[unisog] Job posting: Information Security Specialist

[Kevin Lanning]

Job posting at UNC-Chapel Hill
Information Security Office

Apply at hr.unc.edu


Position Title:      SYSTEMS SPECIALIST
Working Title:     Information Security Specialist
Position Category:     Information Technology
Position Number:     0055900
Salary Grade/Range:     BAND III / $50,000 - $109,200
FT/PT:     Full Time
Hours Per Week:     40
Permanent/Time Limited:     Permanent
Department Name:     Information Technology Svcs.
Department Number:     3103
Date First Posted:     05/15/2008
Closing Date:     06/17/2008
Location:     Chapel Hill

Minimum Education and Experience:
The specialist band requires a foundation of knowledge and skills in 
area of specialization generally obtained from graduating from a 
four-year college or university with a major in information technology, 
computer science, or a closely related field and three years of 
experience in operations analysis and design, systems programming, or a 
closely related field. Experience in the field of work related to the 
position's role may be substituted on a year-for-year basis. Special 
note: This position may exclusively require a bachelor's degree in a 
discipline related to the specific functions of the job. Please refer to 
the "Essential Skills, Knowledge and Abilities" section of this posting 
for more detailed information.

Essential Skills, Knowledge and Abilities:
PLEASE NOTE: All positions have moved to a new Career Banding 
compensation program. For additional information, please refer to our 
website at http://hr.unc.edu/Data/SPA/paysystems/careerbanding/. 
Specific competencies are required for the different banded levels and 
roles. This position is being recruited for at the Advanced Competency 
Level under this Career Banding program. The hiring range is $75,000 - 
$92,000. Salary Grade equivalent - 84.

Preferred Qualifications:
The Information Specialist assists with the coordination of information 
security activities and collaborates among divisions within the 
University to ensure that information systems are implemented in 
accordance with a) the mission of UNC-Chapel Hill, b) information 
security best practices and c) University Policy and Federal and State 
laws and regulations. Duties include support for incident response, 
assisting with firewall changes, processing security-related help 
tickets via the Remedy "Request for Service" application, security 
research, risk analysis, penetration testing, auditing, development of 
security related systems, utilization of a variety of information 
security tools, and serving as project manager in some security 
projects. The position involves participation in the on-call rotation 
for ITS, Information Security and responding when on-call within the 
guidelines defined for ITS, Information Security in UNC-Chapel Hill's 
Remedy help application. This position desires a high level of 
integrity, excellent judgment, knowledge concerning issues of privacy 
and confidentiality, excellent oral and written communication skills, 
ability to work as an independent, productive, responsible, 
self-motivated member of a team in high pressure situations while 
maintaining a calm, customer friendly perspective. This position 
strongly desires both significant technical skills and interpersonal 
skills. Desired skills: " Good judgment with an ability to form logical 
approaches consistent with information security best practices in 
response to information security events. " Persuasion, negotiation, and 
the ability to understand and implement cultural change. " A high level 
of integrity, excellent judgment and knowledge concerning issues of 
privacy. " Ability to work as an independent, productive, responsible, 
self-motivated member of a team. " Excellent oral and written 
communication skills including the ability to effectively communicate 
complex concepts, policies, and procedures to individuals with a wide 
range of expertise, interests, and background. " Ability to work calmly 
and effectively. Ability to make well-reasoned decisions in pressure 
situations. " Ability to maintain a well-reasoned objective, and an 
independent point of view. " Ability to work on several concurrent tasks 
and adjust priorities in a timely fashion. " Ability to manage time 
sensitive security challenges as they arise, effectively utilizing work 
and project plans to manage deadlines. " Creativity to recognize and 
address new threats and security challenges as they arise. Technical 
skills strongly desired: " Extensive experience in either log analysis 
or in performing computer forensic investigations. " Experience managing 
or responding to information security incidents in a large heterogeneous 
environment. " Experience in information security, ideally in large 
multi-platform environments. Knowledge and experience derived from an 
extensive background in information systems are required at the most 
senior technical level. " Vulnerability Management experience " 
Familiarity with authentication, authorization, and non-repudiation 
products in a networked environment. " Advanced systems administration 
skills for various flavors of UNIX and/or Windows. " Familiarity with 
vulnerability management tools and processes.. " Experience in computer 
intrusion analysis and investigation, computer forensic tools, evidence 
preservation, and network monitoring. " Experience with analyzing 
network attacks. " Experience in the evaluation of new technology and 
security threats as they arise. " Experience with common intrusion 
detection and prevention systems. " Familiarity with information 
security best practices and related laws. " Project Management skills 
Other Preferred Skills " Computer forensics " Secure application 
programming experience * On-call rotation required

Special Physical/Mental Requirements:

Position/Work Schedule Requirements:     M-F 800 - 500