CPA - Enterprise Security Analyst II

CPA - Enterprise Security Analyst II (00017640)Organization: COMPTROLLER OF PUBLIC ACCOUNTS Primary Location: Texas-Austin Work Locations: Lyndon B Johnson Building (304-00001) 111 E 17th Street Austin 78774 Job: Computer and Mathematical Employee Status: Regular Schedule: Full-time Standard Hours Per Week: 40.00 Travel: Yes, 5 % of the Time State Job Code: 0322 Salary Admin Plan: B Grade: 27 Salary (Pay Basis): 7,000.00 - 8,300.00 (Monthly) Number of Openings: 1 Overtime Status: Exempt Job Posting: Sep 15, 2021, 4:29:08 PM Closing Date: Sep 29, 2021, 11:59:00 PM Description

APPLICATIONS MAY BE FILED ONLINE AT:
https://capps.taleo.net/careersection/304/jobdetail.ftl?job=00017640&tz=GMT-05:00&tzname=America/Chicago

APPLICATIONS SUBMITTED THROUGH WORK IN TEXAS:
Work In Texas (WIT) applicants must complete the supplemental questions to be considered for the posting. In order to complete the supplemental questions please go to CAPPS Recruit to register or login and access your profile. Go to CAPPS Recruit to Sign In (Link: https://capps.taleo.net/careersection/304/jobsearch.ftl?lang=en )

PLEASE NOTE:
All applications must contain complete job histories, which includes job title, dates of employment, name of employer, supervisor's name and phone number and a description of duties performed. If this information is not submitted, your application may be rejected because it is incomplete. Resumes do not take the place of this required information.

DIVISION: Information Technology

GENERAL DESCRIPTION:
Performs advanced (senior-level) cybersecurity analysis work. Work involves protecting cybersecurity assets and delivering cybersecurity incident detection, incident response, threat assessment, cyber intelligence, software security, and vulnerability assessment services. May assign and/or supervise the work of others. Works under limited supervision, with considerable latitude for the use of initiative and independent judgment.

WORK HOURS:
The position works an eight-hour schedule between 7:00 am and 6:00 pm, 40-hour week, Monday – Friday with occasional work schedule variance as necessary. Occasionally work overtime and/or additional hours. Hours may change based on business need.
Teleworking may be considered if certain working conditions are met. The candidate must have permanent residency within the state of Texas and must be able to meet in office requirements, which can vary among different sections (i.e. report to office 1 day/month, 1day/week, etc.). Travel reimbursements are not provided for teleworking.

ESSENTIAL DUTIES AND RESPONSIBILITIES:

• Monitors and analyzes cybersecurity alerts from cybersecurity tools, network devices, and information systems.
• Monitors and maintains cybersecurity infrastructure and/or policies and procedures to protect information systems from unauthorized use.
• Monitors network traffic and flow for analysis.
• Performs cybersecurity incident detection, analysis, and prevention.
• Performs vulnerability scans of networks and applications to assess effectiveness and identify weaknesses.
• Performs forensic analysis of information systems and portable devices and forensic recovery of data using assessment tools.
• Researches and analyzes cybersecurity threat indicators and their behaviors, and recommends threat mitigation strategies.
• Researches cybersecurity and privacy legislation, regulations, advisories, alerts, and vulnerabilities.
• Evaluates network and system security configuration for best practices and risk-based access controls.
• Assists in identifying and evaluating new cybersecurity technologies to remediate vulnerabilities.
• Assists in advising management and users regarding security procedures.
• Develop processes, procedures, monitoring practices and metrics to measure the effectiveness of security operations activities and leads towards process maturity.
• Creates and maintains accurate documentation of current enterprise security environment.
• Serve as Technical Lead on projects as necessary.
• Serve as a liaison to the Information Security Division.
• Implement and maintain cybersecurity infrastructure including Anti-Virus, DLP, SIEM systems, vulnerability scanners and security information management tools.
• Implement and maintain security controls for infrastructure systems including servers, workstations, web and other applications.
• Support and if appropriate lead incident response activities including coordination of immediate corrective action to systems known to have any security weaknesses or vulnerabilities, including network isolation, re-configuration and installing appropriate patches or upgrades.
• Troubleshoots complex systems problems related to network, security, infrastructure and application information systems
• Provide ongoing monitoring of sources of information on potential threats and vulnerabilities, including hacker web sites, anti-virus vendors, other government agencies and trade publications.
• Performs related work as assigned.

Qualifications

EDUCATION:
Graduation from an accredited college or university with a bachelor’s degree.

PREFERRED EDUCATION:
Graduation from an accredited college or university with a bachelor’s degree with major coursework in cybersecurity, information technology security, computer engineering, computer information systems, computer science, management information systems, or a related field

EXPERIENCE:

• Experience in cybersecurity analysis, information security analysis, or digital forensics.
• Three (3) years of experience supporting Anti-Virus, DLP & SIEM, systems scanning, application scanning, Windows, Linux and Unix systems.
• Three (3) years of experience analyzing security events
• Three (3) years of experience supporting complex networks

PREFERRED EXPERIENCE:

• Five (5) years of experience supporting Anti-Virus, DLP & SIEM, systems scanning, application scanning, Windows, Linux and Unix systems.
• Five (5) years of experience analyzing security events
• Five (5) years of experience supporting complex networks

SUBSTITUTIONS:
Education and experience may be substituted for one another.

