Cybersecurity Analyst II (Threat Researcher)

Cybersecurity Analyst II (Threat Researcher)

This role will be part of the new Texas Cyber Command, the states newest agency to defend against and respond to cyber threats. This is a repost of job posting #00053318.

Position Title: Cybersecurity Analyst II (Threat Researcher)

Class/Group: 0320/B25

Military Occupation Specialty Code: Army: 17C, 25D; Coast Guard: CYB11, CYB12, CYB14; Marine Corps: 1721, Air Force: 1N4X1, Space Force: 514A, 5C0X1N

Fair Labor Standards Act Status: Exempt

Number of Vacancies: 1

Division/Section: Office of the Chief Information Security Officer/Security Operations/Cybersecurity Incident Response Team

Salary Range: $7,833.34 - $8,025.00/monthly

Duration: Regular

Hours Worked Weekly: 40

Travel: Occasional

Work Location: 506 Dolorosa Street/San Antonio, Texas 78204

Refer Inquiries to: People and Culture Office

Telephone: (512) 475-4957 or (512) 463-5920

How To Apply: Enter the job posting number 00053318 in the keyword search on the CAPPS Career Section.

Special Instructions: Applicants must provide in-depth information in the EXPERIENCE CREDENTIALS section to demonstrate how they meet the position qualifications. Incomplete applications may result in disqualification. Resumes may be uploaded as an attachment but are not accepted in lieu of the information required in the EXPERIENCE CREDENTIALS section of the application.

Position Description

What We Do

We are a technology agency powered by people. DIR offers secure, modern, and cost-effective technology to help government entities in Texas serve their constituents. DIR is a fast-paced and collaborative environment with highly motivated, innovative, and engaged employees dedicated to achieving the best value for the state. We have over 325 professionals working at DIR who are honored to serve as the cornerstone of public sector technology in Texas. By joining DIR, you will be an integral part of transforming how technology serves Texans.

Position Summary

A role within the Office of the State Chief Information Security Officer (OCISO) that combines progressive incident response program development, works with many various organizations, plans for and responds to cybersecurity incidents, and reviews and communicates threats and vulnerabilities to a wide range of stakeholders. You will play a critical role in building the capability and capacity of the statewide Cybersecurity Incident Response Team (CIRT). The CIRT is vital to the security posture of Texas and its citizens by responding to cybersecurity incidents in Texas and preparing our state for future cyber incidents. If you are looking to be a changemaker, this role is for you!

Performs complex (journey-level) cybersecurity analysis work. Work involves protecting cybersecurity assets and delivering cybersecurity incident detection, incident response, threat assessment, cyber intelligence, and vulnerability assessment services. Will interact frequently with state agencies, institutions of higher education, local governmental officials, and other interagency personnel using a variety of communication mechanisms to engage and deliver incident response services. Work with the rest of the OCISO team to collaboratively identify and deliver statewide security program improvements and continuously improve the security posture of the State of Texas. May provide guidance to others. Works under general supervision, with limited latitude for the use of initiative and independent judgment.

The CIRT Analyst will assist in developing, maintaining, or supporting a threat intelligence capability to identify current and emerging security risks to the state of Texas. The CIRT Analyst will:

• Engage with industry partners, government agencies, and intelligence communities to gather and disseminate threat intelligence such as credential leaks, data exposures, and adversary activity from the dark web to maintain real-time awareness of threats impacting Texas entities.
• Coordinate with industry partners, government agencies (including law enforcement and intelligence agencies) and other specialists to establish and maintain situational awareness of current and emerging risks and threats to the state.
• Use open source and commercial intelligence providers to gain insight into adversary tactics, techniques and procedures, as well as planned activities and emerging motivations.
• Advise the Department leadership and state cybersecurity community of significant emerging threats, and provide both strategic and tactical steps to counteract these threats.
• Develop and potentially deliver tabletop preparedness exercises for both technical and non-technical stakeholders, providing educational and awareness presentations on sound security practices to improve the security maturity of the state.
• Conduct proactive threat research and dark web monitoring to identify compromised accounts, exposed data, vulnerabilities, and emerging adversary tactics affecting Texas governmental entities.
• Support cyber incident response and recovery services for any eligible governmental entity across the State of Texas, integrating intelligence from threat research and dark web monitoring into response efforts.
• Perform other work-related duties as assigned.

Qualifications:

Education:

• Graduation from an accredited four-year college or university with major coursework in information technology security, computer information systems, computer science, management information systems, or a related field.
• Additional years of work-related experience may be used to substitute for each year of formal education. (High School diploma or equivalent certificate required.)

Experience And Training Required:

• Three (3) years of progressively responsible experience in the IT industry.
• Three (3) years of progressively responsible experience in information technology security or project management work.
• One (1) year of experience in responding to security incidents.

Experience and Training Preferred:

• Experience and training in analyzing, recommending, developing, and implementing enterprise-wide policies.