Work at UH Advertisement

Information Technology (Information Security Specialist)
Position Number:
Hiring Unit:
Information Technology Services/Office of the VP for IT/CIO
Date Posted:
June 29, 2018
Closing Date:
July 18, 2018
Additional Salary Information:
Salary commensurate with education and experience.
Full Time/Part Time:
Full Time
General Funds

Duties and Responsibilities
  1. As a member of the UH Information Security Team, develops, implements & maintains the system-wide information security program that supports academic & administrative use of IT resources in a distributed/decentralized computing environment.
  2. Reviews UH policies/procedures/information security program and maps to existing laws and regulations for compliance and effectiveness; identify gaps and provide remediation recommendations in line with current UH initiatives.
  3. Monitors regulatory and legal landscape for any new laws/regulations that could impact UH.
  4. Assists with implementation, dissemination and enforcement of new & existing policies and guidelines related to information technology security issues.
  5. Provides technical advice, problem-solving assistance, and answers to questions regarding the information security program, policies, standards and procedures.
  6. Monitors security trends, technological developments and emerging practices in the IT industry and higher education.
  7. Promotes awareness & educates, advises and trains the UH community on approaches for ensuring the security & compliance of the university’s networks, systems and data with federal, state, local regulations and laws.
  8. Participates in the network architecture design, and capacity planning for new products and technologies associated with information security in cooperation the ITS network engineering and operations teams.
  9. Assists with projects concerning the evaluation and implementation of security-related technologies.
  10. Continually monitor the security threat landscape for any threats that may seriously impact the university.
  11. Works with system and network administrators to correct security related vulnerabilities and events when detected.
  12. Configure, manage and maintain servers used for security applications.
  13. Manage & monitor security hardware & applications in cooperation with Information Technology Services (ITS) staff.
  14. As a member of the Information Security Team, participates in security incident responses & investigations, including any emergency situations, and provides remediation support.
  15. Implement and maintain appropriate processes for reporting security violations to appropriate reporting authorities.
  16. Assists with analyses and investigations of reports of inappropriate use of technology and institutional/personal information, any alleged computer or network security compromises, and assists with the reporting and resolution of such incidents.
  17. Interacts with students, staff, and faculty and their respective governance authorities & judicial processes to resolve complaints and issues related to inappropriate use of technology and institutional/personal information.
  18. Participates in quantitative and qualitative information risk and vulnerability assessments to identify deficiencies in security and assists with the development and implementation of remediation plans.
  19. Performs system and network audits using remote and on-site vulnerability scans of data networks and computing devices using commercial or open source vulnerability scanning tools and reviews reports for threats and vulnerabilities.
  20. Assesses security procedures, including identity management, to determine risk and vulnerability & for compliance with federal, state, local and university regulations.
  21. Informs departments as to the proper procedures to use to be in compliance with policies, procedures, regulations & laws.
  22. Continually assesses and reports on computer systems, networks and data security risks within the University technology environment.
  23. Perform other related duties as directed by the Chief Information Security Officer, VP IT & CIO, General Counsel and/or other UH Officers or UH senior administrators.
  24. Other duties as assigned.
Minimum Qualifications
  1. Possession of a pertinent baccalaureate educational degree in Information and Computer Sciences or Information Security and/or Digital Forensics and 5 years of progressively responsible professional information technology experience with responsibilities for Information Security, of which 2 years of the experience must have been comparable in scope and complexity to the next lower payband in the University of Hawai'i broadband system; or equivalent education/training or experience.
  2. Considerable working knowledge of Information Security as demonstrated by the broad knowledge and understanding of the full range of pertinent standard and evolving information technology concepts, principles and methodology.
  3. Considerable working knowledge and understanding of the broad technology, systems, hardware and software associated with Information Security.
  4. Considerable knowledge of information security related standards.
  5. Considerable knowledge of federal, state and local regulations related to information security, privacy and higher education.
  6. Considerable knowledge of federal, state and local regulations related to information security, privacy and higher education.
  7. Considerable working knowledge of current information security technologies and tools.
  8. Considerable working knowledge of computer forensics and investigative techniques.
  9. Considerable experience programming in Perl/PHP or other scripting/programming languages used to develop open source tools.
  10. Demonstrated ability to recognize a wide range of intricate problems, use reasoning and logic to determine accurate causes, and apply principles and practices to determine, evaluation, integrate, and implement practical and thorough solutions in an effective and timely manner.
  11. Demonstrated ability to interpret and present information and ideas clearly and accurately in writing, verbally and by preparation of reports and other materials.
  12. Demonstrated ability to establish and maintain effective working relationships with internal and external organizations, groups, team leaders and members, and individuals.
  13. Demonstrated ability to combine and apply skill sets from many areas of IT.
  14. Demonstrated ability to speak, read, comprehend, interpret and write fluently in English.
  15. Demonstrated ability to establish and maintain effective working relationships in a positive, service-oriented manner with others.
  16. Demonstrated ability to work cooperatively with supervisor, project staff, and customers in a team environment to accomplish tasks and meet deadlines.
  17. Demonstrated ability to understand and follow oral and written instructions and documentation, write reports and procedures, and communicate effectively in a variety of situations.
  18. Demonstrated ability to learn and apply new technologies independently and in a timely manner using books, manuals, online research, and other resources.
  19. Experience with systems and network hardware and administration.
  20. Working knowledge of common Internet protocols and applications.
  21. Working knowledge of TCP/IP protocols and analysis.
  22. Ability to travel out-of-state.
  23. Ability to work a variable work schedule; and work outside normally scheduled work hours including day, night, weekend and/or holiday hours as directed.
  24. For supervisory work, demonstrated ability to lead subordinates, manage work priorities and projects, and manage employee relations.
  25. Any equivalent combination of education and/or professional work experience which provides the required education, knowledge, skills and abilities as indicated.
Desirable Qualifications
  1. Certifications related to the information security area (e.g. CISSP, GIAC/GSEC, CISM, etc.)
  2. Working knowledge of web server administration and HTML/CSS.
  3. Working knowledge of configuring and implementing technical security solutions.
  4. Ability to supervise student employees.
  5. Ability to manage multiple projects.
  6. Ability to develop effective training materials.

To Apply:
Visit and search for Position Number 80006 to submit an application.
  1. 808-956-9098;

The University of Hawaiʻi is an equal opportunity/affirmative action institution and is committed to a policy of nondiscrimination on the basis of race, sex, gender identity and expression, age, religion, color, national origin, ancestry, citizenship, disability, genetic information, marital status, breastfeeding, income assignment for child support, arrest and court record (except as permissible under State law), sexual orientation, domestic or sexual violence victim status, national guard absence, or status as a covered veteran.

Employment is contingent on satisfying employment eligibility verification requirements of the Immigration Reform and Control Act of 1986; reference checks of previous employers; and for certain positions, criminal history record checks.

In accordance with the Jeanne Clery Disclosure of Campus Security Policy and Campus Crime Statistics Act, annual campus crime statistics for the University of Hawaii may be viewed at:, or a paper copy may be obtained upon request from the respective UH Campus Security or Administrative Services Office.

In accordance with Article 10A of the unit 08 collective bargaining agreement, bargaining unit members receive priority consideration for APT job vacancies. As a result, external or non BU 08 applicants may not be considered for some APT vacancies. BU 08 members with re-employment rights or priority status are responsible for informing the hiring unit of their status.