Centralized Accounting and Payroll/Personnel System
DPS - LS - Cybersecurity Analyst II
Centralized Accounting and Payroll/Personnel System, Austin, Texas, us, 78716
Job Description - DPS - LS - Cybersecurity Analyst II - 0320 (00051671)
Job Description
DPS - LS - Cybersecurity Analyst II - 0320 ( 00051671 )
Organization
: TEXAS DEPARTMENT OF PUBLIC SAFETY
Primary Location
Primary Location
: Texas-Austin
Work Locations
: AUSTIN HQ (MAIN) 5805 N LAMAR BLVD PO BOX 4087 AUSTIN TX 78773 Austin 78752
Job
Job
: Computer and Mathematical
Employee Status
Employee Status
: Regular
Schedule
State Job Code : 0320 Salary Admin Plan : B Grade : 25 Salary (Pay Basis)
Salary (Pay Basis)
: 7,500.00 - 8,000.00 ( Monthly )
Number of Openings
Number of Openings
: 1
Overtime Status
Overtime Status
: Exempt
Job Posting
Job Posting
: Aug 6, 2025, 3:24:54 PM
Closing Date Closing Date : Ongoing Description PLEASE NOTE:
All applications must contain complete job histories, which includes job title, dates of employment, name of employer, supervisor's name and phone number and a description of duties performed. If this information is not submitted, your application may be rejected because it is incomplete. Resumes do not take the place of this required information. SUBMITTED THROUGH WORK IN TEXAS:
Work In Texas (WIT) applicants must complete the supplemental questions to be considered for the posting. In order to complete the supplemental questions please go to CAPPS Recruit to register or login and access your profile. Go to CAPPS Recruit to Sign In https://capps.taleo.net/careersection/ex/jobsearch.ftl?lang=en GENERAL DESCRIPTION:
Performs complex (journey-level) information security and cybersecurity analysis and training work. Responsible for coordination, governance and mitigation of DPS risk strategy for cybersecurity. This includes developing, implementing, and maintaining a cybersecurity risk framework and establishing processes and procedures for risk identification, analysis, and monitoring including responsibility for remediation planning and reporting. Conducts security control assessments, system and network risk assessments, and communication of assessment results and risk levels to technical and non-technical audiences.May train others.Works under general supervision, with limited latitude for the use of initiative and independent judgment. The following Military Occupational Specialty codes are generally applicable to this position. Applicants must fully complete the summary of experience to determine if minimum qualifications are met. ESSENTIAL DUTIES / RESPONSIBILITIES: 1. Perform Cyber Risk Management process including risk assessments, control assessments, and vulnerability management across agency. 2. Perform Cybersecurity Risk analysis and manage information security programs. 3. Evaluate threats and vulnerabilities to ascertain whether additional safeguards are needed and elevate them to the Cyber Risk and Vulnerability Manager for review . 4. Provide input for plans, roadmaps, and prioritization for projects in order to drive down organizational risks. 5. Recommend approval for exceptions or waivers and forward the information to the manager. 6. Ensure residual risk is elevated and formally documented on a corrective action plan, if the CISO approves a system that does not meet all the security requirements for operation. 7. Ensure that all risks not mitigated are documented for CISO acceptance and that Plans of Action and Milestones (POA&M) are created. 8. Ensure each system is evaluated based on its environment and sensitivity levels. 9. Evaluate complex business and technical requirements and communicate inherent security risks and solutions to technical and non-technical owners. 10. Collaborate with IT to manage security vulnerabilities. 11. Ensure the NIST based risk management process is followed and evangelizes adoption of best practices. 12. Perform other duties as assigned. Qualifications GENERAL QUALIFICATIONS and REQUIREMENTS: Education
Graduation from an accredited four-year college or university required, with a major and/or emphasis of computer science, information technology or a related field. Experience
Minimum of two (2) years work experience in cyber risk management and vulnerability management. Experience performing IT security audits or assessments preferred. Must be proficient with the use of risk and control frameworks and process improvement models; and must obtain CRISC certification within one year. Substitution Note: Additional work experience of the type described or other related education may be substituted for one another on a year-for-year basis. Licensure and/or Certification
- Certification in risk and information systems control (CRISC) preferred. Security/Risk Knowledge
Extensive in-depth knowledge and understanding of information risk concepts and principles, as a means of relating business needs to security controls. Knowledge of and experience in developing and documenting security architecture and plans, including strategic, tactical and project plans. In-depth knowledge of risk assessment methods and technologies. Proficiency in performing risk, business impact, control and vulnerability assessments. Ability to provide guidance for security activities in the project management life cycle, system development life cycle and application development efforts. Technology (computers/hardware/software/operating systems)
Must possess appropriate levels of proficiency with utilized software and systems and be able to learn new software/systems. Demonstrated proficiency with Microsoft Office Suite (Word, Excel, PowerPoint, Outlook). Considerable knowledge of network infrastructure, including routers, switches, firewalls, and the associated network protocols and concepts. Strong working knowledge of information technology and security, including vulnerability scanning/penetration tools, network firewall technologies, Internet applications, E-Business, telecommunications and/or computer systems analysis. Regulatory knowledge
