Performs advanced (senior-level) information security analysis work. Work involves planning, implementing, and monitoring security measures for information systems and infrastructure to regulate access to computer configuration and data files and to prevent unauthorized modification, destruction, or disclosure of information. May train others. Works under limited supervision, with considerable latitude for the use of initiative and independent judgment. This position reports to the Information Technology Manager.
- Graduation from an accredited four-year college or university is required. (Experience in information security analysis work, in excess of the required three years, may be substituted for college on a year-for-year basis.)
- Three years experience in information security analysis work is required.
- Three years experience with TCP/IP networks is required.
- Three years experience with Microsoft Windows Operating System administration is required.
- Willingness to work irregular hours, evenings, weekends, and holidays as workload dictates is required.
- One or more years experience with Linux Operating System administration is preferred.
- One or more years experience administering enterprise anti-malware/anti-virus software is preferred.
- One or more years experience with vulnerability or penetration testing is preferred.
- One or more years experience with Security Information and Event Management (SIEM) systems is preferred.
- One or more of the following certifications is required and held in good standing with continuing education requirements:
- CompTIA Security+
- Cisco Certified Network Associate – Security (CCNA Security)
- Cisco Certified Network Associate – Cyber Ops (CCNA Cyber Ops)
- (ISC)2 System Security Certified Practitioner (SSCP)
- (ISC)2 Certified Information Systems Security Professional (CISSP)
- ISACA Certified Information Systems Auditor (CISA)
- CompTIA Cybersecurity Analyst (CySA+)
- CompTIA Advanced Security Practitioner (CASP+)
- EC-Council Certified Ethical Hacker (CEH)
- EC-Council Computer Hacking Forensic Investigator (CHFI)
- Global Information Assurance Certification Security Essentials (GSEC)
- Global Information Assurance Certification Certified Incident Handler (GCIH)
- Global Information Assurance Certification Certified Enterprise Defender (GCED)
- CyberSec First Responder (CFR)
Knowledge, Skills, and Abilities:
- Working knowledge of state and federal guidelines and standards related to IT security, particularly Texas Administrative Code (1 TAC 202) and NIST Special Publication 800 series.
- Knowledge of vulnerability and penetration testing techniques and associated software.
- Knowledge of information system hardening and implementation of technical controls.
- Knowledge of computer forensics techniques and analysis.
- Knowledge of cryptographic techniques and protocols.
- Knowledge of Identity and Access Management (IAM) systems.
- Knowledge of malware defense techniques and controls.
- Knowledge of network defense techniques and controls.
- Knowledge of log collection and analysis systems or Security Information and Event Monitoring (SIEM) systems.
- Knowledge of current Microsoft Windows Operating Systems for workstations (Windows 7, 8, 10) and server systems (Windows Server 2008 R2/2012 R2/2016).
- Knowledge of network facilities and data processing techniques, of personal computer hardware and software, and of network operating system and security software.
- Demonstrated ability to communicate effectively, both verbally and in writing, in a clear and concise manner, to a variety of audiences.
- Ability to identify appropriate corrective actions for IT security issues.
- Ability to establish and maintain effective and cordial working relationships at all organizational levels, including agency management, direct supervisors, co-workers, internal and external customers.
- Ability to work independently and as part of a team, and to support and contribute to a cohesive team environment.
- Ability to understand, follow, and convey brief oral and/or written instructions.
- Ability to create documentation and instruction sets for technical and non-technical audiences.
- Ability to handle stressful situations and time constraints when necessary.
- Ability to work a flexible schedule to meet required deadlines.
- Ability to work under pressure and complete assigned tasks.
- Ability to comply with all applicable safety rules, regulations and standards.
- Ability to comply with all agency policies and applicable laws.
Physical and Mental Requirements:
- Must be able to sit or stand for extended periods of time.
- Must be able to operate personal computer and computer software, and standard office equipment.
Essential Job Functions:
- Coordinates the implementation of computer system security plans with agency personnel and outside vendors.
- Develops and recommends plans to safeguard computer configuration and data files against accidental or unauthorized modification, destruction, or disclosure and to meet emergency data processing needs.
- Modifies and monitors computer configuration and data files to incorporate new software and virus protection systems, correct errors, or change individual access status.
- Plans and deploys continuous automated security compliance capabilities.
- Monitors, evaluates, and maintains systems and procedures to protect data systems and databases from unauthorized access.
- Performs technical risk assessments and security reviews of new and existing applications and systems, including data center physical security and environment.
- Trains users and promotes security awareness to ensure system security and to improve application, server, and network efficiency.
- Coordinates with users to discuss issues such as account permission and computer data access needs, security violations, and programming changes.
- Assists in designing and deploying security applications and infrastructure program activities.
- Assists in advising management and users regarding security configurations and procedures.
- Participates in and may develop information technology disaster recovery and business continuity planning.
- Regulates and reviews access to computer data files and prevents unauthorized modification, destruction, or disclosure of information.
- Researches, evaluates, and recommends systems and procedures for the prevention, detection, containment, and correction of data security breaches.
- Performs complex cybersecurity analysis work such as:
- Monitors and analyzes cybersecurity alerts from cybersecurity tools, network devices, and information systems.
- Monitors and maintains cybersecurity infrastructure and to protect information systems from unauthorized use.
- Monitors network traffic and flow for analysis.
- Performs cybersecurity incident detection, analysis, and prevention.
- Performs vulnerability scans of networks and applications to assess effectiveness and identify weaknesses.
- Performs forensic analysis of information systems and portable devices and forensic recovery of data using assessment tools.
- Assists in identifying and evaluating new cybersecurity technologies to remediate vulnerabilities.
- Performs related work as assigned.
Proud of Our Diversity - Committed to Equal Employment Opportunities
Job Type: Full-time
Salary: $63,104.00 to $103,491.00 /year
- Information Security: 3 years (Required)
- Paid time off
- Parental leave
- Health insurance
- Dental insurance
- Retirement benefits or accounts
- Healthcare spending or reimbursement accounts such as HSAs or FSAs