Cybersecurity Analyst III
Austin, Texas
Employer: CAPPS
Industry: Computer and Mathematical
Salary: $6681.17 - $8000.00 per month
Job type: Full-Time
Job Description
Job Posting:
00045265
Opened:
9/17/2024
Closes:
10/1/2024
Position Title:
Cybersecurity Analyst III (Governance, Risk, and Compliance (GRC) Analyst and Reporting Specialist)
Class/Group:
0321/B27
Military Occupation Specialty Code:
Army 25B; Navy 182X, 682X; Air Force 3D1X1; Space Force 514A
Fair Labor Standards Act Status:
Exempt
Number of Vacancies:
1
Division/Section:
Chief Information Security Office/ Governance, Risk, and Compliance
Salary Range:
$6,681.17-$8,000.00/month
Duration:
Regular
Hours Worked Weekly:
40
Work Schedule:
This position may be eligible for flexible work hours and/or a hybrid work schedule if certain program guidelines are met; working arrangements may change at any time at the sole discretion of the agency.
Travel:
Limited
Agency Address:
300 West 15th Street, #1300 / Austin, Texas 78701
Web site:
https://dir.texas.gov/
Refer Inquiries to:
People and Culture Office
Telephone:
512-475-4957 or (512) 463-5920
How To Apply:
Special Instructions:
Interview Place/Time:
Candidates will be notified for appointments as determined by the selection committee.
Selective Service Registration:
Section 651.005 of the Government Code requires males, ages 18 through 25 years, to provide proof of their Selective Service registration or proof of their exemption from the requirement as a condition of state employment.
H-1B Visa Sponsorship:
We are unable to sponsor or take over sponsorship of an employment Visa at this time.
Equal Opportunity Employer
The Department of Information Resources does not exclude anyone from consideration for recruitment, selection, appointment, training, promotion, retention, or any other personnel action, or deny any benefits or participation in programs or activities, which it sponsors on the grounds of race, color, national origin, sex, religion, age, or disability. Please call 512-475-4922 to request reasonable accommodation.
Position Description
What We Do
The Texas Department of Information Resources is the state agency charged with protecting the state's data and critical technology infrastructure, managing a multi-million-dollar cooperative contracts program, and providing strategic technology leadership, solutions, and innovation to all levels of Texas government. DIR is a fast-paced and collaborative environment with highly motivated and engaged employees dedicated to achieving the best value for the state.
Position Summary
The individual in this role will perform highly complex (senior-level) cybersecurity analysis in a variety of functions, such as, planning, implementing, and monitoring security program elements and services that support government organizations throughout the state of Texas in the protection of their information resources. The individual will also interact frequently with external personnel at other state agencies and educational and governmental organizations throughout the state using a variety of communication mechanisms. The ideal candidate will be a security professional with a background in, and understanding of, the technical, policy, and compliance aspects of information security. Works under limited supervision, with considerable latitude for the use of initiative and independent judgement.
• Supports the statewide cybersecurity efforts to implement and establish policies, systems, reports, and programs that deliver services to agencies and help DIR, and its customers fulfill statutorily mandated deadlines and deliverables.
• Researches and evaluates new and emerging Governance, Risk, and Compliance (GRC) services. Supports efforts as part of the GRC development and support team responsible for design, development, and implementation of new processes, applications, and reporting using the DIR GRC system. This includes the development and maintenance of comprehensive security process documentation.
• Builds reports, dashboards, and designs effective layouts to ensure data is reflected accurately and tracks performance metrics and visualizes data for reporting purposes.
• Supports the statewide GRC portal (Archer) on information security matters including policy and compliance management, risk management, incident management, and data breach reporting within the enterprise GRC framework. Governs the process for development and improvement of SPECTRIM.
• Ensures division website content is accurate, up to date, and effectively communicated. Ensures division email box is monitored and maintained. Provides guidance to customers on SPECTRIM portal functionality. Provides GRC system operational support, including troubleshooting issues, access control management, change control, account management, and general technical support.
• Analyzes statewide security data and assists in the preparation of presentations and reports in support of the statewide security program to be delivered to DIR Executive Management, Board of Directors, customers, and state leadership.
• Assists in the development and implementation of enterprise security strategies, policies, and plans, as well as formulates and disseminates standards and guidelines to manage statewide information and information asset related risks, threats, and vulnerabilities.
• Performs other work-related duties as assigned.
Qualifications:
Education
• Graduation from an accredited four-year college or university with major coursework in
information technology security, computer information systems, computer science, management information systems, or a related field
• Additional work-related experience may be substituted for education on a year-for-year basis (High-school diploma required).