Must possess a working knowledge of office practices and applicable laws relating to information security and privacy. Knowledge of or the ability to rapidly assimilate information related to TXDPS, State, and Federal regulations, legislations, guidelines, policies, and procedures. Interpersonal Skills
Must demonstrate an ability to exercise poise, tact, diplomacy and an ability to establish and maintain positive, working/professional relationships with internal/external customers. Organizational and Prioritization Skills
Must be organized, flexible, and able to effectively prioritize in a multi-demand and constantly changing environment; able to meet multiple and sometimes conflicting deadlines without sacrificing accuracy, timeliness or professionalism. Communication Skills
Must be able to construct and deliver clear, concise, and professional communication to a variety of audiences and/or individuals. Analytical Reasoning/Attention to Detail
Must demonstrate an ability to examine data/information, discern variations/similarities, and be able identify trends, relationships and causal factors, as well as grasp issues, draw accurate conclusions, and solve problems. Confidentiality and Protected Information
Must demonstrate an ability to responsibly handle sensitive and confidential information and situations, and adhere to applicable laws/statutes/policies related to access, maintenance and dissemination of information. PHYSICAL and/or ENVIRONMENTAL DEMANDS: The physical and environmental demands described here are representative of those encountered and/or necessary for the employee to successfully perform the essential functions of this job; reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Ambulatory skills, e.g. stand, walk, sit; Ability to speak, hear, and exercise visual acuity; Ability to transfer weights of ten (10) pounds anticipated for this position; Current DPS employees who submit applications for posted DPS positions shall notify their immediate supervisor in writing. A DPS employee who is selected for a position in the same salary group and state title as their current position will be transferred with no salary change. A DPS employee who is selected for a position in their current salary group with a new state title may receive an increase of no more than 3.4% over their current salary regardless of posted salary. Salary is contingent upon qualifications and is subject to salary administration and budgetary restrictions. DUE TO THE HIGH VOLUME OF APPLICATIONS WE DO NOT ACCEPT TELEPHONE CALLS. ONLY CANDIDATES SELECTED FOR INTERVIEW WILL BE CONTACTED. State of Texas retirees may be rehired for full-time, non-commissioned positions only under very specific circumstances. #J-18808-Ljbffr
: TEXAS DEPARTMENT OF PUBLIC SAFETY
Primary Location
Primary Location
: Texas-Austin
Work Locations
: AUSTIN HQ (MAIN) 5805 N LAMAR BLVD PO BOX 4087 AUSTIN TX 78773 Austin 78752
Job
Job
: Computer and Mathematical
Employee Status
Employee Status
: Regular
Schedule
State Job Code : 0320 Salary Admin Plan : B Grade : 25 Salary (Pay Basis)
Salary (Pay Basis)
: 7,500.00 - 8,000.00 ( Monthly )
Number of Openings
Number of Openings
: 1
Overtime Status
Overtime Status
: Exempt
Job Posting
Job Posting
: Aug 6, 2025, 3:24:54 PM
Closing Date Closing Date : Ongoing Description PLEASE NOTE:
All applications must contain complete job histories, which includes job title, dates of employment, name of employer, supervisor's name and phone number and a description of duties performed. If this information is not submitted, your application may be rejected because it is incomplete. Resumes do not take the place of this required information. SUBMITTED THROUGH WORK IN TEXAS:
Work In Texas (WIT) applicants must complete the supplemental questions to be considered for the posting. In order to complete the supplemental questions please go to CAPPS Recruit to register or login and access your profile. Go to CAPPS Recruit to Sign In https://capps.taleo.net/careersection/ex/jobsearch.ftl?lang=en GENERAL DESCRIPTION:
Performs complex (journey-level) information security and cybersecurity analysis and training work. Responsible for coordination, governance and mitigation of DPS risk strategy for cybersecurity. This includes developing, implementing, and maintaining a cybersecurity risk framework and establishing processes and procedures for risk identification, analysis, and monitoring including responsibility for remediation planning and reporting. Conducts security control assessments, system and network risk assessments, and communication of assessment results and risk levels to technical and non-technical audiences.May train others.Works under general supervision, with limited latitude for the use of initiative and independent judgment. The following Military Occupational Specialty codes are generally applicable to this position. Applicants must fully complete the summary of experience to determine if minimum qualifications are met. ESSENTIAL DUTIES / RESPONSIBILITIES: 1. Perform Cyber Risk Management process including risk assessments, control assessments, and vulnerability management across agency. 2. Perform Cybersecurity Risk analysis and manage information security programs. 3. Evaluate threats and vulnerabilities to ascertain whether additional safeguards are needed and elevate them to the Cyber Risk and Vulnerability Manager for review . 