Texas Department of Motor Vehicles
Please view the full posting in the CAPPS Career Section: https://capps.taleo.net/careersection/ex/jobdetail.ftl?job=00052513. You may apply to the job directly through the CAPPS Career Section. It is not necessary to apply both through Work In Texas and CAPPS Career Section.
This position is eligible for a flexible work location within the state of Texas and Telework may be available based on TxDMV operational needs. To apply, complete an online application through the Applicant Career Section or through WorkInTexas. TxDMV does not accept paper applications. Applicants who require accommodation for the interview process should contact Human Resources at 512-465-4043 when contacted to schedule an interview.
General description
Our mission at the Texas Department of Motor Vehicles (TxDMV) is to serve, protect and advance the citizens and industries in the state with quality motor vehicle related services. We are a dynamic state agency dedicated to customer service, consumer protection and the success of motor vehicle-related industries. Performs highly complex or advanced cybersecurity analysis work in support of the TxDMV Information Technology (IT) Services Division. Manages and monitors security tools and performs or oversees IT risk assessments. Researches, analyzes, evaluates, or plans security and risk management controls, participates in the development of the information security program or monitors program compliance; develops and provides or manages delivery of security awareness training; and assists in the details of or leads cybersecurity incident/breach management and response. Performs system pre-implementation assessments for compliance with regulatory and industry requirements or reports results to management. Work may require contact with governmental agencies and third-party providers. May supervise and mentor the work of others. Works under minimal supervision with extensive latitude for the use of initiative and independent judgment. Essential duties
Supports the implementation of computer system security plans with agency personnel and outside vendors. Researches and evaluates systems and procedures for the prevention, detection, containment, and correction of data security breaches. Develops plans to safeguard computer files against accidental or unauthorized modification, destruction, or disclosure. Monitors and maintains the necessary systems and procedures to protect data systems and databases from unauthorized users. Maintains regulatory controls and tests framework to mitigate business risk. Performs incident/breach response activities and required reporting. Performs threat assessments and coordinates security penetration testing. Trains users and promotes security awareness to ensure system security and to improve server and network efficiency. Assists agency in recommending and implementing data encryption techniques (for transmissions, databases, etc.) and implementing information security services. Works with third party providers to validate compliance with security responsibilities. Works with partner ITSD staff to assure operation and maintenance of Agency security systems and to design and assure deployment of Agency security solutions. Advises the ISO on regulatory and industry compliance and IT best practices. Gathers and provides related information for use by the ISO to make appropriate system-related decisions and to mitigate security-related problems on business operations. Performs technical security/risk assessments and reviews of new and existing applications and performs risk lifecycle activities including creating or modifying computer system security plans and proposing offering recommendations to mitigate or manage risk, including network infrastructure and internet security controls. Performs regulatory and industry requirement readiness assessments for existing architecture including network, hardware, software; provides input to Disaster Recovery and Business Continuity Planning activities. Reviews results of information security applications; reviews and analyzes security logs for anomalies; assists key stakeholders in identifying and certifying relevant technology risks. Maintains knowledge of changing technology and provides recommendations for adaptation of new technologies or security policies. Research cybersecurity and privacy legislation, regulations, advisories, alerts, and vulnerabilities and apply recommendations as required. Monitor IT security related websites, newsgroups, organizations, and publications; recommend best practices and improvements to agency IT security standards and procedures; and prepare and deliver reports and presentations on security related matters. Confers with users to discuss issues such as account permission and data access needs, security violations, and programming changes. Demonstrates a spirit of teamwork and upholds the agencys core values. May supervise the work of others. Ability to maintain the security or integrity of the infrastructure. Travels up to 5% of the time. Travel by car (may include flying); may include overnight travel and extended hours, evenings, and weekends as needed. Required to attend work regularly and adhere to approved work hours in accordance with department policies and procedures. Performs other job-related duties as assigned. Knowledge, skills, and abilities
Knowledge of the limitations and capabilities of computer systems and technology; operational support of networks, operating systems, Internet technologies, databases, and security infrastructure; cybersecurity and information security controls, practices, procedures, and regulations; and incident response program practices and procedures. Skill in the use of a computer and applicable software; and the configuring, deploying, and monitoring security infrastructure. Ability to maintain the security and integrity of the infrastructure. Ability to resolve complex security issues in diverse and decentralized environments; to plan, develop, monitor, and maintain cybersecurity and information technology security processes and controls; to communicate effectively; and to provide guidance to others. Qualifications
Education and Experience: Graduation from an accredited four-year college or university with a major in computer science, cybersecurity, information technology security, computer engineering, computer information systems, or related field. Experience: Minimum six (6) years of experience in at least two of the following areas: Information Security, Penetration Testing, Security Architecture, Network and Internet Security, IT Auditing of Systems and/or Processes, or SOC. Registration, Certification, or Licensure: One or more of the following or equivalent industry recognized certifications are required: CISSP, CEH, GIAC, Security+, CySA+, PenTest+, CCSP, ECIH, or comparable cybersecurity professional certification. Seniority level