Experience and Training Required
• Minimum of three (3) - five (5) years of experience in transforming raw data into actionable business insights and recommendations.
• Minimum of three (3) - five (5) years of experience in data analysis, reporting, and visualization, research, and technical writing
• Minimum of two (2) - three (3) years of experience of demonstrated ability to create detailed reports, dashboards, and visualizations using tools like Tableau, Power BI, or Excel.
• Minimum of two (2) - three (3) years of experience in identifying and resolving technology and business risks.
Experience and Training Preferred
• Experience with State of Texas information security requirements including Texas Administrative Code §202
• Experience with Federal Information Security Management Act (FISMA) and National Institute of Standards (NIST) 800 Series Special Publications or other security standards and regulations.
• One of the following certifications: Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), or Certified Information Systems Manager (CISM), or equivalent certification/education
• Administrative experience with Archer Integrated Risk Management
• Experience with Data Visualization/Reporting software
• Experience in Texas state government
• Experience or familiarity researching and writing reports based on legislation, statutory requirements, laws, and regulations related to information security.
• Proficient in analyzing complex datasets to identify trends, patterns, and insights.
• Experience with statistical analysis methods, including hypothesis testing, regression analysis, and predictive modeling.
• Familiarity with advanced analytics techniques and machine learning algorithms is a plus.
Knowledge, Skills, and Abilities
• Knowledge of Texas State government and related information technology processes.
• Knowledge of the limitations and capabilities of computer systems and technology; technology across all mainstream networks, operating systems, and application platforms; operational support of networks, operating systems, Internet technologies, databases, and security applications and infrastructure; cybersecurity and information security controls, practices, procedures, and regulations; incident response program practices and procedures; and information security practices, procedures, and regulations.
• Skill in problem resolution.
• Skill in the use of applicable software and the configuring, deploying, monitoring, and automating of security applications and infrastructure. Ability to promote and support the overall mission, goals, and efforts of the office of the CISO and GRC Program.
• Ability to apply knowledge of business practices and approaches.
• Ability to plan, organize, coordinate, monitor and evaluate multiple priorities.
• Ability to think strategically and focus on results.
• Ability to identify data issues and develop solutions to address them.
• Ability to resolve complex security issues in diverse and decentralized environments; to plan, develop, monitor, and maintain cybersecurity and information technology security processes and controls; and to communicate effectively.
• Ability to prepare technical issue papers and research reports, and effectively deliver oral presentations and written reports to IT and non-IT management.
• Ability to learn and adapt quickly in a dynamic environment.
• Ability to establish and maintain effective and cordial working relationships at all organizational levels, including agency management, direct supervisors, co-workers, internal and external customers.
• Ability to understand, follow and convey brief oral and/or written instructions.
• Ability to communicate both verbally and in writing, in a clear and concise manner.
• Ability to work independently and as part of a team, and to support and contribute to a cohesive team environment.
• Ability to work under pressure and exacting schedules to complete assigned tasks.
• Ability to work a flexible schedule to meet required deadlines.
• Ability to comply with all agency policy and applicable laws.
• Ability to comply with all applicable safety rules, regulations, and standards.
Computer Skills
• Proficiency in the use of a computer and applicable software necessary to perform work assignments.
• Advanced skills in Microsoft 0365 applications (Excel, PowerPoint, PowerAutomate, PowerBI)
Other Requirements
• Regular and punctual attendance at the workplace.
• Criminal background check.
Working Conditions
• Frequent use of computers, copiers, printers, and telephones.
• Frequent standing, walking, sitting, listening, and talking.
• Frequent work under stress, as a team member, and in direct contact with others.
• Occasional bending, stooping, lifting, and climbing.
Job Posting:
00045265
Opened:
9/17/2024
Closes:
10/1/2024
Position Title:
Cybersecurity Analyst III (Governance, Risk, and Compliance (GRC) Analyst and Reporting Specialist)
Class/Group:
0321/B27
Military Occupation Specialty Code:
Army 25B; Navy 182X, 682X; Air Force 3D1X1; Space Force 514A
Fair Labor Standards Act Status:
Exempt
Number of Vacancies:
1
Division/Section:
Chief Information Security Office/ Governance, Risk, and Compliance
Salary Range:
$6,681.17-$8,000.00/month
Duration:
Regular
Hours Worked Weekly:
40
Work Schedule:
This position may be eligible for flexible work hours and/or a hybrid work schedule if certain program guidelines are met; working arrangements may change at any time at the sole discretion of the agency.
