Senior Information Security Analyst- Incident Response
The University of Texas System
September 14, 2018
Full Time - Experienced
To be considered for this position, please visit our web site at http://www.utsystem.edu/careers click on Full Time Opportunities. Then click on "Search and Apply Here" and reference job number 4010. Applications are accepted through our online application system only.
Job ID: 4010
Location: Austin, TX
Full/Part Time: Full-Time
Earliest Start Date
Salary commensurate with experience
Hours per Week
40.00 Standard - Flexible schedule
Office of Information Security
Please note that our online application allows you to upload only a single document when applying for a position. Please review required documents section in the job posting and combine your resume and other required documents (such as cover letter or references) into a PDF or Word document. Upload this combined document when the system requests you to upload a resume.
Required Application Materials
A resume is required in order to apply.
A letter of interest is required in order to apply.
A list of 3 professional references is required in order to apply.
In order to be considered, applicants must have uploaded all required materials in a combined document and must have completed all sections in their on-line application.
Purpose of Position
Provide consultative services for information security to the eight academic and six healthcare institutions in The University of Texas System, particularly with regards to incident response plans and execution. Deliver and extend services developed by U. T. System to participating institutions.
Perform incident response and forensic investigations.
Be a Subject Matter Expert (SME) for Incident Response, ensuring issues are triaged and addressed.
Leverage threat intelligence to ensure proactive detection and mitigation of known threats.
Proficiency in creating relevant Standard Operation Procedures and Incident Response Playbooks.
Lead cyber incident response as required.
Liaise with incident response and digital forensics vendors.
Work with UT entities to identify and address gaps in institution’s information security infrastructure and Incident Response capabilities.
Collaboratively assists in the development of information security policies, standards, procedures, and processes associated with UT entities information security programs.
Evaluates and recommends improvements to information security.
Other duties as assigned.
Bachelor’s degree in a related field plus 4 years of IT security related experience or an equivalent combination of education and experience. Ability to travel up to 40 percent is required.
Certified Information Systems Security Professional (CISSP) or other security related certifications.
Analysis experience and operational understanding of network equipment, network services, and network/system monitoring tools.
Analysis experience and operational understanding of one or more major operating systems (Microsoft Windows, Linux, or Mac).
Familiar with federal and state regulatory requirements for ensuring information security compliance with applicable laws such as HIPAA, PCI, TAC 202, FERPA, and/or NIST compliance.
Demonstrated experience in identifying the root cause of an incident and recognize the key elements to investigate to get to the root cause of an incident.
Experience with forensic processes and procedures (chain of custody, computer acquisition techniques, and memory acquisition techniques).
Experience using forensics tools such as EnCase, FTK, SleuthKit, WireShark, TCPDump, Volatility, etc.
Experience with complicated incident response scenarios potentially involving 3rd party vendors, cyber liability insurance providers, etc.
Experience managing or running at least two of the following: SIEM, Enterprise Security Event Log Management, Forensics tools, Endpoint Detection and Response (EDR), Malware Analysis and Reverse Engineering.
Experience working with threat intelligence partners and converting it into actionable signatures, detection techniques and policies is preferred.
Experience with at least one of the common scripting languages like bash, python, ruby etc.
Knowledge, Skills, & Abilities
Knowledge of general attack stages (e.g., foot printing and scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks, etc.).
Knowledge of different operational threat environments (e.g., first generation [script kiddies], second generation [non-nation state sponsored], and third generation [nation state sponsored]).
Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, PL/SQL and injections, replay, return-oriented attacks, and malicious code).
Technical knowledge of operating systems, defense-in-depth concepts, networks, security related technologies, and security configurations.
Excellent organization, communications, analytical, and troubleshooting skills.
Good communication skills and ability to prioritize work independently while working as a member of a geographically distributed team.
Strong documentation and project management skills.
Strong leadership skills including experience managing a team or individuals.
Able to evaluate issues and develop solutions. Self-starter with strong interpersonal and conflict management skills.
May work around standard office conditions.
Repetitive use of a keyboard at a workstation.
Position requires occasional evening or weekend hours.
The retirement plan for this position is Teacher Retirement System of Texas (TRS), subject to the position being at least 20 hours per week and at least 135 days in length.
Complete all sections on the application, including highest level of education, college degrees (if applicable), references and all questions on the application questionnaire. If you are applying for the first time make sure to complete all biographical information including address, email and phone. You may update this at any time by selecting to edit your profile in the application.
Security sensitive; conviction verification conducted on applicant selected.
The University of Texas System Administration is an Equal Opportunity/ Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability, veteran status or sexual orientation. Reasonable disability accommodation may be requested by contacting the Office of Human Resources.
Internal Number: Job ID: 4010
About The University of Texas System
For more than 130 years, The University of Texas System has been committed to improving the lives of Texans and people all over the world through education, research and health care. The University of Texas System is one of the nation’s largest systems of higher education, with 14 institutions that educate more than 217,000 students. Each year, UT institutions award more than one-third of all undergraduate degrees in Texas and almost two-thirds of all health professional degrees. With about 20,000 faculty – including Nobel laureates – and more than 70,000 health care professionals, researchers, student advisors and support staff, the UT System is one of the largest employers in the state. University of Texas institutions are setting the standard for excellence in higher education and will continue do so thanks to our generous donors and the leadership of the Chancellor, the Board of Regents and UT presidents.