HAWAIIAN ELECTRIC CO.
Information Assurance Analyst - Security Architecture / Vulnerability Management
HAWAIIAN ELECTRIC CO., Honolulu, Hawaii, United States, 96814
Information Assurance Analyst - Security Architecture / Vulnerability Management
Company:
hawaiianelWe recognize our competitive advantage -- our people. We believe in our people, who share our vision of meeting the needs of our employees, customers, and communities and who carry out the continued success of the company.Our employees are committed to the company's foundational values: integrity, excellence, teamwork, environmental stewardship, and community commitment. In turn, we invest in our employees, providing opportunities for challenge and advancement and offering a competitive compensation package.BRIEF POSTING DESCRIPTION:The PEJ INFORMATION ASSURANCE Department of the INFORMATION ASSURANCE Division at Hawaiian Electric Company has 3 Management vacancies available.JOB FUNCTION (Security Architecture):Performs assessments of systems and networks within the network environment or enclave and identifies where those systems/networks deviate from acceptable configurations, policies, or guidance. Measures effectiveness of defense-in-depth architecture against known vulnerabilities.Assists with risk assessments, and development of security architecture solutions for information technology (IT), operational technology (OT), grid technologies and cloud services.Supports development of detailed plans and requirements for information systems’ security controls and security monitoring solutions.Conducts ongoing compliance reviews; assists in developing practices to ensure adequate information security and IT controls.ESSENTIAL FUNCTIONS:Performs information security risk assessments and recommends mitigating controls and solutions for IT and Operations Technology (OT) projects and applications.Assists with the system assessments for conformance with configuration control, policy, and guidance.Assists with program development and management for privacy, e-discovery, security awareness training, digital forensics, vulnerability remediation, and other security and compliance programs.Performs miscellaneous administrative roles such as schedule development, information tracking, updating deliverables and other work assigned.Supports the Company’s business continuity planning, IT disaster recovery planning, cybersecurity incident response planning and team (CS-IMT), with occasional on-call support.Participates in Company emergency response activities as assigned.BASIC QUALIFICATIONS:Knowledge RequirementsComputer networking concepts and protocols, and network security methodologies.Risk management processes (e.g., methods for assessing and mitigating risk).Cybersecurity and privacy principles and organizational requirements.Laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.Cyber threats and vulnerabilities.Cryptography and cryptographic key management concepts.Data backup and recovery concepts.Host/network access control mechanisms.Network access, identity, and access management.Traffic flows across the network.Programming language structures and logic.System and application security threats and vulnerabilities.Network attacks and their relationship to both threats and vulnerabilities.System administration, network, and operating system hardening techniques.Different classes of attacks.Different cyber attackers.Different cyber-attack stages.Network security architecture concepts.Specific operational impacts of cybersecurity lapses.Security models.Ethical hacking principles and techniques.Penetration testing principles, tools, and techniques.Skills RequirementsConducting vulnerability scans and recognizing vulnerabilities in security systems.Assessing the robustness of security systems and designs.Detecting host and network-based intrusions via intrusion detection technologies.Use of penetration testing tools and techniques.Use of social engineering techniques.Use of network analysis tools to identify vulnerabilities.Reviewing logs to identify evidence of past intrusions.Conducting application vulnerability assessments.Developing insights about the context of an organization’s threat environment.Collaborating with teammates and other employees.Communicating effectively in writing and verbally.Experience RequirementsEntry Level:1-3 years of experience in Systems administration, basic cyber analysis/operations, cyber threats, risk management, network management, IT system design, cloud deployment or wireless networking.Associates Degree or equivalent work experience in Computer science, cybersecurity, information technology, software engineering, information systems, computer engineering.Obtain within the first six months of employment one or more relevant certifications.4-7 years of experience in information assurance, incident handling, risk management, vulnerability management and analysis.Bachelor’s degree (or higher) in relevant fields.One or more relevant certifications.Role:Number of Vacancies:
3Work Schedule:
Monday - FridayHiring Range:
$85,700.00 to $109,300. The person selected will be placed according to his/her skills and qualifications.About Hawaiian Electric CompaniesHawaiian Electric Companies provide electricity and services to 95 percent of the state's 1.4 million residents.Interested individuals should apply online. The application must clearly indicate the demonstrated experience/knowledge/skills/abilities the candidate possesses which specifically qualifies him/her for the position.EEO StatementHawaiian Electric Companies is an equal employment opportunity/affirmative action employer. We actively seek diversity among our employees.
