THECB - Cybersecurity Analyst II

General Description:

Performs complex information security analysis work in the Chief Information Security Office (CISO) of the Texas Higher Education Coordinating Board (THECB). Work involves planning, implementing, and monitoring security measures for information systems and infrastructure for potentially targeted information technology resources to protect the confidentiality, availability and integrity of agency information resources. Works under general supervision, with moderate latitude for the use of initiative and independent judgment. This position reports to the agency Chief Information Security Officer (CISO).

General Duties And Responsibilities:

• Conducts or coordinates security vulnerability assessments.
• Performs vulnerability scanning, and analysis.
• Assists in designing, implementing and maintaining network security architecture.
• Recommends system and procedural changes to protect agency information assets and ensure confidentiality of protected information.
• Researches and evaluates emerging security-related technologies.
• Assists or participates in preparation of risk management, agency security and system security plans.
• Monitors and manages e-mail security features including the agency’s Office 365 environment.
• Implements measures to monitor and safeguard agency assets against accidental or unauthorized modification, destruction, or disclosure.
• Monitor and assist in administration of security focused software including: mobile device management, intrusion prevention, email protection and security incident & event management.
• Evaluates information security products and services to identify strengths, weaknesses, and potential benefits to the agency.
• Consults application developers regarding application security practices and platform hardening.
• Supports external and internal audit activities, performs related responses, analysis and security remediation.
• Applies appropriate Family Educational Rights and Privacy Act (FERPA) standards at all times.
• Collaborates with development and other functional areas to address vulnerabilities within systems/applications.
• Reports on key metrics.
• Conducts network monitoring and intrusion detection analysis using various Computer Network Defense (CND) tools, such as Intrusion Detection/Prevention Systems (IDS/IPS), SIEM, Vulnerability Management tools, and end point security.
• May assist in developing agency plans, standards, and guidelines to address existing and new security technology issues and trends.
• Reviews alerts detected by the Data Loss Prevention (DLP) tool and follow up with the business units for mitigation.
• This position is fully remote. Employees may work from any location within the state of Texas, with occasional travel for team meetings or training as required. Reliable internet access and a dedicated workspace are required.
• Performs other duties as assigned.

Knowledge, Skills, And Abilities:

• Knowledge of network security threats and ability to implement preventative controls including firewalls, access controls, authentication systems, intrusion detection systems, VPNs, and cryptography.
• Knowledge of secure application programming guidelines; system development life cycles and limitations and capabilities of information systems.
• Knowledge of principles, practices, and techniques of management controls and information resources management.
• Knowledge of network communication protocols and their use in Internet and intranet applications.
• Knowledge of LAN, WAN and data communications components and their use in an enterprise networks.
• Knowledge in OWASP application security, NIST, ISO
• Skills in the use of vulnerability assessment and penetration testing tools.
• Skill in analyzing problems and devising solutions.
• Ability to perform analysis of log files from routers, switches, firewalls and other network security devices.
• Ability to complete project assignments within allocated time frame, demonstrating patience and meticulousness in the implementation of information security solutions.
• Ability to communicate effectively in a variety of forms.
• Ability to establish and maintain effective working relationships with others.
• Ability to work well under pressure and maintain flexibility.
• Military Crosswalk:  Military Crosswalk for Occupational Category - Information Technology
• Bachelor’s degree from an accredited college or university in computer science, cybersecurity or related field.
• Two years’ work experience in Information Security and/or Information Technology.
• Ability to communicate effectively in a variety of forms.
• Ability to establish and maintain effective working relationships with others.
• Ability to work well under pressure and maintain flexibility.
• Military Crosswalk:  Military Crosswalk for Occupational Category - Information Technology
• Bachelor’s degree from an accredited college or university in computer science, cybersecurity or related field.
• Two years’ work experience in Information Security and/or Information Technology.

Required Minimum Education And Experience:

• Six months of relevant full-time work experience may substitute for a semester (15 credit hours) of required education, not to exceed four years (120 credit hours). May not dual claim work experience and education to meet requirements.

Preferred:

• A master’s degree from an accredited college or university may substitute for two years of the required work experience.
• Current holding of one or more of the following certifications: CISSP, CCSP, CEH, CISA, CRISC, or Security+; or the ability to gain within one year (12 months).
• Experience managing information security related projects.
• Working knowledge of network and system administration, operation of firewalls, and application security practices.
• Experience interpreting vulnerability reports and writing reports.

Physical Requirements And/Or Working Conditions:

Work is performed in a standard office environment and requires:

•  Regular, reliable, and punctual attendance at work;
•  Frequent use of personal computer, copiers, printers, and telephones;

• Frequent Sitting, And

•  Frequently working under deadlines, as a team member, and in direct contact with others.

Workforce:

Must Be Able To:

• Demonstrate knowledge of customer service deliverables.
• Show flexibility and adaptability toward changes in assignments and work schedules, working extended hours as necessary.
• Adhere to the organization’s internal management policies and procedures; and
• Contribute to the agency’s performance measures and mission.

Application Requirements:

The Texas Higher Education Coordinating Board is an Equal Opportunity Employer. A State of Texas application is required to apply. For more information on how to apply for this position, go to the Coordinating Board’s employment opportunities website at  Careers - Texas Higher Education Coordinating Board

The Texas Higher Education Coordinating Board participates in E-Verify for each new employees’ Form I-9 to confirm work authorization. For questions, please call the HR Department at 512-427-6190. For vocal and/or hearing assistance call 7-1-1.

Notes To Applicant:

This position is fully remote. Employees may work from any location within the state of Texas, with occasional travel for team meetings or training as required. Reliable internet access and a dedicated workspace are required.

If you require any reasonable accommodation for the interview process, please inform the hiring representative who calls to schedule your interview. This position has been designated as a security sensitive position. A criminal background investigation will be conducted on the final candidate for this position.

Your job application must be completely filled out. Your application must contain dates of employment, job titles, name of employer and a description of duties performed in a way that demonstrates you meet the minimum qualifications for the position for which you are applying. Resumes do not take the place of the requirement to include this information on the application. If this information is not submitted, your application may be rejected because it is incomplete.

Veterans Information: Thecb Is Committed To Hiring Veterans. To Receive Veteran’S Preference, A Copy Of The Form Dd214 -Member #4, Must Be Attached When Submitting Your Application.

An Equal Employment Opportunity Employer: Thecb Does Not Discriminate On The Basis, Of Race, Color, Religion, Sex, National Origin, Age, Or Disability In Employment Or The Provision Of Services.

Job Offer And Continuation Of Employment With Thecb Is Contingent Upon:

• Proof of education and experience listed on the application.
• Eligibility/authorization to work in the U.S.
• Satisfactory results from a pre-employment criminal history background check.
• Compliance with the Selective Service Law for males ages 18-25. Please be advised that under Texas law, names and other information concerning applicants or nominees may be subject to disclosure upon request.

THECB does not allow dual employment with other state of Texas agencies or institutions.

Skills assessment may be conducted at time of interview

No phone calls or emails, please. Due to the high volume of applications, we do not accept telephone calls and cannot reply to all email inquiries. Only candidates selected for interview will be contacted.