Hawaiian Electric
Senior Information Assurance Analyst - Oahu
Hawaiian Electric, Honolulu, Hawaii, United States, 96814
Overview
Senior Information Assurance Analyst - Oahu Date: Sep 15, 2025 Location: Honolulu, Hawaii (HI), US, 96813 Company: hawaiianel Posting End Date: This position will remain open until filled. Early applications are encouraged. Brief posting description:
The P EJ INFORMATION ASSURANCE Department of the P INFORMATION ASSURANCE Division at Hawaiian Electric Company has 1 Management vacancy available. (Role: Professional) Responsibilities
Oversees or performs the assessments of Company systems and networks and identifies deviations from cybersecurity policies, acceptable configurations, or guidance. Provides consulting-level knowledge and expertise for the Information Assurance (IA) division, including development and enforcement of cybersecurity policies & standards, cybersecurity risk management, IT and OT compliance, and secure integration of grid technologies and cloud services. Supports development of detailed plans and provides requirements for information systems’ security controls and security monitoring solutions. Performs security control reviews to validate that designed controls operate effectively. Develops policies, standards, and procedures to ensure that security controls are adequately designed. Essential Functions
Performs cybersecurity assessments and provides security control requirements for IT and OT projects, including externally hosted applications and grid technology projects. Develops and manages programs for privacy, e-discovery, security awareness training, digital forensics, patch management, vulnerability remediation, and other security and compliance programs. Supports detailed review and approval processing for policies, processes, and procedures necessary to support the Company’s cybersecurity and compliance requirements. Ensures that internal controls, processes, practices, and standards are developed, maintained, and tested to meet policy and compliance requirements. Supports business continuity planning, disaster recovery planning, and the Company’s Cybersecurity Incident Management Team (CS-IMT), with occasional on-call support. Participates in Company emergency response activities as assigned. BASIC QUALIFICATIONS
Knowledge Requirements Computer networking concepts and protocols, and network security methodologies. Risk management processes (e.g., methods for assessing and mitigating risk). Cybersecurity and privacy principles and organizational requirements (confidentiality, integrity, availability, authentication, non-repudiation). Laws, regulations, policies, and ethics related to cybersecurity and privacy. Cyber threats and vulnerabilities. Cryptography and cryptographic key management concepts. Data backup and recovery concepts. Host/network access control mechanisms (e.g., ACLs). Network access, identity, and access management (PKI, OAuth, OpenID, SAML, SPML). Network traffic concepts (TCP/IP, OSI, ITIL). Programming language structures and logic. System and application security threats and vulnerabilities (e.g., XSS, injections, race conditions, malware). Network attack concepts and their relation to threats and vulnerabilities. System administration, network, and operating system hardening techniques. Different classes of attacks (passive, active, insider, etc.). Different cyber attackers (script kiddies, insider threat, state-sponsored, etc.). Cyber-attack stages (reconnaissance, scanning, enumeration, access, privilege escalation, maintenance, etc.). Network security architecture concepts including topology, protocols, components, and defense-in-depth. Security models (Bell-LaPadula, Biba, Clark-Wilson). Ethical hacking principles and techniques. Pentration testing principles, tools, and techniques. Conceptual knowledge of NIST, ISO 27000 series, OWASP, and other security frameworks/standards. Conceptual knowledge of utility business and related OT systems (SCADA, DCS). Skills Requirements Conducting vulnerability scans and recognizing vulnerabilities in security systems. Assessing the robustness of security systems and designs. Detecting intrusions via intrusion detection technologies (e.g., Snort). Mimicking threat behaviors. Use of penetration testing tools and techniques. Use of social engineering techniques (phishing, baiting, tailgating). Use of network analysis tools to identify vulnerabilities (fuzzing, nmap). Reviewing logs to identify evidence of past intrusions. Conducting application vulnerability assessments. Performing impact/risk assessments. Developing insights about the organization’s threat environment. Collaborating with teammates and other employees. Communicating effectively in writing and verbally. Analytical skills, independent judgment, and ability to work toward consensus in a complex business environment. Ability to operate autonomously with minimal direction. Experience & Certifications
Advanced (7-10 years) analysis and/or leadership experience in a multi-level service or consulting organization, preferably in IT, application security, network security, or quality assurance. Information security experience is required. One or more of the following certifications (others will be considered): CISSP CISM CISA GSLC CCSP SSCP Role: Professional Number of Vacancies: 1 Location: Honolulu – Oahu Hiring Range: The hiring range for the Senior Information Assurance Analyst position is $107,700.00 to $139,800.00. The person selected will be placed according to skills and qualifications. About Hawaiian Electric
Hawaiian Electric Companies provide electricity and services to 95 percent of the state’s 1.4 million residents. The company is a major employer and contributor to community and educational programs. Application Instructions
Interested individuals should apply online. The application must clearly indicate the demonstrated experience/knowledge/skills/abilities the candidate possesses which specifically qualifies them for the position. EEO Statement: Hawaiian Electric Companies is an equal opportunity employer, including disability and protected veteran status. Reasonable accommodation during the application process should be communicated to the HR Service Center at (808) 543-4848. Nearest Major Market: Honolulu
