Information Security Incident Handler
Position Type: Permanent Staff
Department: ITS - Information Security - 602000
Appointment Type: EHRA Non-Faculty
Vacancy ID: NF0002974
Position Summary: The Information Security Incident Handler assists with the coordination of information security activities and collaborates among divisions within the University to ensure that information systems are implemented in accordance with a) the mission of UNC-Chapel Hill, b) information security best practices and c) University Policy and Federal and State laws and regulations. This position primarily focuses on incident handling and forensic analysis. Primary duties include: - Managing information security incident responses in keeping with existing policies, protocols and procedures - Conducting digital forensics examinations utilizing a variety of tools - Assessing and reporting on the nature and scope of compromises Additional duties include: - Supporting information security compliance efforts - Processing security-related requests via the Remedy Request for Service application change control - Consuming, distributing and producing security research - Performing risk analysis - Conducting information security systems analysis - Functioning as a member of the information security team on security projects This position calls for a high level of integrity, good judgement, knowledge concerning issues of privacy and confidentiality, excellent oral and written communication skills, ability to work as an independent, productive, responsible, self-motivated member of a team in high pressure situations while maintaining a calm, customer-friendly perspective. The position requires occasional participation in the 24/7 on-call rotation and other team-shared duties such as business hours telephone coverage.
Application Deadline: 03/27/2018
Education Requirements: Bachelor's degree in Computer Science, Computer Engineering or an Information Security degree or closely related field from an appropriately accredited institution; or Bachelor's degree from an appropriately accredited institution and one year of experience in IT Security or closely related area; or an Associate's degree in Information Systems Security from an appropriately accredited institution and two years of experience in IT Security or closely related area; or an equivalent combination of education and experience. Bachelor's Degree preferred.
Qualification and Experience: Required: Experience in an information security role with incident handling and forensic analysis experience. Experience in all aspects of incident response, incident handling and forensic analysis Preferred: Demonstrated Technical Skills Desired: - Operating systems knowledge and systems administration skills for various flavors of Linux/UNIX, Windows and other operating systems - Experience providing information security related services and support for cloud services such as Office 365, AWS and/or other cloud services - Handling security incidents and response in a large multi-platform environment - Familiarity with vulnerability management tools and processes - Experience with analyzing malware and network attacks - Experience in the evaluation of new technology and security threats as they arise - Experience providing security services for customers working with HIPAA regulated data and systems - Familiarity with information security best practices, related laws and regulation relevant to information security - Experience Providing IT services in higher education Interpersonal Skills Desired: - Good judgment with the ability to form logical approaches consistent with information security best practices in response to information security events, while providing excellent customer service - A high level of integrity, excellent judgement and knowledge concerning issues of privacy - Ability to work as an independent, productive, responsible, self-motivated and collegial member of a team, to build strong rapport and working relationships with colleagues and stakeholders - Ability to work calmly and effectively. Proven ability to make well-reasoned decisions in high pressure situations while maintaining an objective and independent point of view - Excellent oral and written communication skills including the ability to effectively communicate complex concepts, policies, and procedures to individuals with a wide range of expertise and backgrounds - Ability to manage time-sensitive security challenges as they arise, effectively utilizing work and project plans to manage deadlines - Persuasion, negotiation, and the ability to understand and implement cultural change - Formal training in law enforcement forensics science training and/or hands on investigations and/or experience serving as a law enforcement officer (LEO) - Creativity to recognize and address new threats and security challenges as they arise and the ability to quickly develop advanced technical skills and knowledge Other Preferred Skills or Certifications: - Professional certifications such as CISSP, GCIH, GCFA, GREM, EnCE, ACE (AccessData) or other information security certifications are highly desired
Equal Opportunity Employer: The University of North Carolina at Chapel Hill is an equal opportunity and affirmative action employer. All qualified applicants will receive consideration for employment without regard to age, color, disability, gender, gender expression, gender identity, genetic information, national origin, race, religion, sex, sexual orientation, or status as a protected veteran.
Department Contact Name and Title:
Department Contact Telephone Number or Email: