Information Security Incident Handler
The ITS, Information Security Office is broadly responsible for the security of the University of North Carolina at Chapel Hill (UNC-CH) network and attached computing devices. The Information Security Office (ISO) provides guidance and resources to prevent and respond to computer security incidents, to comply with various Federal and State privacy and security laws and regulations and to comply with contracts that include information security requirements. The ISO unit also leads information security initiatives to protect the University’s information, including intellectual property, as well as clinical, research and personal information.
The Information Security Specialist (Information Security Incident Handler) assists with the coordination of information security activities and collaborates among divisions within the University to ensure that information systems are implemented in accordance with a) the mission of UNC-Chapel Hill, b) information security best practices and c) University Policy and Federal and State laws and regulations. This position primarily focuses on incident handling and forensic analysis.
Primary duties will include:
• Managing incident response in keeping with existing policies, protocols and procedures
• Conducting digital forensics examinations utilizing a variety of tools
• Assessing and reporting on the nature and scope of compromises
Additional duties will include:
• Supporting information security compliance efforts
• Processing security-related help tickets via the Remedy “Request for Service” application
• Consuming, distributing and producing security research
• Performing risk analysis
• Performing vulnerability testing
• Conducting information security systems analysis
• Functioning as a member of the information security team on security projects
The position requires participation in the 24/7 on-call rotation and other team-shared duties such as business hours telephone coverage.
This position calls for a high level of integrity, good judgment, knowledge concerning issues of privacy and confidentiality, excellent oral and written communication skills, ability to work as an independent, productive, responsible, self-motivated member of a team in high pressure situations while maintaining a calm, customer-friendly perspective.
Experience in an information security role with significant incident handling and forensic analysis experience.
Demonstrated Technical Skills Desired:
• Experience in incident handling and forensic analysis, ideally in large multi-platform environments.
• Operating systems knowledge and systems administration skills for various flavors of UNIX, Windows and other operating systems.
• Familiarity with vulnerability management tools and processes.
• Experience with analyzing network attacks.
• Experience with malware analysis.
• Experience in the evaluation of new technology and security threats as they arise.
• Familiarity with information security best practices and related laws.
• Familiarity with law and regulation relevant to information security.
• Law enforcement forensics science training and/or hands on investigations and/or experience as a law enforcement officer (LEO)
Interpersonal Skills Desired:
• Good judgment with an ability to form logical approaches consistent with information security best practices in response to information security events, while providing excellent customer service.
• Persuasion, negotiation, and the ability to understand and implement cultural change.
• A high level of integrity, excellent judgment and knowledge concerning issues of privacy.
• Ability to work as an independent, productive, responsible, self-motivated member of a team.
• Excellent oral and written communication skills including the ability to effectively communicate complex concepts, policies, and procedures to individuals with a wide range of expertise and backgrounds.
• Ability to work calmly and effectively. Must be able to make well-reasoned decisions in high pressure situations.
• Ability to maintain a well-reasoned, objective, and independent point of view.
• Ability to manage time-sensitive security challenges as they arise, effectively utilizing work and project plans to manage deadlines.
• Creativity to recognize and address new threats and security challenges as they arise.
Other Preferred Skills or Certifications:
Professional certifications such as CISSP, GCIH, GCFA, GREM, EnCE, ACE (AccessData) or other information security certifications are highly desired.
Interested applicants must go to the UNC-CH job search page to apply for this position:
The University of North Carolina at Chapel Hill is an equal opportunity and affirmative action employer. All qualified applicants will receive consideration for employment without regard to age, color, disability, gender, gender expression, gender identity, genetic information, race, national origin, religion, sex, sexual orientation, or status as a protected veteran.