Cybersecurity Analyst III

Cybersecurity Analyst III (00051085) 

Organization

: DEPARTMENT OF INFORMATION RESOURCES 

Primary Location

: Texas-Austin 

Work Locations

: Network Security Operation CTR 1001 W NORTH LOOP  Austin 78756 

  

Job

: Computer and Mathematical 

Employee Status

: Regular 

Schedule

: Full-time Standard Hours Per Week: 40.00 State Job Code: 0321  Salary Admin Plan: B Grade: 27  

Salary (Pay Basis)

: 9,041.07 - 9,458.33 (Monthly) 

Number of Openings

: 1 

Overtime Status

: Exempt 

Job Posting

: Jul 10, 2025, 12:57:56 AM 

Closing Date

: Jul 24, 2025, 4:59:00 AM 

Description

 

Position Title:

Cybersecurity Analyst III (Endpoint Detection & Response)

Class/Group:

0321/B27

Military Occupation Specialty Code:

Army 17C, 25D, 170A, 255S; Coast Guard CYB10, CYB11, CYB12; Marine Corps 0681; Air Force 1D7X1, 1N4X1, 3D0X2; Space Force 514A, 5C0X1D, 5C0X1N, 5C0X1S

Fair Labor Standards Act Status:

Exempt

Number of Vacancies:

1

Division/Section:

Chief Operations Office / Cybersecurity Operations

Salary Range:

$9041.07 - $9458.33 / monthly

Duration:

Regular

Hours Worked Weekly:

40

Travel:

Occasional

Work Location:

Central / Austin, Texas 78756

Web site:

https://dir.texas.gov/

Refer Inquiries to:

People and Culture Office

Telephone:

(512) 463-5920 or (512) 475-4957

How To Apply:

• Select the link below to search for this position:  https://capps.taleo.net/careersection/ex/jobsearch.ftl?lang=en
• Enter the job posting number “00051085” in the keyword search.

• You must create a CAPPS Career Section candidate profile or be logged in to apply.

• Update your profile and apply for the job by navigating through the pages and steps.

• Once ready, select “Submit” on the “Review and Submit” page.

• If you have problems accessing the CAPPS Career Section, please follow the instructions in the Resetting CAPPS Password for Job Candidate desk aid.

Special Instructions:

• Applicants must provide in-depth information in the EXPERIENCE & CREDENTIALS section to demonstrate how they meet the position qualifications. Incomplete applications may result in disqualification.

• Resumes may be uploaded as an attachment but are not accepted in lieu of the information required in the EXPERIENCE & CREDENTIALS section of the application.

Interview Place/Time:

Candidates will be notified for appointments as determined by the selection committee.

Selective Service Registration:

Section 651.005 of the Government Code requires males, ages 18 through 25 years, to provide proof of their Selective Service registration or proof of their exemption from the requirement as a condition of state employment.

H-1B Visa Sponsorship:

We are unable to sponsor or take over sponsorship of an employment Visa at this time.

Equal Opportunity Employer

The Department of Information Resources does not exclude anyone from consideration for recruitment, selection, appointment, training, promotion, retention, or any other personnel action, or deny any benefits or participation in programs or activities, which it sponsors on the grounds of race, color, national origin, sex, religion, age, or disability.  Please call 512-475-4922 to request reasonable accommodation.

What We Do

We are a technology agency powered by people.

DIR offers secure, modern, and cost-effective technology to help government entities in Texas serve their constituents.

DIR is a fast-paced and collaborative environment with highly motivated, innovative, and engaged employees dedicated to achieving the best value for the state. We have over 250 professionals working at DIR who are honored to serve as the cornerstone of public sector technology in Texas. By joining DIR, you will be an integral part of transforming how Texas government serves Texans.

Position Summary

This role supports Enterprise Cybersecurity Operations at DIR, focusing on protecting data from cyber-related attacks. Employees in this role typically monitor for any trace of invasion or improper access of data by performing threat and incident detection, incident response, and forensics activities. The Cybersecurity Analyst performs highly complex (senior-level) cybersecurity analysis work. Work involves protecting cybersecurity assets and delivering cybersecurity incident detection, incident response, threat assessment, cyber intelligence, and software security services. May supervise the work of others. Works under limited supervision, with considerable latitude for the use of initiative and independent judgment.

• Monitors and analyzes cybersecurity alerts from cybersecurity tools, network devices, and information systems including endpoint detection & response tools.
• Reviews operational solutions to ensure compliance with approved security practices.
• Monitors and maintains cybersecurity infrastructure and/or policies and procedures to protect information systems from unauthorized use, assists in advising management and users regarding security procedures.
• Researches and implements new security risk and mitigation strategies, tools, techniques, and solutions for the prevention, detection, containment, and correction of data security breaches.
• Performs forensic analysis of network traffic logs and security tools to support incident investigations.
• Maintains up-to-date knowledge of cybersecurity vulnerabilities, exploits, and threats especially emerging threats.
• Works as a first responder and security incident handler to security incidents across DIR’s shared services programs. Participates in an on-call rotation for security incidents and may occasionally manage multiple projects.
• Performs other work-related duties as assigned.

