Cybersecurity Operations Engineer (Cybersecurity Analyst II) Job at Centralized

Job Description - Cybersecurity Operations Engineer (Cybersecurity Analyst II) (00054577) Organization: TEXAS EDUCATION AGENCY Primary Location: Texas-Austin Work Locations: Texas Education Agency, 1701 North Congress Avenue, Austin, 78701 Employee Status: Regular Travel: Yes, 5% of the Time State Job Code: 0320 Salary Admin Plan: B Grade: 25 Salary (Pay Basis): $5,797.67 - $7,333.81 (Monthly) Number of Openings: 1 Overtime Status: Exempt Closing Date: Ongoing Mission The Texas Education Agency (TEA) will improve outcomes for all public‑school students in the state by providing leadership, guidance, and support to school systems. Core Values We are Determined: We are committed and intentional in the pursuit of our main purpose, to improve outcomes for students. We are People‑Centered: We strive to attract, develop, and retain the most committed talent, representing the diversity of Texas, each contributing to our common vision for students. We are Learners: We seek evidence, reflect on success and failure, and try new approaches in the pursuit of excellence for our students. We are Servant Leaders: Above all else, we are public servants working to improve opportunities for students and provide support to those who serve them. About Office of IT The Office of Information Technology works closely with all agency divisions to implement innovative technology solutions in a cost‑efficient manner that supports the goals and priorities of the Texas Education Agency. The Office of IT provides efficient technology solutions and stellar customer services to internal staff, 20 Educational Service Centers, and 1,200+ public‑school districts and charter schools. Services include leadership on IT initiatives; guidance on security/policy issues; new application development/enhancements; software acquisition; technical support; assistance with technical sections of purchasing documents such as RFI, RFO, RFP; and oversight on the data collection process which helps to support and improve outcomes for all of Texas’ 5 million+ students. Position Overview This position is funded through December 30, 2026. Continuation beyond that date is contingent on available funding. The Cybersecurity Operations Engineer assists the Texas Education Agency (TEA) mission to support every Texas public school student to be ready for college, career or the military and understands the Agency must first have a workforce of high‑performing individuals who are committed to improving outcomes for Texas students. With this as our guiding principle, the Cybersecurity Operations Engineer works closely with TEA’s Cybersecurity Operations Team Lead to implement a stakeholder‑focused Information Security Program to protect the information shared with the Agency by the citizens of Texas and Local Education Agencies. Flexible work location within the state of Texas may be considered for qualified candidates. Please note that a resume is a required attachment for applying to this position. Incomplete applications will not be considered. Applicants who are strongly being considered for employment must submit to a national criminal background check. Essential Functions Job duties are not limited to the essential functions mentioned below. You may perform other functions as assigned. 1. Cybersecurity Engineering: Implement, maintain, tune, and manage various cybersecurity tools with a primary focus on SOAR/SIEM tools, including log collection, normalization, log forwarder management, alert and detection rule creation, RBAC configuration, dashboards, visuals, reports, and documentation. Manage and monitor the EDR platform. 2. Cybersecurity Analysis: Provide cybersecurity consultation for TEA projects aligning with the Information Security Program; guide on security requirements and controls; analyze SIEM/SOAR/EDR data to inform monitoring and detection improvements; document findings in written reports when required. 3. Incident Response: Resolve security issues in diverse and decentralized environments; communicate effectively; detect, investigate, remediate, and recover from cybersecurity threats; report residual risk, vulnerabilities, and exposures to the Incident Response Lead; document incidents as required. 4. Cybersecurity Advisor: Assist management and users regarding security policy, procedures, and best practices; focus on maximizing utility of the SIEM/SOAR solution. Qualifications Minimum Qualifications: Education: Graduation from an accredited four‑year college or university. Degree field(s): Cybersecurity, information technology security, computer engineering, computer information systems, computer science, management information systems, or a related field. Experience: At least two (2) years in an enterprise environment performing all of the following: managing and configuring an enterprise‑grade SIEM/SOAR solution; using Python or PowerShell to collect, normalize, and send data to a SIEM/SOAR platform; creating alerts, dashboards, and reports; validating and deploying security controls; responding to alerts/events. Experience must be recent (within the last year), paid, and professional in a moderate to large enterprise. Substitutions: Each additional year of related experience above the required minimum may substitute for education on a year‑for‑year basis. Other Qualifications: Share the belief that all Texas students can achieve at high levels and succeed in college, career, or the military. Experience administering, configuring, and using CrowdStrike Next Gen SIEM and/or Splunk is preferred. Understanding of modern threat actor techniques, tactics, and procedures (TTPs) is preferred. Knowledge and experience with FERPA is preferred. Collaborative team player with a proactive approach to projects; adaptable to acquiring new skills and responsibilities. Skill in translating business imperatives and risk tolerances into effective security solutions, adhering to change control processes, documenting findings clearly, and managing expectations with professionalism. Strong organizational skills and ability to manage multiple priorities while fostering collaboration and teamwork. Demonstrated excellence in customer experience and relationship building, communicating professionally across all organizational levels and business units. As an equal‑opportunity employer, we hire without consideration of race, religion, color, national origin, sex, disability, age, or veteran status, unless an applicant is entitled to military employment preference. This position requires the applicant to meet agency standards and criteria, including passing a pre‑employment criminal background check, before a job offer is made. To review the Military Occupational Specialty (MOS) codes from each branch of the U.S. Armed Forces to each job classification series in the State’s Position Classification Plan, please access the Military Crosswalk Guide and click on the military “occupational category” that corresponds with the state classification in this job posting title. No phone calls or emails. Due to the high volume of applications, we do not accept telephone calls and cannot reply to all email inquiries. Only candidates selected for interview will be contacted. Please add "capps.recruiting@cpa.texas.gov" and "@tea.texas.gov" to your safe‑senders list to ensure you receive email notifications from our talent acquisition team and/or hiring division regarding your candidacy. #J-18808-Ljbffr