Dallas County
1000000557.SENIOR CYBERSECURITY ANALYST.INFO TECH SERVICES
Dallas County, Dallas, Texas, United States, 75215
Senior Cybersecurity Analyst – Information Technology Services
Dallas County – Plano, TX. The Senior Cybersecurity Analyst secures Dallas County’s information systems and data. This role combines enterprise‑wide cyber threat detection, incident response, compliance monitoring, and security policy implementation. It supports the County’s hybrid environment by integrating technical security operations with regulatory mandates, including CJIS, HIPAA, and NIST 800‑53, while working closely with IT Security Engineering and Compliance teams to defend the County infrastructure from evolving threats.
Responsibilities
Respond to and investigate escalated security tickets, requests, alerts, and events; perform advanced triage, coordinate with technical teams for containment, and document incident response activities.
Support daily operations of the County’s security infrastructure, including SIEM, endpoint detection and response, and related tooling; perform alert tuning, rule validation, and ensure reliable telemetry flow into security platforms.
Conduct proactive threat‑hunting activities across SIEM, EDR, and available log sources; analyze behavioral patterns and threat intelligence to identify anomalous activity; develop hypotheses, execute investigations, and report findings.
Manage incoming security‑related tickets, requests, and inquiries from internal departments; prioritize and track resolution, provide technical guidance, and ensure timely communication and closure of support cases.
Develop and maintain operational documentation, including incident response runbooks, SOPs, technical workflows, and knowledge‑base articles; ensure documentation is version‑controlled and aligned with policy and tool changes.
Participate in IT and security‑related projects by providing technical guidance, control implementation support, and input on security design considerations.
Collaborate with Engineering and IT to ensure secure system configurations.
Contribute to the development and maintenance of IT security policies, procedures, and operational standards; work with Security Compliance, Engineering, and IT teams to ensure technical controls support Dallas County policies and regulatory requirements.
Perform other duties as assigned.
Qualifications
Education and experience equivalent to a Bachelor’s degree in Information Systems, Cybersecurity, Computer Science, or a related field.
Six (6) years of IT experience in cybersecurity operations, including roles such as Security Analyst, Security Engineer, or SOC Analyst.
Certifications (Preferred): CISSP, GCIH, GCIA, CompTIA Cybersecurity Analyst (CySA+), and other relevant security certifications.
Strong written and verbal communication skills for collaboration and reporting.
Ability to work independently and effectively in a team‑oriented environment.
Strong analytical, organizational, and documentation skills.
Ability to create, implement, and support security policies, procedures, and operational controls.
Ability to engage and manage third‑party security vendors and managed security service providers.
Knowledge of implementing, managing, and configuring security and threat monitoring tools including SIEM, SOAR, EDR, and DLP technologies.
Ability to participate in an on‑call rotation for after‑hours security incident escalation.
Advanced knowledge of cybersecurity operations, including SIEM management, threat detection, and hands‑on incident response.
Ability to lead or mentor junior analysts or coordinate team‑based incident investigations.
Knowledge of regulatory and compliance frameworks such as CJIS, HIPAA, PCI‑DSS, NIST 800‑53, ISO 27001, and risk assessment methodologies.
Ability to enforce and manage regulatory compliance standards such as CJIS, HIPAA, and NIST.
Skill in threat hunting, forensic analysis, malware behavior analysis, and endpoint forensics platforms.
Skill in interpreting and correlating alerts from multiple sources (EDR, firewalls, cloud logs, email gateways, identity systems) to identify sophisticated attacks or insider threats.
Experience with scripting or programming (e.g., Python, PowerShell) for automating security tasks or parsing large datasets.
Experience with cloud‑native security tools and monitoring across Microsoft Azure, AWS, or Google Cloud environments.
Ability to contribute to security policy development, control testing, and continuous improvement of security monitoring capabilities.
Ability to conduct post‑incident reviews, root cause analysis, and draft executive‑level incident reports.
Ability to manage high‑pressure situations and lead coordinated response efforts during security incidents.
Skills in technical security and ability to interpret and apply security policy and standards.
Knowledge of security tooling (SIEM, EDR, DLP), security response automation, and proactive threat hunting.
Must have a valid Texas Driver's License and good driving record; must provide a 10‑year driving history; comply with Article II, Subdivision II of Chapter 90 of the Dallas County Code.