#J-18808-Ljbffr
Company:
hawaiianelWe recognize our competitive advantage -- our people. We believe in our people, who share our vision of meeting the needs of our employees, customers, and communities and who carry out the continued success of the company.Our employees are committed to the company's foundational values: integrity, excellence, teamwork, environmental stewardship, and community commitment. In turn, we invest in our employees, providing opportunities for challenge and advancement and offering a competitive compensation package.BRIEF POSTING DESCRIPTION:The PEJ INFORMATION ASSURANCE Department of the INFORMATION ASSURANCE Division at Hawaiian Electric Company has 3 Management vacancies available.JOB FUNCTION (Security Architecture):Performs assessments of systems and networks within the network environment or enclave and identifies where those systems/networks deviate from acceptable configurations, policies, or guidance. Measures effectiveness of defense-in-depth architecture against known vulnerabilities.Assists with risk assessments, and development of security architecture solutions for information technology (IT), operational technology (OT), grid technologies and cloud services.Supports development of detailed plans and requirements for information systems’ security controls and security monitoring solutions.Conducts ongoing compliance reviews; assists in developing practices to ensure adequate information security and IT controls.ESSENTIAL FUNCTIONS:Performs information security risk assessments and recommends mitigating controls and solutions for IT and Operations Technology (OT) projects and applications.Assists with the system assessments for conformance with configuration control, policy, and guidance.Assists with program development and management for privacy, e-discovery, security awareness training, digital forensics, vulnerability remediation, and other security and compliance programs.Performs miscellaneous administrative roles such as schedule development, information tracking, updating deliverables and other work assigned.Supports the Company’s business continuity planning, IT disaster recovery planning, cybersecurity incident response planning and team (CS-IMT), with occasional on-call support.Participates in Company emergency response activities as assigned.BASIC QUALIFICATIONS:Knowledge RequirementsComputer networking concepts and protocols, and network security methodologies.Risk management processes (e.g., methods for assessing and mitigating risk).Cybersecurity and privacy principles and organizational requirements.Laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.Cyber threats and vulnerabilities.Cryptography and cryptographic key management concepts.Data backup and recovery concepts.Host/network access control mechanisms.Network access, identity, and access management.Traffic flows across the network.Programming language structures and logic.System and application security threats and vulnerabilities.Network attacks and their relationship to both threats and vulnerabilities.System administration, network, and operating system hardening techniques.Different classes of attacks.Different cyber attackers.Different cyber-attack stages.Network security architecture concepts.Specific operational impacts of cybersecurity lapses.Security models.Ethical hacking principles and techniques.Penetration testing principles, tools, and techniques.Skills RequirementsConducting vulnerability scans and recognizing vulnerabilities in security systems.Assessing the robustness of security systems and designs.Detecting host and network-based intrusions via intrusion detection technologies.Use of penetration testing tools and techniques.Use of social engineering techniques.Use of network analysis tools to identify vulnerabilities.Reviewing logs to identify evidence of past intrusions.Conducting application vulnerability assessments.Developing insights about the context of an organization’s threat environment.Collaborating with teammates and other employees.Communicating effectively in writing and verbally.Experience RequirementsEntry Level:1-3 years of experience in Systems administration, basic cyber analysis/operations, cyber threats, risk management, network management, IT system design, cloud deployment or wireless networking.Associates Degree or equivalent work experience in Computer science, cybersecurity, information technology, software engineering, information systems, computer engineering.Obtain within the first six months of employment one or more relevant certifications.4-7 years of experience in information assurance, incident handling, risk management, vulnerability management and analysis.Bachelor’s degree (or higher) in relevant fields.One or more relevant certifications.Role:Number of Vacancies:
3Work Schedule:
Monday - FridayHiring Range:
$85,700.00 to $109,300. The person selected will be placed according to his/her skills and qualifications.About Hawaiian Electric CompaniesHawaiian Electric Companies provide electricity and services to 95 percent of the state's 1.4 million residents.Interested individuals should apply online. The application must clearly indicate the demonstrated experience/knowledge/skills/abilities the candidate possesses which specifically qualifies him/her for the position.EEO StatementHawaiian Electric Companies is an equal employment opportunity/affirmative action employer. We actively seek diversity among our employees.
#J-18808-Ljbffr