4. Provide input for plans, roadmaps, and prioritization for projects in order to drive down organizational risks. 5. Recommend approval for exceptions or waivers and forward the information to the manager. 6. Ensure residual risk is elevated and formally documented on a corrective action plan, if the CISO approves a system that does not meet all the security requirements for operation. 7. Ensure that all risks not mitigated are documented for CISO acceptance and that Plans of Action and Milestones (POA&M) are created. 8. Ensure each system is evaluated based on its environment and sensitivity levels. 9. Evaluate complex business and technical requirements and communicate inherent security risks and solutions to technical and non-technical owners. 10. Collaborate with IT to manage security vulnerabilities. 11. Ensure the NIST based risk management process is followed and evangelizes adoption of best practices. 12. Perform other duties as assigned. Qualifications GENERAL QUALIFICATIONS and REQUIREMENTS: Education
Graduation from an accredited four-year college or university required, with a major and/or emphasis of computer science, information technology or a related field. Experience
Minimum of two (2) years work experience in cyber risk management and vulnerability management. Experience performing IT security audits or assessments preferred. Must be proficient with the use of risk and control frameworks and process improvement models; and must obtain CRISC certification within one year. Substitution Note: Additional work experience of the type described or other related education may be substituted for one another on a year-for-year basis. Licensure and/or Certification
- Certification in risk and information systems control (CRISC) preferred. Security/Risk Knowledge
Extensive in-depth knowledge and understanding of information risk concepts and principles, as a means of relating business needs to security controls. Knowledge of and experience in developing and documenting security architecture and plans, including strategic, tactical and project plans. In-depth knowledge of risk assessment methods and technologies. Proficiency in performing risk, business impact, control and vulnerability assessments. Ability to provide guidance for security activities in the project management life cycle, system development life cycle and application development efforts. Technology (computers/hardware/software/operating systems)
Must possess appropriate levels of proficiency with utilized software and systems and be able to learn new software/systems. Demonstrated proficiency with Microsoft Office Suite (Word, Excel, PowerPoint, Outlook). Considerable knowledge of network infrastructure, including routers, switches, firewalls, and the associated network protocols and concepts. Strong working knowledge of information technology and security, including vulnerability scanning/penetration tools, network firewall technologies, Internet applications, E-Business, telecommunications and/or computer systems analysis. Regulatory knowledge
Must possess a working knowledge of office practices and applicable laws relating to information security and privacy. Knowledge of or the ability to rapidly assimilate information related to TXDPS, State, and Federal regulations, legislations, guidelines, policies, and procedures. Interpersonal Skills
Must demonstrate an ability to exercise poise, tact, diplomacy and an ability to establish and maintain positive, working/professional relationships with internal/external customers. Organizational and Prioritization Skills
Must be organized, flexible, and able to effectively prioritize in a multi-demand and constantly changing environment; able to meet multiple and sometimes conflicting deadlines without sacrificing accuracy, timeliness or professionalism. Communication Skills
Must be able to construct and deliver clear, concise, and professional communication to a variety of audiences and/or individuals. Analytical Reasoning/Attention to Detail
Must demonstrate an ability to examine data/information, discern variations/similarities, and be able identify trends, relationships and causal factors, as well as grasp issues, draw accurate conclusions, and solve problems. Confidentiality and Protected Information
Must demonstrate an ability to responsibly handle sensitive and confidential information and situations, and adhere to applicable laws/statutes/policies related to access, maintenance and dissemination of information. PHYSICAL and/or ENVIRONMENTAL DEMANDS: The physical and environmental demands described here are representative of those encountered and/or necessary for the employee to successfully perform the essential functions of this job; reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Ambulatory skills, e.g. stand, walk, sit; Ability to speak, hear, and exercise visual acuity; Ability to transfer weights of ten (10) pounds anticipated for this position; Current DPS employees who submit applications for posted DPS positions shall notify their immediate supervisor in writing. A DPS employee who is selected for a position in the same salary group and state title as their current position will be transferred with no salary change. A DPS employee who is selected for a position in their current salary group with a new state title may receive an increase of no more than 3.4% over their current salary regardless of posted salary. Salary is contingent upon qualifications and is subject to salary administration and budgetary restrictions. DUE TO THE HIGH VOLUME OF APPLICATIONS WE DO NOT ACCEPT TELEPHONE CALLS. ONLY CANDIDATES SELECTED FOR INTERVIEW WILL BE CONTACTED. State of Texas retirees may be rehired for full-time, non-commissioned positions only under very specific circumstances. #J-18808-Ljbffr