Individuals with access to criminal‑justice databases must pass a national fingerprint‑based records check prior to placement; must maintain ability to pass the check throughout employment.
Physical / Environmental Requirements Standard office environment. Ability to lift and carry up to 25 lbs unassisted. Work a 40‑hour hybrid work week with on‑call availability for two days per month. Sitting for extended periods of time.
#J-18808-Ljbffr
Responsibilities
Respond to and investigate escalated security tickets, requests, alerts, and events; perform advanced triage, coordinate with technical teams for containment, and document incident response activities.
Support daily operations of the County’s security infrastructure, including SIEM, endpoint detection and response, and related tooling; perform alert tuning, rule validation, and ensure reliable telemetry flow into security platforms.
Conduct proactive threat‑hunting activities across SIEM, EDR, and available log sources; analyze behavioral patterns and threat intelligence to identify anomalous activity; develop hypotheses, execute investigations, and report findings.
Manage incoming security‑related tickets, requests, and inquiries from internal departments; prioritize and track resolution, provide technical guidance, and ensure timely communication and closure of support cases.
Develop and maintain operational documentation, including incident response runbooks, SOPs, technical workflows, and knowledge‑base articles; ensure documentation is version‑controlled and aligned with policy and tool changes.
Participate in IT and security‑related projects by providing technical guidance, control implementation support, and input on security design considerations.
Collaborate with Engineering and IT to ensure secure system configurations.
Contribute to the development and maintenance of IT security policies, procedures, and operational standards; work with Security Compliance, Engineering, and IT teams to ensure technical controls support Dallas County policies and regulatory requirements.
Perform other duties as assigned.
Qualifications
Education and experience equivalent to a Bachelor’s degree in Information Systems, Cybersecurity, Computer Science, or a related field.
Six (6) years of IT experience in cybersecurity operations, including roles such as Security Analyst, Security Engineer, or SOC Analyst.
Certifications (Preferred): CISSP, GCIH, GCIA, CompTIA Cybersecurity Analyst (CySA+), and other relevant security certifications.
Strong written and verbal communication skills for collaboration and reporting.
Ability to work independently and effectively in a team‑oriented environment.
Strong analytical, organizational, and documentation skills.
Ability to create, implement, and support security policies, procedures, and operational controls.
Ability to engage and manage third‑party security vendors and managed security service providers.
Knowledge of implementing, managing, and configuring security and threat monitoring tools including SIEM, SOAR, EDR, and DLP technologies.
Ability to participate in an on‑call rotation for after‑hours security incident escalation.
Advanced knowledge of cybersecurity operations, including SIEM management, threat detection, and hands‑on incident response.
Ability to lead or mentor junior analysts or coordinate team‑based incident investigations.
Knowledge of regulatory and compliance frameworks such as CJIS, HIPAA, PCI‑DSS, NIST 800‑53, ISO 27001, and risk assessment methodologies.
Ability to enforce and manage regulatory compliance standards such as CJIS, HIPAA, and NIST.
Skill in threat hunting, forensic analysis, malware behavior analysis, and endpoint forensics platforms.
Skill in interpreting and correlating alerts from multiple sources (EDR, firewalls, cloud logs, email gateways, identity systems) to identify sophisticated attacks or insider threats.
Experience with scripting or programming (e.g., Python, PowerShell) for automating security tasks or parsing large datasets.
Experience with cloud‑native security tools and monitoring across Microsoft Azure, AWS, or Google Cloud environments.
Ability to contribute to security policy development, control testing, and continuous improvement of security monitoring capabilities.
Ability to conduct post‑incident reviews, root cause analysis, and draft executive‑level incident reports.
Ability to manage high‑pressure situations and lead coordinated response efforts during security incidents.
Skills in technical security and ability to interpret and apply security policy and standards.
Knowledge of security tooling (SIEM, EDR, DLP), security response automation, and proactive threat hunting.
Must have a valid Texas Driver's License and good driving record; must provide a 10‑year driving history; comply with Article II, Subdivision II of Chapter 90 of the Dallas County Code.
Individuals with access to criminal‑justice databases must pass a national fingerprint‑based records check prior to placement; must maintain ability to pass the check throughout employment.
Physical / Environmental Requirements Standard office environment. Ability to lift and carry up to 25 lbs unassisted. Work a 40‑hour hybrid work week with on‑call availability for two days per month. Sitting for extended periods of time.
#J-18808-Ljbffr