Mid-Senior level Employment type
Full-time Job function
Information Technology Government Administration Were unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI. #J-18808-Ljbffr
Our mission at the Texas Department of Motor Vehicles (TxDMV) is to serve, protect and advance the citizens and industries in the state with quality motor vehicle related services. We are a dynamic state agency dedicated to customer service, consumer protection and the success of motor vehicle-related industries. Performs highly complex or advanced cybersecurity analysis work in support of the TxDMV Information Technology (IT) Services Division. Manages and monitors security tools and performs or oversees IT risk assessments. Researches, analyzes, evaluates, or plans security and risk management controls, participates in the development of the information security program or monitors program compliance; develops and provides or manages delivery of security awareness training; and assists in the details of or leads cybersecurity incident/breach management and response. Performs system pre-implementation assessments for compliance with regulatory and industry requirements or reports results to management. Work may require contact with governmental agencies and third-party providers. May supervise and mentor the work of others. Works under minimal supervision with extensive latitude for the use of initiative and independent judgment. Essential duties
Supports the implementation of computer system security plans with agency personnel and outside vendors. Researches and evaluates systems and procedures for the prevention, detection, containment, and correction of data security breaches. Develops plans to safeguard computer files against accidental or unauthorized modification, destruction, or disclosure. Monitors and maintains the necessary systems and procedures to protect data systems and databases from unauthorized users. Maintains regulatory controls and tests framework to mitigate business risk. Performs incident/breach response activities and required reporting. Performs threat assessments and coordinates security penetration testing. Trains users and promotes security awareness to ensure system security and to improve server and network efficiency. Assists agency in recommending and implementing data encryption techniques (for transmissions, databases, etc.) and implementing information security services. Works with third party providers to validate compliance with security responsibilities. Works with partner ITSD staff to assure operation and maintenance of Agency security systems and to design and assure deployment of Agency security solutions. Advises the ISO on regulatory and industry compliance and IT best practices. Gathers and provides related information for use by the ISO to make appropriate system-related decisions and to mitigate security-related problems on business operations. Performs technical security/risk assessments and reviews of new and existing applications and performs risk lifecycle activities including creating or modifying computer system security plans and proposing offering recommendations to mitigate or manage risk, including network infrastructure and internet security controls. Performs regulatory and industry requirement readiness assessments for existing architecture including network, hardware, software; provides input to Disaster Recovery and Business Continuity Planning activities. Reviews results of information security applications; reviews and analyzes security logs for anomalies; assists key stakeholders in identifying and certifying relevant technology risks. Maintains knowledge of changing technology and provides recommendations for adaptation of new technologies or security policies. Research cybersecurity and privacy legislation, regulations, advisories, alerts, and vulnerabilities and apply recommendations as required. Monitor IT security related websites, newsgroups, organizations, and publications; recommend best practices and improvements to agency IT security standards and procedures; and prepare and deliver reports and presentations on security related matters. Confers with users to discuss issues such as account permission and data access needs, security violations, and programming changes. Demonstrates a spirit of teamwork and upholds the agencys core values. May supervise the work of others. Ability to maintain the security or integrity of the infrastructure. Travels up to 5% of the time. Travel by car (may include flying); may include overnight travel and extended hours, evenings, and weekends as needed. Required to attend work regularly and adhere to approved work hours in accordance with department policies and procedures. Performs other job-related duties as assigned. Knowledge, skills, and abilities
Knowledge of the limitations and capabilities of computer systems and technology; operational support of networks, operating systems, Internet technologies, databases, and security infrastructure; cybersecurity and information security controls, practices, procedures, and regulations; and incident response program practices and procedures. Skill in the use of a computer and applicable software; and the configuring, deploying, and monitoring security infrastructure. Ability to maintain the security and integrity of the infrastructure. Ability to resolve complex security issues in diverse and decentralized environments; to plan, develop, monitor, and maintain cybersecurity and information technology security processes and controls; to communicate effectively; and to provide guidance to others. Qualifications
Education and Experience: Graduation from an accredited four-year college or university with a major in computer science, cybersecurity, information technology security, computer engineering, computer information systems, or related field. Experience: Minimum six (6) years of experience in at least two of the following areas: Information Security, Penetration Testing, Security Architecture, Network and Internet Security, IT Auditing of Systems and/or Processes, or SOC. Registration, Certification, or Licensure: One or more of the following or equivalent industry recognized certifications are required: CISSP, CEH, GIAC, Security+, CySA+, PenTest+, CCSP, ECIH, or comparable cybersecurity professional certification. Seniority level
Mid-Senior level Employment type
Full-time Job function
Information Technology Government Administration Were unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI. #J-18808-Ljbffr