Please paste the following URL into a browser to view the entire job posting in the CAPPS Career Section: https://capps.taleo.net/careersection/ex/jobdetail.ftl?job=00042863 You may apply to the job directly through the CAPPS Career Section. It is not necessary to apply both through Work In Texas and CAPPS Career Section

GENERAL DESCRIPTION The Mission of the Office of the Attorney General The Office of the Attorney General champions liberty and justice for TexasThe Values of the Office of the Attorney General The Office of the Attorney General is committed to performing its duties with excellence, serving Texas with humility and integrity, and exploring innovative solutions in accomplishing the work of the agency. Are you dedicated to safeguarding your organization's data and privacy? Imagine extending that commitment to protecting the citizens of Texas. The role of Cybersecurity Analyst within the Texas Attorney Generals Enterprise Information Security Team presents a thrilling opportunity amidst our ongoing digital evolution. Join us in advancing cutting-edge products and services while ensuring the state receives top-notch security measures. Our Enterprise Information Security Team is dedicated to delivering premium security services to the agency, leveraging talent and innovative technologies to better serve Texans. We seek a dynamic security professional to serve as a Cybersecurity Analyst within the Governance, Risk, and Compliance (GRC) Team. This pivotal role involves implementing risk management programs, conducting assessments, and ensuring security compliance. You'll craft security standards and business continuity plans, oversee contract reviews, and conduct system audits and risk analyses. Leadership and project management experience are essential, as you'll drive system-wide security strategies, intrusion detection, risk assessment, and policy development. As a Cybersecurity Analyst, you will perform highly complex (senior-level) cybersecurity analysis work as you spearhead the defense against cyber threats, engaging in advanced analysis to safeguard our assets. Your responsibilities span from incident detection and response to threat assessment, intelligence, and vulnerability assessments. You'll also have the opportunity to lead and supervise others, utilizing your expertise under limited supervision, with ample room for initiative and independent judgment. Join us in safeguarding Texas and shaping the future of cybersecurity governance. OAG employees enjoy excellent benefits (https://ers.texas.gov/Benefits-at-a-Glance) along with tremendous opportunities to do important work at a large, dynamic state agency making a positive difference in the lives of Texans.ESSENTIAL POSITION FUNCTIONSSafeguard Agency Data: Lead security strategy by designing, automating, and deploying security applications and infrastructure. Lead the development and implementation of the overall information security program, including policies, standards, risk management, and risk reduction strategies. Collaborate on security plans and develop policies for data encryption and firewall configuration. Collaborate to define Information Security requirements, emphasizing involvement in shaping security protocols.Ensure Business Continuity: Develop and implement data security plans and an IT disaster recovery plan to protect against unauthorized access and disruptions. Advise stakeholders on security best practices. Work with Internal/External Auditors and consultants, showcasing collaboration on security audits. Interact with all levels of staff on security matters, emphasizing strong communication across departments. Work with IT and business teams for security assessments, highlighting collaboration for security integration.Proactive Risk Management: Conduct and review risk assessments of systems and collaborate with users on access needs and security concerns. Monitor systems with automated tools to identify and mitigate vulnerab lities. Consult with other risk management representatives, highlighting risk management communication skills. Perform cybersecurity incident detection, analysis, and prevention, highlighting core security expertise. Perform business impact analysis and develop the risk register, demonstrating understanding of business needs and risk prioritization.Maintain Data Security: Manage access controls to prevent unauthorized data modification. Research and recommend programmatic and technical security directions and solutions for data breaches to ensure swift containment. Research systems and procedures for security breaches, showcasing proactive threat mitigation skills. Conduct periodic gap assessments to validate compliance, emphasizing ongoing adherence to regulations. Review files, reports, and programs for legal compliance, showcasing legal and regulatory knowledge.Drive Security Innovation: Collaborate with internal teams on security decisions and consult with stakeholders to deliver customized information security solutions. Champion continuous improvement by implementing new and efficient security methods. Stay up-to-date on security trends and regulations, highlighting commitment to continuous learning. Lead security awareness training to empower users. Develop and manage security awareness and training programs, emphasizing user education and security culture building.Performs related work as assignedMaintains relevant knowledge necessary to perform essential job functionsAttends work regularly in compliance with agreed-upon work schedule. Telework schedules are permitted for employees based on the agencys approved Telework Plan, as long as schedule does not adversely affect operations and service levels, and standard hours of operation are maintained.Ensures security and confidentiality of sensitive and/or protected informationComplies with all agency policies and procedures, including those pertaining to ethics and integrity Qualifications: MINIMUM QUALIFICATIONSEducation: Graduation from high school or equivalentExperience: Eight years of full-time experience working in the following (or closely related) fields: information technology security, computer information systems, computer science, management information systems; may substitute credit hours from an accredited college or university for the required experience on a year-for-year basisExperience with information security, cyber security, and privacy issues and awareness of regulated data environments.Knowledge of the limitations and capabilities of computer systems; technology across all mainstream network, operating system, and application platforms; operational support of networks, operating systems, Internet technologies, databases, and security applications; and information security practices, procedures, and regulations.Knowledge of configuration management, change control/problem management integration, risk assessment and acceptance, exception management, and security baselines (e.g. CIS Baselines, NIST, vendor security technical implementation guides, etc.)Knowledge of fundamental information security concepts and technologyKnowledge of agile project management, waterfall project management, security program management, and all related software to navigate projectsSkill in the use of applicable software; and in configuring, deploying, monitoring, and automating security applications and infrastructureSkill overseeing the ongoing development and implementation of statewide information and cybersecurity policies, standards, guidelines, and procedures to ensure information security capabilities cover current threat capabilities.Skill in auditing, conducting risk management, advising management regarding security configuration, and performing routine assessments of security compliance and risk mitigationSkill in handling multiple tasks, prioritizing, and meeting deadlinesSkill in effec