CERTIFICATIONS:
One of the following certifications is required: Security+, CCNA, CCNA-S, CCNP-S, CCSP, CISSP, GCIA, GCFW

PHYSICAL REQUIREMENTS:
The physical demands described here are represented of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
This position requires the incumbent to primarily perform sedentary office work; however, mobility (standing and walking) is routinely required to carry out some duties. It requires extensive computer, telephone and client/customer contact. The job also requires normal cognitive abilities requiring the ability to learn, recall, and apply certain practices and policies. It requires the stamina to maintain attention to detail despite interruptions. Marginal or corrected visual and auditory requirements are required for reading printed materials and computer screens and communicating with internal and external customers. Must be able to lift at least 25 pounds.

KNOWLEDGE SKILLS AND ABILITIES:

KNOWLEDGE OF:

• The limitations and capabilities of computer systems and technology.
• The limitations and capabilities of operational support of networks, operating systems (Windows, Linux and Unix), Internet technologies, databases, and security infrastructure.
• The limitations and capabilities of cybersecurity and information security controls, practices, procedures, and regulations.
• The limitations and capabilities of incident response program practices and procedures.
• Network protocols (TCP/IP, HTTP, etc.)
• VPN technologies (IPSEC, SSL, etc)
• Configuration Management Solutions
• Vulnerability Assessment Solutions
• Firewalls and Intrusion Prevention Sytems (IPS)
• Security monitoring, analysis and response systems (IPS, DLP, SIEM, Application Scanners, System Scanners)
• Website filtering
• Patch management
• Email security
• Windows, Linux & Unix operating systems

SKILLS IN:

• Architecting, implementing and administering security technologies (IPS, DLP, SIEM Applications Scanners, System Scanners)
• Establishing and maintaining effective and professional working relationships with others at all times in the course and scope of conducting business.
• effectively conveying information and encouraging an exchange of ideas (Communication)
• identifying, defining and solving problems (Problem Solving)

ABILITY TO:

• Manage work efficiently in order to complete multiple assignments in a timely manner.
• Communicate effectively and correctly in writing and verbably on a variety of business matters as requested.
• Resolve complex security issues in diverse and decentralized environments.
• Plan, develop, monitor, and maintain cybersecurity and information technology security processes and controls
• work with others to achieve a common goal (Teamwork)
• adjust to changing workplace demands (Adaptability)
• meet the needs and expectations of internal and external customers (Customer Service)
• effectively demonstrate skill and ability to perform the specific job duties and tasks as defined by a job description (Technical Competence)

be dependable, meet deadlines and produce high-quality work (Workload Management/Productivity)

VETERANS:

In order to receive veteran’s preference a copy of your DD214, VA disability rating (if applicable) or a DD1300 must be attached to your application.

Veterans, Reservist or Guardsmen with an MOS or additional duties that fall in the fields of 17C, 25B, 25D, IS, IT, 1B4X1, 3DOX3, or other related fields pertaining to the minimum experience requirements may meet the minimum qualifications. Please call Human Resources, CPA Veterans Liaison at 512-475-3560/800-531-5441 for more information or assistance.

Go to http://www.texasskillstowork.com, http://www.onetonline.org, or www.careeronestop.org for assistance translating your military experience and training courses into civilian job terms, qualifications/requirements and skill sets.

Additional Military Crosswalk information can be found at: https://hr.sao.texas.gov/CompensationSystem/JobDescriptions/

We fully recognize, honor and enforce the Uniformed Services Employment and Reemployment Rights Act (USERRA) and encourage opportunities to hire Veterans, Reservists and Guardsmen.

IMPORTANT NOTES TO THE CANDIDATE:
Candidates may be asked to participate in a skills demonstration and/or presentation.

Salary is contingent upon qualifications and is subject to salary administration and budgetary restrictions.

CPA employees in the same job classification, if selected, will be laterally transferred with no increase in salary. (An example might be an Accounts Examiner III in Revenue Administration who moves to an Accounts Examiner III in the Enforcement division.)

Complete copies of college transcripts must be furnished to the divisional hiring representative at the time of the interview for positions requiring a college degree, and/or specific educational credits.

Unless otherwise indicated on specific postings, regular attendance is an essential job requirement of all positions. Your application for employment with the Comptroller of Public Accounts may subject you to a criminal background check. All positions requiring a degree and/or licensing require proof of degree and/or license at time of interview. If you are scheduled for an interview and require any reasonable accommodation in our interview process, please inform the hiring representative who calls you to schedule your interview. Whenever possible, please give the hiring representative sufficient time to consider and respond to your request. Only applicants scheduled for interviews will be contacted.

Thank you for considering employment at the Comptroller of Public Accounts! The Comptroller’s office is an equal employment opportunity employer.