Job Information
Texas Commission on State Emergency Communications (CSEC) Cybersecurity Analyst III in Austin, Texas
AGENCY DESCRIPTION:
CSEC is a Texas state agency that is the state's authority on emergency communications. CSEC is located in the new George H. W. Bush State Office Building across from the Texas State History Museum. CSEC administers the state 9-1-1 service program and the statewide poison control program and is also administering a multi-year statewide federal grant program to transition Texas to providing Next Generation 9-1-1 Service by a target date of September 1, 2025. For 9-1-1, the Commission provides grants to 20 Regional Planning Commissions (RPC) to provide 9-1-1 service in the majority of Texas. For poison control, Commission provides grants to six Regional Poison Control Centers (RPCC) to provide poison control services to the public and health care professionals. The Commission comprises nine voting Commissioners appointed by the Governor (five members), the Lieutenant Governor (two), and the Speaker of the House of Representatives (two); plus, three non-voting ex officio Commissioners.
JOB DESCRIPTION:
Reporting to the Director of Information Technology and Security, the Cybersecurity Analyst performs highly complex (senior level) information security and cybersecurity analysis work involving planning, implementing, and monitoring security measures for the protection of information systems and infrastructure. Oversees the IT cybersecurity operations, delivery, engineering, and architecture for the Texas Poison Control Network (TPCN) and CSECs internal network. Protects cybersecurity assets and delivers cybersecurity incident detection, incident response, threat assessment, cyber intelligence, software security, and vulnerability assessment services. Works under limited supervision, with considerable latitude for the use of initiative and independent judgment.
ESSENTIAL FUNCTIONS/RESPONSIBILITIES:
Monitors and analyzes cybersecurity alerts from cybersecurity tools, network devices, and information systems.
Evaluates network and system security configuration for best practices and risk-based access controls.
Assesses established security policy criteria against actual operational functions to ensure success criteria of data security controls and processes.
Provides direction and guidance in strategic and tactical cybersecurity operations planning and implementation for CSEC.
Monitors and maintains cybersecurity infrastructure and policies and procedures to protect information systems from unauthorized use.
Monitors the IT cybersecurity operations, delivery, engineering, and architecture for the Texas Poison Control Network.
Protects cybersecurity assets and delivers cybersecurity incident detection, incident response, threat assessment, cyber intelligence, software security, and vulnerability assessment services.
Manages the successful delivery of the Texas Poison Control Network used by the Texas Regional Poison Centers. Ensure that the network performs at a level that meets or exceeds the needs of the Poison Center staff and the support provided by the vendor(s) meets or exceeds the needs of the Poison Center staff.
Travels to RPCCs as necessary to provide technical assistance, training, and consultative services.
Performs related work as assigned.
EDUCATION:
Graduation from an accredited four-year college or university with major coursework in information technology security, computer information systems, computer science, management information systems, or a related field is strongly preferred.
Note: Experience and education may be substituted for one another on a year-for-year basis.
EXPERIENCE:
Minimum of 3 years of combined experience in information technology, security, risk, compliance management, assessment, research and/or consulting.
REGISTRATION OR LICENSURE REQUIREMENTS:
Certifications: Certified Information Systems Security Professional (CISSP), Certified Information Systems A ditor (CISA), or similar certifications are preferred.
KNOWLEDGE, SKILLS, AND ABILITIES:
Knowledge in technical proficiency of cybersecurity tools.
Knowledge and understanding of Texas state government and its information systems.
Knowledge of laws, rules, and regulations relevant to information technology in Texas.
Knowledge of industry accepted software engineering practices and life cycle methods.
Knowledge of the limitations and capabilities of computer systems.
Knowledge of IT infrastructure designs, technologies, products, and services; networking protocols, firewall functionality, host and network intrusion detection systems, operating systems, databases, encryption, load balancing, and other technologies.
Knowledge of procedures on systems security, inventory, and database management.
Knowledge across all network layers and computer platforms; of the operational support of networking, operating systems, Internet technologies, databases, and security application support; and of information security practices, procedures, and regulations.
Skill in analyzing complex data and synthesizing large amounts of information.
Skill in preparing, interpreting, and presenting complex statistical and information analysis reports.
Skill in analyzing and evaluating systems and procedures.
Skill in managing, interpreting, analyzing, evaluating and summarizing data on a statewide basis using appropriate computer technology and analytical methods.
Skilled and proficient in network analysis protocols to include netflow, logging protocols and methodologies, packet capture and TCP/IP stack operations.
Skill communicating with varied levels of staff to develop positive effective working relationships.