#J-18808-Ljbffr
Senior Information Assurance Analyst - Oahu Date: Sep 15, 2025 Location: Honolulu, Hawaii (HI), US, 96813 Company: hawaiianel Posting End Date: This position will remain open until filled. Early applications are encouraged. Brief posting description:
The P EJ INFORMATION ASSURANCE Department of the P INFORMATION ASSURANCE Division at Hawaiian Electric Company has 1 Management vacancy available. (Role: Professional) Responsibilities
Oversees or performs the assessments of Company systems and networks and identifies deviations from cybersecurity policies, acceptable configurations, or guidance. Provides consulting-level knowledge and expertise for the Information Assurance (IA) division, including development and enforcement of cybersecurity policies & standards, cybersecurity risk management, IT and OT compliance, and secure integration of grid technologies and cloud services. Supports development of detailed plans and provides requirements for information systems’ security controls and security monitoring solutions. Performs security control reviews to validate that designed controls operate effectively. Develops policies, standards, and procedures to ensure that security controls are adequately designed. Essential Functions
Performs cybersecurity assessments and provides security control requirements for IT and OT projects, including externally hosted applications and grid technology projects. Develops and manages programs for privacy, e-discovery, security awareness training, digital forensics, patch management, vulnerability remediation, and other security and compliance programs. Supports detailed review and approval processing for policies, processes, and procedures necessary to support the Company’s cybersecurity and compliance requirements. Ensures that internal controls, processes, practices, and standards are developed, maintained, and tested to meet policy and compliance requirements. Supports business continuity planning, disaster recovery planning, and the Company’s Cybersecurity Incident Management Team (CS-IMT), with occasional on-call support. Participates in Company emergency response activities as assigned. BASIC QUALIFICATIONS
Knowledge Requirements Computer networking concepts and protocols, and network security methodologies. Risk management processes (e.g., methods for assessing and mitigating risk). Cybersecurity and privacy principles and organizational requirements (confidentiality, integrity, availability, authentication, non-repudiation). Laws, regulations, policies, and ethics related to cybersecurity and privacy. Cyber threats and vulnerabilities. Cryptography and cryptographic key management concepts. Data backup and recovery concepts. Host/network access control mechanisms (e.g., ACLs). Network access, identity, and access management (PKI, OAuth, OpenID, SAML, SPML). Network traffic concepts (TCP/IP, OSI, ITIL). Programming language structures and logic. System and application security threats and vulnerabilities (e.g., XSS, injections, race conditions, malware). Network attack concepts and their relation to threats and vulnerabilities. System administration, network, and operating system hardening techniques. Different classes of attacks (passive, active, insider, etc.). Different cyber attackers (script kiddies, insider threat, state-sponsored, etc.). Cyber-attack stages (reconnaissance, scanning, enumeration, access, privilege escalation, maintenance, etc.). Network security architecture concepts including topology, protocols, components, and defense-in-depth. Security models (Bell-LaPadula, Biba, Clark-Wilson). Ethical hacking principles and techniques. Pentration testing principles, tools, and techniques. Conceptual knowledge of NIST, ISO 27000 series, OWASP, and other security frameworks/standards. Conceptual knowledge of utility business and related OT systems (SCADA, DCS). Skills Requirements Conducting vulnerability scans and recognizing vulnerabilities in security systems. Assessing the robustness of security systems and designs. Detecting intrusions via intrusion detection technologies (e.g., Snort). Mimicking threat behaviors. Use of penetration testing tools and techniques. Use of social engineering techniques (phishing, baiting, tailgating). Use of network analysis tools to identify vulnerabilities (fuzzing, nmap). Reviewing logs to identify evidence of past intrusions. Conducting application vulnerability assessments. Performing impact/risk assessments. Developing insights about the organization’s threat environment. Collaborating with teammates and other employees. Communicating effectively in writing and verbally. Analytical skills, independent judgment, and ability to work toward consensus in a complex business environment. Ability to operate autonomously with minimal direction. Experience & Certifications
Advanced (7-10 years) analysis and/or leadership experience in a multi-level service or consulting organization, preferably in IT, application security, network security, or quality assurance. Information security experience is required. One or more of the following certifications (others will be considered): CISSP CISM CISA GSLC CCSP SSCP Role: Professional Number of Vacancies: 1 Location: Honolulu – Oahu Hiring Range: The hiring range for the Senior Information Assurance Analyst position is $107,700.00 to $139,800.00. The person selected will be placed according to skills and qualifications. About Hawaiian Electric
Hawaiian Electric Companies provide electricity and services to 95 percent of the state’s 1.4 million residents. The company is a major employer and contributor to community and educational programs. Application Instructions
Interested individuals should apply online. The application must clearly indicate the demonstrated experience/knowledge/skills/abilities the candidate possesses which specifically qualifies them for the position. EEO Statement: Hawaiian Electric Companies is an equal opportunity employer, including disability and protected veteran status. Reasonable accommodation during the application process should be communicated to the HR Service Center at (808) 543-4848. Nearest Major Market: Honolulu
#J-18808-Ljbffr