IT Security Analyst II
Military Occupation Specialty Code:
Army 17C Cyber Operations Specialist, Marine Corp 0681 Information Security Technician & 0688 Cybersecurity Technician
Number of Vacancies:
Chief Information Security Office
$5258.67 - $6916.67/ monthly
Hours Worked Weekly:
300 W. 15th Street, Austin TX 78701
Refer Inquiries to:
(512) 463-5920 or (512) 463-6015
HOW TO APPLY:
- Select “Apply Online” to apply for the job at https://capps.taleo.net/careersection/ex/jobsearch.ftl?lang=en
- You must create a CAPPS Career Section candidate profile or be logged in to apply
- Update your profile and apply for the job by navigating through the pages and steps
- Once ready, select “Submit” on the “Review and Submit” page.
APPLICANTS MUST PROVIDE IN DEPTH INFORMATION IN THE SPECIAL TRAINING/SKILLS/QUALIFICATIONS AND EMPLOYMENT HISTORY SECTIONS TO DEMONSTRATE HOW THEY MEET THE POSITION QUALIFICATIONS
Applications are not accepted at the agency. Resumes are not accepted in lieu of the application. Incomplete applications may result in disqualification of applicant.
Candidates will be notified for appointments as determined by the selection committee.
Section 651.005 of the Government Code requires males, ages 18 through 25 years, to provide proof of their Selective Service registration or proof of their exemption from the requirement as a condition of state employment.
EQUAL OPPORTUNITY EMPLOYER
The Department of Information Resources does not exclude anyone from consideration for recruitment, selection, appointment, training, promotion, retention, or any other personnel action, or deny any benefits or participation in programs or activities, which it sponsors on the grounds of race, color, national origin, sex, religion, age or disability. Please call 512-463-5920 to request reasonable accommodations.
The Texas Department of Information Resources serves a wide spectrum of customers by providing technology leadership, solutions, and value to State of Texas government agencies, higher education, and local government entities of all sizes to facilitate the fulfillment of their core missions.
This role within the Chief Information Security Office combines progressive information security program development, implementation and management expertise with an opportunity to leverage an entrepreneurial determination to evolve information security within state government. The individual in this role will perform advanced (senior-level) information security analysis in a variety of functions, such as, planning, implementing, and monitoring security program elements and services that support government organizations throughout the state of Texas in the protection of their information resources. The individual will also interact frequently with external personnel at other state agencies and educational and governmental organizations throughout the state using a variety of communication mechanisms. The ideal candidate will be a well-rounded security professional with a background in, and understanding of, the technical, policy, and compliance aspects of information security. Works under limited supervision, with considerable latitude for the use of initiative and independent judgment.
WHAT WE DO
The ideal candidate will have demonstrated experience or aptitude for performing the following functions:
- Team contributor who is able to jump in mid-stream and assist other team members and DIR colleagues
- Collecting and understanding business requirements, and propose solutions that will allow DIR customers to fully leverage and benefit from participation in the statewide cybersecurity program
- Leading prototyping and information gathering activities with functional users to assist customers in building security programs that meet their business needs
- Supporting efforts to implement and establish policies, systems, reports, and programs that help DIR and its customers fulfill statutorily mandated deadlines and deliverables
- Leading tabletops incident response exercises for state agencies and higher education institutions.
- Assisting on annual Incident Response Exercise
- Identifying and analyzing intelligence information about threats to DIR customer’s information processing systems
- Assisting in the development of statewide policy, standard, guideline and best practices for statewide guidance
- Assisting analysis of potential statewide impact of proposed federal, state, and industry security and privacy related policy, legislation and standards, drafts and prepares proposals for modification to statewide security policies, standards, and procedures, and advising agencies in implementing statewide security policies
- Participating in and in some cases leading advisory groups
- Assisting in the preparation of presentations and reports in support of the statewide security program to be delivered to DIR Executive Management and Board of Directors, customers, and Legislative members
- Functioning as a cybersecurity generalist able to support and backfill work across the entire team
- Providing subject matter expertise to education and outreach projects, efforts, and initiatives
- Providing incident response functions when appropriate and coordinate activities with DIR customer and partner personnel.
- Providing GRC system operational support, including troubleshooting issues, access control management, and data request support.
- Assisting with research on security best practices and writing reports to State leadership
- Advising customers and internal stakeholders on security configuration and best practice issues
- Developing and make recommendations on plans to secure and safeguard State information resource
Performing other related duties as assigned
- Graduation from an accredited four-year college or university with major coursework in information technology security, computer information systems, computer science, management information systems, or a related field
- Additional equivalent years of related work experience may substitute for degree. (High-school diploma and five (5) years of experience without degree)
EXPERIENCE AND TRAINING
- One (1) to three (3) years of experience in developing and implementing security services into a risk based security program with the ability to demonstrate knowledge of policy development, risk evaluation and management, and cost benefit analysis to support security program decisions
EXPERIENCE & TRAINING PREFERRED
- One of the following certifications: Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), or Certified Information Systems Manager (CISM), or equivalent certification/education
- Experience with the State and Federal regulations and standards, including the National Institute of Standards and Technology (NIST) 800 series publications, Texas Administrative Code § 202, and the Federal Information Security Management Act (FISMA)
- Experience conducting analysis of threats and vulnerabilities, control maturity and gap analysis.
- Experience conducting analysis of cybersecurity incidents and events and the ability to prepare and deliver oral and written presentations of that analysis
- Experience in Texas state government
- Experience working in a collaborative environment
KNOWLEDGE, SKILLS & ABILITIES
- Knowledge of data communications, networking, computer programming and systems analysis
- Knowledge of and ability to apply information security operations best practices
- Knowledge of principles, practices, and techniques of management controls and information security protections as applied to state government
- Knowledge of the security incident response process
- Knowledge of Texas State government and related information technology processes
- Knowledge of security metrics, benchmarking activities and expectations, and security operational monitoring processes
- Ability to handle multiple projects and initiatives
- Ability to prepare technical issue papers and research reports, and effectively deliver oral presentations and written reports to IT and non-IT management
- Ability to advise technical staff from customer agencies
- Ability to travel as necessary to support agency requirements
- Ability to work a flexible schedule to meet required deadlines
- Ability to work under pressure and exacting schedules to complete assigned tasks
- Ability to establish and maintain effective and cordial working relationships at all organizational levels, including agency management, direct supervisors, co-workers, internal and external customers
- Ability to understand, follow and convey brief oral and/or written instructions
- Ability to communicate both verbally and in writing; in a clear and concise manner
- Ability to work independently and as part of a team, and to support and contribute to a cohesive team environment
- Ability to comply with all agency policy and applicable laws
- Ability to comply with all applicable safety rules, regulations, and standards
- Proficiency in the use of a personal computer and applicable software necessary to perform work assignments e.g. word processing, spreadsheets, presentation software, and data analysis/reporting software
- Regular and punctual attendance at the workplace
- Criminal background check
- Frequent use of a personal computer, copiers, printers and telephones
- Frequent work under stress, as a team member, and in direct contact with others
- Frequent standing, walking, sitting, listening and talking
- Occasional bending and stooping
- Occasional lifting and climbing