Incident Response Team Lead

UNC-Chapel Hill, United States

Updated: almost 2 years ago
Location: Chapel Hill, NORTH CAROLINA
Deadline: 23 May 2022

Classification Title:
Incident Response Team Lead  
Working Title:
Incident Response Team Lead  
Campus:
UNC-Chapel Hill  
Region:
Piedmont/Triangle  
Job Summary:
Information Technology Services' mission is to accelerate the University's academic and research pursuits by providing accessible, reliable, efficient, scalable, and innovative technologies that enable faculty, students, and staff to realize their goals of leading breakthrough change to improve society and help solve the greatest problems for our state, our nation, and our global community.The Information Security & Identity Management division manages the University's Information Security Office and Identity Management. The Security Office is responsible for coordinating and ensuring that information security across the University is consistent with industry best practices and the University's compliance obligations. Identity Management (IdM) identifies individuals within an enterprise or group and defines and controls the access they have to information and resources within a computer network based on their roles and circumstances.Under the direction of the Information Security Operations Manager and the Chief Information Security Officer, the Information Security Incident Response Team Lead works in collaboration with other members of the Information Security Office, and with IT support units across campus (and often in collaboration with peers at affiliate organizations) to support an information security program that is consistent with the University's mission, accordant with information security best practices, and compliant with University policies. In addition, in the course of their work, the Information Security Incident Response Team Lead must be prepared to analyze the above program, work collaboratively to clarify any issues, and escalate any apparent conflicts between the current program and other requirements such as the following: Federal and State laws, University policy, regulations, and contracts, including HIPAA, FERPA, the NC State Personnel Act, the HITECH Act, the Gramm-Leach-Bliley Act, the US Patriot Act, the North Carolina Identity Theft Protection Act, Payment Card Industry (PCI) contractual requirements and FDA regulations concerning data from medical and human subject studies, as well as others.The Information Security Incident Response Team Lead along with the other member of the Operations and Incident Handling Team prepares for, identifies, contains, eradicates, recovers from, and documents information security events. This individual works collaboratively and frequently with the Privacy Office, information technology staff in other units, and members of the campus community. This individual regularly reviews and supports improvements to policies, procedures, and technologies associated with incident response. This individual continually improves the University's ability to both detect and recover from threats to sensitive data and critical applications. This individual helps support our Information Security Liaisons program. This individual possesses a high level of integrity, demonstrates good judgement, understands expectations of privacy, is self-motivated, works well with and is trusted by peers, demonstrates excellent written and spoken communications, and maintains a calm demeanor in challenging situations.The Information Security Incident Response Team Lead collaborates with peers as a member of the ISO team but also frequently leverages leadership skills collaborating with the other member of the team, participating in ad hoc teams associated with projects or incidents in a university environment. The position participates in shared group responsibilities including an on-call rotation (the team provides 24x7x365 service for emergencies) as well as group telephone, incident tickets and email response duties.  
Minimum Qualifications:
* 2+ years in Information Security.* Information security training and/or certifications is a plus, especially CISSP, GCFE, GCIH, CEH, or FTK ACE* Experience handling incidents or leading incident response* Experience managing endpoint detection and response* Experience working at a college or university* Experience collaborating with subject matter experts* Experience analyzing log data, threat hunting, and/or using a security information and event manager* Excellent written and spoken communication skillsMaster's and 1-2 years' experience; or Bachelors and 2-4 years' experience; or will accept a combination of related education and experience in substitution.  
Position Number:
NF0005876  
Posting Date:
04/20/2022  
Closing Date:
05/23/2022
American Recovery & Reinvestment Act Funded:
 

Apply Now  

Similar Positions