Travel:
Limited
Agency Address:
300 West 15th Street, #1300 / Austin, Texas 78701
Web site:
https://dir.texas.gov/
Refer Inquiries to:
People and Culture Office
Telephone:
512-475-4957 or (512) 463-5920
How To Apply:
- Select "Apply Online" to apply for the job at https://capps.taleo.net/careersection/ex/jobsearch.ftl?lang=en
- You must create a CAPPS Career Section candidate profile or be logged in to apply.
- Update your profile and apply for the job by navigating through the pages and steps.
- Once ready, select "Submit" on the "Review and Submit" page.
- If you have problems accessing the CAPPS Career Section, please follow the instructions in the Resetting CAPPS Password for Job Candidate desk aid.
Special Instructions:
- Applicants must provide in-depth information in the EXPERIENCE & CREDENTIALS section to demonstrate how they meet the position qualifications. Incomplete applications may result in disqualification.
- Resumes may be uploaded as an attachment but are not accepted in lieu of the information required in the EXPERIENCE & CREDENTIALS section of the application.
Interview Place/Time:
Candidates will be notified for appointments as determined by the selection committee.
Selective Service Registration:
Section 651.005 of the Government Code requires males, ages 18 through 25 years, to provide proof of their Selective Service registration or proof of their exemption from the requirement as a condition of state employment.
H-1B Visa Sponsorship:
We are unable to sponsor or take over sponsorship of an employment Visa at this time.
Equal Opportunity Employer
The Department of Information Resources does not exclude anyone from consideration for recruitment, selection, appointment, training, promotion, retention, or any other personnel action, or deny any benefits or participation in programs or activities, which it sponsors on the grounds of race, color, national origin, sex, religion, age, or disability. Please call 512-475-4922 to request reasonable accommodation.
Position Description
What We Do
The Texas Department of Information Resources is the state agency charged with protecting the state's data and critical technology infrastructure, managing a multi-million-dollar cooperative contracts program, and providing strategic technology leadership, solutions, and innovation to all levels of Texas government. DIR is a fast-paced and collaborative environment with highly motivated and engaged employees dedicated to achieving the best value for the state.
Position Summary
The individual in this role will perform highly complex (senior-level) cybersecurity analysis in a variety of functions, such as, planning, implementing, and monitoring security program elements and services that support government organizations throughout the state of Texas in the protection of their information resources. The individual will also interact frequently with external personnel at other state agencies and educational and governmental organizations throughout the state using a variety of communication mechanisms. The ideal candidate will be a security professional with a background in, and understanding of, the technical, policy, and compliance aspects of information security. Works under limited supervision, with considerable latitude for the use of initiative and independent judgement.
• Supports the statewide cybersecurity efforts to implement and establish policies, systems, reports, and programs that deliver services to agencies and help DIR, and its customers fulfill statutorily mandated deadlines and deliverables.
• Researches and evaluates new and emerging Governance, Risk, and Compliance (GRC) services. Supports efforts as part of the GRC development and support team responsible for design, development, and implementation of new processes, applications, and reporting using the DIR GRC system. This includes the development and maintenance of comprehensive security process documentation.
• Builds reports, dashboards, and designs effective layouts to ensure data is reflected accurately and tracks performance metrics and visualizes data for reporting purposes.
• Supports the statewide GRC portal (Archer) on information security matters including policy and compliance management, risk management, incident management, and data breach reporting within the enterprise GRC framework. Governs the process for development and improvement of SPECTRIM.
• Ensures division website content is accurate, up to date, and effectively communicated. Ensures division email box is monitored and maintained. Provides guidance to customers on SPECTRIM portal functionality. Provides GRC system operational support, including troubleshooting issues, access control management, change control, account management, and general technical support.
• Analyzes statewide security data and assists in the preparation of presentations and reports in support of the statewide security program to be delivered to DIR Executive Management, Board of Directors, customers, and state leadership.
• Assists in the development and implementation of enterprise security strategies, policies, and plans, as well as formulates and disseminates standards and guidelines to manage statewide information and information asset related risks, threats, and vulnerabilities.
• Performs other work-related duties as assigned.
Qualifications:
Education
• Graduation from an accredited four-year college or university with major coursework in
information technology security, computer information systems, computer science, management information systems, or a related field
• Additional work-related experience may be substituted for education on a year-for-year basis (High-school diploma required).
Experience and Training Required
• Minimum of three (3) - five (5) years of experience in transforming raw data into actionable business insights and recommendations.