 

Qualifications

 

Education

• Graduation from an accredited four-year college or university with major coursework in information technology security, computer information systems, computer science, management information systems, or a related field
• Additional years of work-related experience may be substituted for each year of formal education. (High School diploma or equivalent certificate required.)

Experience and Training Required

• Five (5) years of progressively responsible experience in the IT industry
• Three (3) years of progressively responsible experience in IT security analysis or IT security management
• Experience in security policy or process development and implementation
• Experience in implementing security platforms, processes, and tools
• Experience with security tools and platforms such as intrusion detection systems (IDS)/intrusion protection systems (IPS), security information/event management (SIEM), audio/video(A/V), Firewalls, vulnerability scanning, penetration testing, and cloud security services and controls.
• Experience with detecting and assessing threats such as network and asset vulnerabilities
• Experience operating an anti-virus product

Experience and Training Preferred

• Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), GIAC Security Essentials Certification (GSEC), or equivalent certification.
• Experience in cybersecurity analysis or cybersecurity management in state government or other highly regulated environment
• Experience in security incident handling, investigation, and/or response
• Experience and training in analyzing, recommending, developing, and implementing cogent enterprise-wide cybersecurity policies, standards, and guidelines
• Experience working with state or federal IT regulatory issues and processes
• Experience in hands-on support of heterogeneous enterprise class networks (>20,000 devices).
• Experience with operating an endpoint protection platform such as McAfee or Crowdstrike 
• Experience in a leadership or supervisory role

Knowledge, Skills, and Abilities

• Knowledge of relevant DIR IT Security Services and regulations including Texas Government Code Chapter 2059, Texas Administrative Code § 202, and other related security codes, documentation, and best practices
• Knowledge of Information Technology Infrastructure Library (ITIL) processes and standards
• Knowledge of standard concepts, practices, and procedures for cybersecurity operations or command centers
• Knowledge of security incident investigative best practices
• Knowledge of benchmarking activities and expectations
• Knowledge of generally accepted information technology audit standards and practices; of information technology security and control practices; and of information technology management practices preferred.
• Knowledge of the security limitations and capabilities of computer systems; of technology across network layers and computer platforms; of the operational support of networking, operating systems, Internet technologies, databases, and security application support; and of information security practices, procedures, and regulations preferred. 
• Good understanding of VPN management and trouble resolution.
• Good understanding of Windows and Unix Operating Systems
• Good understanding of State information security framework to include TAC 202, Agency Security plans, and Texas Cybersecurity Framework which is based on NIST.
• Skill in configuring, deploying, and monitoring security infrastructure
• Skill in collecting and analyzing complex data; in evaluating information and systems; in drawing logical conclusions; in assessing the effectiveness of internal controls over key information technology risks; in identifying significant exposures; in analyzing transactions and management information; in detecting changes in key risks and/or control effectiveness; in developing appropriate recommendations to address exposures; and in using analytical software tools, data analysis methods, and other computer applications preferred
• Strong verbal and written communication skills.
• Ability to take ownership of systems and processes and work both independently and in collaboration with team members, and to support and contribute to a cohesive team environment
• Ability to quickly adapt to rapidly changing business needs and operational directives and deliver superior results
• Ability to adapt information delivery based on target audience
• Ability to resolve complex security issues in diverse and decentralized environments
• Ability to assist executives, through discussion and facilitation, in the process of evaluating and implementing security architecture and policies
• Ability to establish and maintain effective and cordial working relationships at all organizational levels, including agency management, direct supervisors, co-workers, internal and external customers
• Ability to communicate both verbally and in writing, in a clear and concise manner
• Ability to work independently and as part of a team, and to support and contribute to a cohesive team environment
• Ability to understand, follow, and convey brief oral and/or written instructions
• Ability to work occasional overtime and/or a flexible schedule as needed to meet required deadlines
• Ability to work under pressure and exacting schedules to complete assigned tasks
• Ability to travel as necessary
• Ability to comply with all agency policy and applicable laws
• Ability to comply with all applicable health and safety rules, regulations, and standards

Computer Skills

• Proficiency in the use of a computer and applicable software necessary to perform work assignments e.g., word processing, spreadsheets (Microsoft Office preferred).

Other Requirements

• Regular and punctual attendance at the workplace.
• Criminal background check.

Working Conditions

• Frequent use of personal computer, copiers, printers, and telephone
• Frequent standing, sitting, listening, and talking
• Occasional bending and stooping
• Frequent work under stress, as a team member, and in direct contact with others
• Infrequent lifting and climbing
• May work extended or on-call hours