs/alerts.
• Support UBC IT Cybersecurity Initiatives and NMC/CI Network Projects by ensuring secure network operations and documentation.
• Leads small and medium sized network specific security projects and initiatives.
• Generates reports using CAASM to identify system vulnerabilities and security concerns. Design and develop mitigation steps to address any such identified vulnerabilities or concerns.
• Perform system administration tasks on Linux systems, including user account management, patching, and system updates to enhance security and performance.
• Implements fixes independently where possible or devises a strategic plan for patching, collaborating with colleagues as needed.
• Maintain up-to-date knowledge on emerging security threats and vulnerabilities, proactively alerting the team to any issues requiring immediate attention.
• Manage, update, and patch network security tools, and perform operational and security incident response using these tools.
• Review CrowdStrike reports to identify security vulnerabilities and system gaps, ensuring accurate detection of potential risks. If related to network scope, design and develop mitigation plans to address vulnerabilities and gaps.
• Perform remediation of issues identified in CrowdStrike reports and, when needed, collaborated with system administrators to implement security measures and strengthen system defenses.
• Proactively manage privileged access management (PAM) systems, ensuring devices and accounts are configured correctly and compliant with established policies.
• Develop, deploy and maintain automated security patching processes using tools like Ansible Tower, automate Linux server configurations and security patches, reducing manual efforts and ensuring consistency across systems.
• Develop, implement and maintain automated pre- and post-upgrade checks to validate the health of server VMs and network devices, allowing for automatic rollbacks if issues are detected. This ensures network reliability during maintenance windows.
• Modify existing Ansible playbooks to accommodate evolving requirements and security standards. Create new playbooks when necessary to automate additional tasks or enhance security measures.

Core Duties

• Collaborates with internal teams such as the Cybersecurity Team, Systems Team, Cloud Architecture Team, and other relevant departments to determine the necessary technical support for network systems, including monitoring network activity, troubleshooting, and diagnosing network security related issues. Design and develop any resulting required network security measures.
• Works closely with cross-functional teams to ensure that UBC’s network infrastructure aligns with the organization's hybrid cloud security architecture and implements layered security controls for applications and data, ensuring seamless integration and adherence to security policies.
• Recommends and implements network security procedures, patching, OS upgrades and predetermined software or hardware changes to rectify any security issues.
• Contributes to the security architecture by deploying firewalls, NDR, micro-segmentation, and network access control (NAC) technologies to enhance both internal and external network security.
• Develops, manage and maintain the automation environment by developing and troubleshooting Ansible workflows for security patching, system configuration, and network upgrades. Maintain a centralized script repository (e.g., a Git repository) with version control and approval processes to ensure security, compliance, and efficiency.

Consequence of Error/Judgement
Effective network security is essential for UBC’s ability to deliver secure services across the university community. Decisions made by the Network Analyst II directly impact UBC’s ability to defend against security threats, ensure system availability, and maintain compliance with security standards. Errors in judgment or failure to act promptly could lead to security breaches, operational disruptions, reputational damage, and financial losses.

Supervision Received
Works under the general direction of the Manager, Network and Infrastructure Services. Exercises a high degree of initiative and autonomy in security-related decision-making and problem-solving. Receives guidance on strategic objectives but is expected to function independently on most tasks and projects.

Supervision Given
Provides mentorship and technical guidance to junior network analysts and security team members. May lead small to medium-sized projects and coordinate efforts with cross-functional teams within UBC IT.

Minimum Qualifications
Undergraduate degree in a relevant discipline. In-depth knowledge of applications and the business requirements supporting them. Minimum of five years of related experience, or the equivalent combination of education and experience.

- Willingness to respect diverse perspectives, including perspectives in conflict with one’s own

- Demonstrates a commitment to enhancing one’s own awareness, knowledge, and skills related to equity, diversity, and inclusion

Preferred Qualifications

• Minimum of five years of hands-on experience managing network security operations, including Cisco firewalls, VPNs, Linux systems, Cisco routers/switches and network detection and response (NDR) tools.
• Strong knowledge of network protocols, Layer 2 (STP) and Layer 3 (OSPF, BGP) routing, and security best practices.
• Demonstrated experience with security automation using Ansible, Python, Bash, or PowerShell.
• Experience with incident response, security event correlation, and risk assessments.
• Industry certifications such as CISSP, CEH, CCNP Security, or equivalent are preferred.
• Strong problem-solving, analytical thinking, and communication skills.
• Ability to work independently and collaboratively in a fast-paced security operations environment.
• Ability to face challenges and learn new knowledge and skills.

Key Competencies and Behaviors

Takes initiative - Actively participates in team interactions. Without waiting to be asked, constructively expresses own point of view or concerns, even when it may be unpopular. Ensures that the limited time available for collaboration adds significant customer value and business results.

Communication for Results - Converses with, and writes to, peers in ways that support transactional and administrative activities. Seeks and shares information and opinions. Explains the immediate context of the situation, asks questions with follow-ups, and solicits advice prior to taking action.

Problem Solving - Investigates defined issues with uncertain cause. Solicits input in gathering data that help identify and differentiate the symptoms and root causes of defined problems. Suggests alternative approaches that meet the needs of the organization, the situation, and those involved. Resolves problems and escalates issues with suggestions for further investigation and options for consideration as required.

Analytical Thinking - Collates and reports information. Identifies trends and exceptions. Investigates to define problems more accurately. Sorts information in order of importance. Identifies relationships and linkages between components. Identifies variable potential causes and effects. Solicits guidance to define criteria and assign values of importance and urgency. Escalates issues of an exceptional nature.

Information Systems Knowledge - Possesses an intermediate understanding of the strategy, structures, processes, and procedures of the enterprise in its relationship with the business and its activities. Troubleshoots in response to requests for technical support. Identifies problems and needs. Escalates problems to appropriate technical experts.

Thoroughness - Performs tasks according to quality and output standards. Takes initiative to ensure that outcomes meet internal and external customer requirements. Solicits feedback on performance in new tasks. Measures accuracy using performance metrics. Sets improvement standards to reduce errors, omissions, and oversights.