Experience:
0-1 years of experience
Concerned about your lack of experience? Learn More...
Employment Type:
Full time
Posted:
1/19/2016
Job Category:
Information Services
Information Technology (Information Security...
(This job is no longer available)
loading
loading
School
Major
Grad Date
 
 

Not sure what types of jobs you are interested in?


Explore Jobs
Based on Your Education

Follow This Company
Share

Job Description

Duties and Responsibilities

As a member of the UH Information Security Team, helps develop, implement & maintain the system-wide information security program that supports research, academic & administrative use of IT resources in a distributed/decentralized computing environment.

Educates, advises and trains staff on approaches for ensuring the security of the university's networks, systems and data in both face-to-face settings and in distance-delivered environments.

Develop & maintain online security education materials including development of web pages, video/audio recordings, managed instructional materials in a learning management system (i.e. Sakai); includes providing materials/training for targeted audiences.

Develop and manage content on social media platforms to enhance security awareness and promote participation in related department events and activities.

Develop and coordinate 'security-themed' events such as informational fairs, workshops, conferences including identifying and scheduling of location venues, speakers, etc.

Actively promotes security awareness among university faculty, staff and students.

Assists with implementation, dissemination and enforcement of new & existing policies and guidelines related to information technology security issues.

Assists with implementation & administration of appropriate sensitive information handling and storage policies & procedures, including awareness and educational programs for protection of sensitive information.

Reviews technology and information policies for continued applicability, effectiveness and for compliance with any new federal, state or local regulations as directed by senior information security staff.

Provides technical advice, problem-solving assistance, and answers to questions regarding the information security program, policies, standards and procedures.

Assists in the ongoing evaluation and development of IT Security policies, standards, procedures, and best practices.

Participates in the development and maintenance of university-wide information security policies and practices.

Promotes 'best practices' regarding security of data, network and systems.

Monitors security trends, technological developments and emerging practices in the IT industry and higher education.

As directed by senior information security staff, performs remote and on-site vulnerability scans of data networks and computing devices using commercial or open source vulnerability scanning tools and reviews reports for threats and vulnerabilities.

As directed by senior information security staff, assists with quantitative and qualitative information risk and vulnerability assessments to identify deficiencies in security and assists with the development and implementation of remediation plans.

Assesses security procedures, including identity management, to determine risk and vulnerability & for compliance with federal, state, local and university regulations.

Continually assesses and reports on computer systems, networks and data security risks within the University technology environment.

Under the direction of senior Information security staff, participates in security incident responses & investigations, including any emergency situations, and provides remediation support.

Implement and maintain appropriate processes for reporting security violations to appropriate reporting authorities.

Assists with analyses and investigations of reports of inappropriate use of technology and institutional/personal information, any alleged computer or network security compromises, and assists with the reporting and resolution of such incidents.

Interacts with students, staff, and faculty and their respective governance authorities & judicial processes to resolve complaints and issues related to appropriate use of technology and institutional/personal information.

Under the direction of senior staff, participates in the network architecture design, & capacity planning for new products and technologies associated with information security in cooperation with ITS network engineering and operations teams.

Assists with projects concerning the evaluation and implementation of security-related technologies.

Continually monitor the security threat landscape for any threats that may seriously impact the university.

Works with system and network administrators to correct security related vulnerabilities and events when detected.

Manage & monitor security hardware & applications in cooperation with Information Technology Services (ITS) staff.

Perform other related duties as directed by senior information security staff, VP IT & CIO, AVP IT & Deputy CIO, General Counsel and/or other UH system administrators.

Other duties as assigned.

Minimum Qualifications

As typically acquired/evidenced by pertinent baccalaureate educational degree and 0 year(s) of progressively responsible professional information technology experience with responsibilities for information security/information assurance; or IT with an emphasis in information security/information assurance; possession of the following competencies in technical knowledge, critical thinking skills, communication skills and interpersonal skills:

Functional knowledge of information security/information assurance/or related fields demonstrated by knowledge, understanding and ability to apply principles, concepts, methodology and terminology.

Functional knowledge and understanding of technology, systems, hardware and software associated with information security/information assurance.

Functional knowledge of information security methodologies/concepts/current practices/threat landscape.

Functional knowledge of current information security technologies and tools.

Functional knowledge of computer forensics and investigative techniques.

Functional knowledge of information security related standards and federal, state and local regulations.

Demonstrated ability to recognize problems, identify possible causes and resolve routine problems.

Demonstrated ability to understand oral and written documentation, write reports and procedures, and communicate effectively in a variety of situations.

Demonstrated ability to establish and maintain effective working relationships with internal and external organizations, groups, team members and individuals.

Demonstrated ability to combine and apply skill sets from many areas of IT.

Demonstrated ability to speak, read, comprehend, interpret and write fluently in English.

Demonstrated ability to establish and maintain effective working relationships in a positive, service-oriented manner with others.

Demonstrated ability to work cooperatively with supervisor, project staff, and customers in a team environment to accomplish tasks and meet deadlines.

Demonstrated ability to understand and follow oral and written instructions and documentation, write reports and procedures, and communicate effectively in a variety of situations.

Demonstrated ability to learn and apply new technologies independently and in a timely manner using books, manuals, online research, and other resources.

Demonstrated ability to develop effective training materials.

Demonstrated ability to conduct effective in-person training/workshops.

Demonstrated ability to use and manage social media accounts.

Experience with systems and network hardware and administration.

Experience with scripting/programming languages used to develop open source tools.

Working knowledge of HTML/CSS.

Ability to work a variable work schedule; and work outside normally scheduled work hours including day, night, weekend and/or holiday hours as directed.

Any equivalent combination of education and/or professional work experience which provides the required education, knowledge, skills and abilities as indicated.

Desirable Qualifications

Working knowledge of common Internet protocols and applications.

Working knowledge of TCP/IP protocols and analysis.

Working knowledge of web server administration.

Certifications related to the information security area (CISSP, GIAC/GSEC, CISM, etc.).

To Apply:

Submit cover letter indicating how you satisfy the minimum and desirable qualifications,