IT Security Analyst III

Job Posting:         

#00000818

Opened:               

08/21/17

Closes:  

09/15/17

Position Title:      

IT Security Analyst III

Class/Group:

0237/B27

Military Occupation Specialty Code:  

0681, 0689

FLSA:     

Exempt

Number of Vacancies:

1

Division/Section:

Office Chief Information Security Officer

Salary Range:

$6363.00 to $8750.00 / monthly

Duration:

Regular

Hours Worked Weekly:     

40

Shift:     

Days

Travel:   

Limited

Agency Address: 

300 W. 15th Street, Austin TX, 78701

Work Location:   

Same

Web site:

www.dir.texas.gov

Refer Inquiries to:              

Human Resources

Telephone:

(512) 463-5920

HOW TO APPLY:

  • Select “Apply Online” to apply for the job at https://capps.taleo.net/careersection/ex/jobsearch.ftl?lang=en
  • You must create a CAPPS Career Section candidate profile or be logged in to apply
  • Update your profile and apply for the job by navigating through the pages and steps
  • Once ready, select “Submit” on the “Review and Submit” page

APPLICANTS MUST PROVIDE IN DEPTH INFORMATION IN THE EXPERIENCE AND CREDENTIALS SECTION TO DEMONSTRATE HOW THEY MEET THE POSITION QUALIFICATIONS

Applications are not accepted at the agency.  Incomplete applications may result in disqualification of applicant.

Interview Place/Time:

Candidates will be notified for appointments as determined by the selection committee.

Notice:

Section 651.005 of the Government Code requires males, ages 18 through 25 years, to provide proof of their Selective Service registration or proof of their exemption from the requirement as a condition of state employment.

EQUAL OPPORTUNITY EMPLOYER

The Department of Information Resources does not exclude anyone from consideration for recruitment, selection, appointment, training, promotion, retention, or any other personnel action, or deny any benefits or participation in programs or activities, which it sponsors on the grounds of race, color, national origin, sex, religion, age or disability.  Please call 512-463-5920 to request reasonable accommodations.

The Job

Do you like to work in a role that allows you to make a huge difference in the security posture of an organization?  Do you like to work with a lot of latitude for creating new programs? This is a role with the State Chief Information Security Office that gives you the opportunity to make a difference in the state’s security posture.  This position will give you the ability to work with many diverse organizations, plan for adverse events, and develop new ways to communicate threats and vulnerabilities.  You will play an important role in planning the direction for, and developing policy guidance for state cybersecurity. 

The individual will have excellent writing and communication skills and be involved in multiple projects including planning, implementing, and monitoring security program elements and services that support government organizations throughout the state of Texas. Works under minimal supervision, with extensive latitude for the use of initiative and independent judgment.

What We Do

The ideal candidate will have the ability to participate in the following functions:

  • Establishing or participating in security incident response activities
  • Assisting in the establishment of a state of Texas Information Sharing and Analysis Organization (ISAO)
  • Leading tabletops incident response exercises for state agencies and higher education institutions.
  • Leading Incident Response Exercises including national exercises. 
  • Identifying and analyzing intelligence information about threats to DIR customer’s information processing systems.
  • Assisting the State Chief Information Security Officer in the development and implementation of enterprise security strategies and plans, as well as the formulation and dissemination of standards and guidelines to manage statewide information and information asset related risks, threats, and vulnerabilities

ESSENTIAL FUNCTIONS

  • Supports statewide information sharing for cyber-security incident response including appropriate classification, mitigation, response and recovery; evaluates security incidents to assist in the development of corrective responses and risk mitigation
    Develops methods for providing and sharing cybersecurity incident response exercises with state agencies and higher education institutions
  • Develops a plan to address cybersecurity risks and incidents in the state, including: providing technical assistance services to support preparedness for and response to cybersecurity risks and incidents; conducting cybersecurity training and simulation exercises for state agencies to encourage coordination in defending against and responding to cybersecurity risks and incidents; assisting state agencies in developing cybersecurity information-sharing programs to disseminate information related to cybersecurity risks and incidents; and incorporating cybersecurity risk and incident prevention and response methods into existing state emergency plans, including continuity of operation plans and incident response plans
  • Assists the team in developing an Information Sharing and Analysis Organization
  • Improves the statewide planning for cybersecurity incident response
  • Assists in the development of statewide policy, standard, guideline and best practices for statewide guidance

EDUCATION

  • Graduation from an accredited four-year college or university
  • Additional equivalent years of related work experience may substitute for degree (High-school diploma and six (6) years of experience without degree)

EXPERIENCE & TRAINING

  • Two (2) years of experience in cybersecurity Incident Response or Network Security Monitoring
  • Two (2) years of experience conducting analysis of threat and vulnerabilities, control maturity and gap analysis, and the analysis of cybersecurity incidents and events with the ability to demonstrate the preparation and delivery of both oral and written presentations of related information
  • Accredited Certifications such as: GCIH (Certified Incident Handler), GCIA (Certified Intrusion Analyst), Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Manager (CISM), or equivalent certification/education

EXPERIENCE & TRAINING PREFERRED

  • Hands on experience with Incident Detection Techniques including the use of Vulnerability Assessment Tools
  • Thorough understanding of the Information and Incident Response process
  • Experience with Texas Security regulations including Texas Administrative Code § 202
  • Experience collaborating with outsourced IT service delivery organizations

KNOWLEDGE, SKILLS & ABILITIES

  • Knowledge of data communications, networking, computer programming and systems analysis
  • Knowledge of information security operations and services processes
  • Knowledge of principles, practices, and techniques of management controls and information security protections as applied to state government
  • Knowledge of Texas State government and related information technology processes
  • Knowledge of security metrics, benchmarking activities and expectations, and security operational monitoring processes
  • Ability to handle multiple projects and initiatives
  • Ability to prepare technical issues papers and research reports, and effectively deliver oral presentations and written reports to IT and non-IT management
  • Ability to advise technical staff from customer agencies
  • Ability to travel as necessary to support agency requirements
  • Ability to comply with all agency policy and applicable laws
  • Ability to comply with all applicable safety rules, regulations, and standards
  • Ability to work a flexible schedule to meet required deadlines
  • Ability to work under pressure and exacting schedules to complete assigned tasks
  • Ability to establish and maintain effective and cordial working relationships at all organizational levels, including agency management, direct supervisors, co-workers, internal and external customers
  • Ability to understand, follow and convey brief oral and/or written instructions
  • Ability to communicate both verbally and in writing; in a clear and concise manner
  • Ability to work independently and as part of a team, and to support and contribute to a cohesive team environment

COMPUTER SKILLS

  • Proficiency in the use of a personal computer and applicable software necessary to perform work assignments e.g. word processing, spreadsheets, presentation software, and data analysis/reporting software

OTHER REQUIREMENTS

  • Regular and punctual attendance at the workplace
  • Criminal background check required

WORK ENVIRONMENT

  • Frequent use of a personal computer, copiers, printers and telephones
  • Frequent work under stress, as a team member, and in direct contact with others
  • Frequent standing, walking, sitting, listening and talking
  • Occasional bending and stooping
  • Occasional lifting and climbing