Information Security Incident Handler
The University’s Information Security Office oversees the security of the University’s electronic information. The Information Security Office is responsible for coordinating and ensuring Information Security across the University in a manner that is consistent with industry best practices and the University’s compliance obligations. To meet these objectives, the Information Security Office develops information security policies and oversees the implementation of strategic information security initiatives for the University
The Information Security Incident Handler assists with the coordination of information security activities and collaborates among divisions within the University to ensure that information systems are implemented in accordance with a) the mission of UNC-Chapel Hill, b) information security best practices and c) University Policy and Federal and State laws and regulations. This position primarily focuses on incident handling and forensic analysis.
Primary duties include:
• Managing information security incident responses in keeping with existing policies, protocols and procedures
• Conducting digital forensics examinations utilizing a variety of tools
• Assessing and reporting on the nature and scope of compromise
Additional duties include:
• Supporting information security compliance efforts
• Processing security-related requests via the Remedy “Request for Service” application
• Change control
• Consuming, distributing and producing security research
• Performing risk analysis
• Conducting information security systems analysis
• Functioning as a member of the information security team on security projects
This position calls for a high level of integrity, good judgement, knowledge concerning issues of privacy and confidentiality, excellent oral and written communication skills, ability to work as an independent, productive, responsible, self-motivated member of a team in high pressure situations while maintaining a calm, customer-friendly perspective.
The position requires occasional participation in the 24/7 on-call rotation and other team-shared duties such as business hours telephone coverage.
• Professional experience providing information security related services and functions. Working knowledge of information security best practices.
The following experience is also preferred:
Demonstrated Technical Skills Preferred but Not Required:
• Systems administration for various flavors of Linux/UNIX, Windows and other operating systems
• Experience with security incident response, handling and forensic analysis
• Experience providing information security related services and support for cloud services such as Office 365, AWS and/or other cloud services
• Handling security incidents and response in a large multi-platform environment
• Familiarity with vulnerability management tools and processes
• Experience with analyzing malware and network attacks
• Experience in the evaluation of new technology and security threats as they arise
• Experience providing security services for customers working with HIPAA regulated data and systems
• Familiarity with information security best practices, related laws and regulation relevant to information security
• Experience providing IT services in higher education
Interpersonal Skills Preferred but Not Required:
• Ability to work as an independent, productive, responsible, self-motivated and collegial member of a team, to build strong rapport and collegial working relationships with coworkers and stakeholders
• Strong organizational skills, time management and reliability, excellent communication skills
• Good judgment with the ability to form logical approaches consistent with information security best practices in response to information security events, while providing excellent customer service
• A high level of integrity, excellent judgement and knowledge concerning issues of privacy
• Ability to work calmly and effectively. Proven ability to make well-reasoned decisions in high pressure situations while maintaining an objective and independent point of view
• Excellent oral and written communication skills including the ability to effectively communicate complex concepts, policies, and procedures to individuals with a wide range of expertise and backgrounds
• Ability to manage time-sensitive security challenges as they arise, effectively utilizing work and project plans to manage deadlines
• Formal training in law enforcement forensics science training and/or hands on investigations and/or experience serving as a law enforcement officer (LEO)
• Creativity to recognize and address new threats and security challenges as they arise and the ability to quickly develop advanced technical skills and knowledge
Other Preferred Skills or Certifications:
• NIST 800-61
• Professional certifications such as CISSP, GCIH, GCFA, GREM, EnCE, ACE (AccessData) or other information security certifications are highly desired
Bachelor’s Degree preferred. Bachelor’s degree in Computer Science, Computer Engineering or an Information Security degree or closely related field from an appropriately accredited institution; or Bachelor’s degree from an appropriately accredited institution and one year of experience in IT Security or closely related area; or an Associate’s degree in Information Systems Security from an appropriately accredited institution and two years of experience in IT Security or closely related area; or an equivalent combination of education and experience.
Information Technology Services: http://its.unc.edu/
Interested applicants must go to the UNC-CH job search page to apply for this position:
The University of North Carolina at Chapel Hill is an equal opportunity and affirmative action employer. All qualified applicants will receive consideration for employment without regard to age, color, disability, gender, gender expression, gender identity, genetic information, national origin, race, religion, sex, sexual orientation, or status as a protected veteran.