Hawaiian Electric Company - Honolulu, HI
posted 5 months ago
The Senior Information Assurance Analyst position at Hawaiian Electric Company is a critical role within the Information Assurance Department, specifically focusing on Security Architecture and Vulnerability Management. This position reports directly to the Information Assurance Manager and is designed for professionals who are not only experienced but also passionate about information security. The role involves mentoring other team members on Information Security Architecture reviews and risk and control assessments, which includes developing detailed plans and requirements for security controls and monitoring solutions for information systems. The analyst will provide consulting-level expertise in various functions of the Information Assurance department, including the development of information security policies and standards, information risk management, and ensuring compliance with both information technology (IT) and operational technology (OT) standards. Additionally, the role requires coordination of ongoing compliance reviews with Process Area representatives and the development of practices and procedures to ensure cost-effective information security and IT controls are in place. In the area of Vulnerability Management, the Senior Information Assurance Analyst will also serve as a mentor, guiding the team in program development, coordination, and reporting. This includes supporting information security risk assessments and recommending mitigating controls for IT and OT projects. The analyst will assist in managing various security and compliance programs, such as privacy, e-discovery, security awareness training, and vulnerability remediation. The position also entails supporting the review and approval processes for IT policies and procedures necessary to meet the company's compliance requirements, including Sarbanes-Oxley (SOX) and privacy regulations. Furthermore, the analyst will play a role in IT business continuity planning, disaster recovery planning, and participate in emergency response activities as assigned. The ideal candidate will possess a deep understanding of computer networking concepts, risk management processes, cybersecurity principles, and the legal landscape surrounding cybersecurity and privacy. They will be skilled in conducting vulnerability scans, assessing security systems, and utilizing various tools and techniques for penetration testing and threat detection. With a minimum of 7 years of experience in a relevant field, the candidate should also hold certifications such as CISSP, CISM, or CAP, which are highly preferred. This position not only offers a competitive salary range of $105,600 to $137,100 but also provides an opportunity to contribute to the safety and security of the Hawaiian Electric Companies, which serve a significant portion of the state's population.