• Minimum of three (3) - five (5) years of experience in data analysis, reporting, and visualization, research, and technical writing
• Minimum of two (2) - three (3) years of experience of demonstrated ability to create detailed reports, dashboards, and visualizations using tools like Tableau, Power BI, or Excel.
• Minimum of two (2) - three (3) years of experience in identifying and resolving technology and business risks.
Experience and Training Preferred
• Experience with State of Texas information security requirements including Texas Administrative Code §202
• Experience with Federal Information Security Management Act (FISMA) and National Institute of Standards (NIST) 800 Series Special Publications or other security standards and regulations.
• One of the following certifications: Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), or Certified Information Systems Manager (CISM), or equivalent certification/education
• Administrative experience with Archer Integrated Risk Management
• Experience with Data Visualization/Reporting software
• Experience in Texas state government
• Experience or familiarity researching and writing reports based on legislation, statutory requirements, laws, and regulations related to information security.
• Proficient in analyzing complex datasets to identify trends, patterns, and insights.
• Experience with statistical analysis methods, including hypothesis testing, regression analysis, and predictive modeling.
• Familiarity with advanced analytics techniques and machine learning algorithms is a plus.
Knowledge, Skills, and Abilities
• Knowledge of Texas State government and related information technology processes.
• Knowledge of the limitations and capabilities of computer systems and technology; technology across all mainstream networks, operating systems, and application platforms; operational support of networks, operating systems, Internet technologies, databases, and security applications and infrastructure; cybersecurity and information security controls, practices, procedures, and regulations; incident response program practices and procedures; and information security practices, procedures, and regulations.
• Skill in problem resolution.
• Skill in the use of applicable software and the configuring, deploying, monitoring, and automating of security applications and infrastructure. Ability to promote and support the overall mission, goals, and efforts of the office of the CISO and GRC Program.
• Ability to apply knowledge of business practices and approaches.
• Ability to plan, organize, coordinate, monitor and evaluate multiple priorities.
• Ability to think strategically and focus on results.
• Ability to identify data issues and develop solutions to address them.
• Ability to resolve complex security issues in diverse and decentralized environments; to plan, develop, monitor, and maintain cybersecurity and information technology security processes and controls; and to communicate effectively.
• Ability to prepare technical issue papers and research reports, and effectively deliver oral presentations and written reports to IT and non-IT management.
• Ability to learn and adapt quickly in a dynamic environment.
• Ability to establish and maintain effective and cordial working relationships at all organizational levels, including agency management, direct supervisors, co-workers, internal and external customers.
• Ability to understand, follow and convey brief oral and/or written instructions.
• Ability to communicate both verbally and in writing, in a clear and concise manner.
• Ability to work independently and as part of a team, and to support and contribute to a cohesive team environment.
• Ability to work under pressure and exacting schedules to complete assigned tasks.
• Ability to work a flexible schedule to meet required deadlines.
• Ability to comply with all agency policy and applicable laws.
• Ability to comply with all applicable safety rules, regulations, and standards.
Computer Skills
• Proficiency in the use of a computer and applicable software necessary to perform work assignments.
• Advanced skills in Microsoft 0365 applications (Excel, PowerPoint, PowerAutomate, PowerBI)
Other Requirements
• Regular and punctual attendance at the workplace.
• Criminal background check.
Working Conditions
• Frequent use of computers, copiers, printers, and telephones.
• Frequent standing, walking, sitting, listening, and talking.
• Frequent work under stress, as a team member, and in direct contact with others.
• Occasional bending, stooping, lifting, and climbing.
Created: 2024-09-18
Reference: 00045265
Country: United States
State: Texas
City: Austin
ZIP: 78749
Similar jobs:
-
IA / Cybersecurity Analyst
Leidos Holding in Fort Bliss, Texas💸 $53950.00 per year -
Cybersecurity Analyst
National Financial Partners in Austin, Texas -
Cybersecurity Analyst II
CAPPS in Austin, Texas -
Cybersecurity Portfolio Reporting Analyst
INSPYR Solutions in Fort Worth, Texas💸 $55 - $60 per hour -
Mid-Level Cybersecurity Analyst
INSPYR Solutions in Fort Worth, Texas💸 $50.00 - $54.00 per hour -
Agile Business Analyst - Cybersecurity & Vulnerability Management
Experis in Irving, Texas -
TDHCA - Cybersecurity Analyst
CAPPS in Austin, Texas -
Cybersecurity Analyst II
CAPPS in Austin, Texas💸 $7350.00 per month -
US|Cybersecurity Risk Analyst
Apex Systems in Houston, Texas💸 $49 - $57 per hour