Cybersecurity Analyst

Cybersecurity Analyst (00044032) 

Organization

: TEXAS MEDICAL BOARD 

Primary Location

: Texas-Austin 

Work Locations

: George H.W. Bush 1801 Congress Ave Suite 9.200 Austin 78701 

  

Job

: Computer and Mathematical 

Employee Status

: Regular 

Schedule

: Full-time Standard Hours Per Week: 40.00 

Travel

: Yes, 25 % of the Time State Job Code: 0319  Salary Admin Plan: B Grade: 23  

Salary (Pay Basis)

: 6,562.50 - 6,562.50 (Monthly) 

Number of Openings

: 1 

Overtime Status

: Exempt 

Job Posting

: Nov 4, 2024, 8:24:57 PM 

Closing Date

: Ongoing 

Description

 

TEXAS MEDICAL BOARD

STATE JOB VACANCY NOTICE

IT DEPARTMENT

Internal/External

 

TELECOMMUTE ELIGIBLE

 

Job Posting:   25-503-07             Opening Date:   4 November 2024     No. of Openings: 1     

Monthly Salary:    $6,562.50       Closing Date:    Open Until Filled      Type of Employment: Full- Time

 

Job Title:                            Cybersecurity Analyst

Classification:                   Cybersecurity Analyst I

Class Number:                   0319     

Salary Group:                     B23

FLSA Status:                     Exempt

Remote Category:              Yes/Category 3

Location:                            Austin – George H.W. Bush Building, 1801 Congress Ave, Austin, TX 78701

How to Apply:                   All applications for employment with the Texas Medical Board must be submitted electronically either via CAPPS at CAPPS RECRUIT website or click the Texas Medical Board (state.tx.us) link for instructions or submit application through Work in Texas (WIT) before 12:00 a.m. central time on the job closing date.  Applications can be FAXED to 512.305.7124 or e-mailed to Human.Resources@tmb.state.tx.us. All fields on the application must be completed.  We may reject applications that do not include all of the required information.  Resumes do not take the place of the information required on the state of Texas application. 

 

Additional Information:  Must reside in Texas.  No dual state employment with another state agency or higher education is allowed.  Must provide DOB for background check.  Agency does not reimburse for travel or lodging expenses to attend job interviews.  Virtual job interviews can be requested. For veteran’s preference, please submit with your application a copy of the DD-214.

Additional Military Crosswalk information can be accessed at: Military Crosswalk for Occupational Category - Information Technology (texas.gov)

 Agency Information

We have over 200 employees across the state of Texas. We are a collaborative and team environment work culture that values an environment of trust and accountability. Together we work towards our Board’s mission to protect and enhance the public’s health, safety, and welfare by establishing and maintaining standards of excellence used in regulating the practice of medicine and ensuring quality health care for the citizens of Texas through licensure, discipline, and education.  

We value employee work-life balance and provide our team incentives that include telework, flexed and compressed work schedules, wellness leave, health insurance and retirement programs, 401K, vacation paid leave, sick paid leave, holiday pay, promotional opportunities, free parking, employee assistance program, and other various benefits.

General Description

Performs complex (journey-level) cybersecurity analysis work under general supervision and direction.  May provide cybersecurity consultation for projects; may provide guidance on projects to assess security requirements and controls and to ensure that security controls are implemented as planned. Assist cybersecurity initiative activities to include technical implementation, and policy standardization.  Works under supervision of the Director of Information Technology with moderate latitude for the use of initiative and independent judgment

Principal Duties and Responsibilities

(45%) Maintains and administers security operations for TMB.

·       Monitor and assist in the administration of security focused software and analyze alerts from various cyber security tools, network devices and information systems.

·       Administer security controls to prevent malware delivery, execution, and extent of cyber incidents.

·       Monitor agency and software systems for cybersecurity threats and attacks, remediating problems.

·       Assist with defining security configuration and operations standards for security .

·       Participate in threat assessment, cyber intelligence, software security, and vulnerability assessment services.

·       Participates in researching and analyzing cybersecurity threat indicators and their behaviors and recommend threat mitigation strategies. 

(40%) Assists in designing, implementing, and maintaining the agency IT security architecture, policies, and procedures to improve TMB’s cybersecurity maturity.

·       Assist in developing, updating, and maintaining agency security policies, procedures, and other cybersecurity program documentation.

·       Prepare reports for oversight agencies including but not limited to Monthly Incident Report and biennial Agency Security Plan.

·       Develop cybersecurity awareness training strategies to serve multiple user groups and presents security awareness training.

·       Assist in advising management and users regarding security policy and procedures; assists with stakeholder communication for optimal support to reach cybersecurity maturity goals.

·       Implement or support programs or projects that ensure agency compliance with privacy and cybersecurity standards and legislation.

·       Support external and internal audit activities, perform related responses, analysis, and security remediation.

(10%) Incident Response

·       Reports to Director of Information Technology, or designated Incident Response Lead, concerning residual risk, vulnerabilities, and other security exposures, including misuse of information assets and noncompliance.

·       Participates in Detecting, investigating, remediating, and recovering from cybersecurity threats across TMB.

·       Supports tactical response of incident detection and incident response.

(5%) Performs related work as assigned.

Knowledge and Skills

1.      Technical Skills

a.      Knowledge of best practices, principles, and techniques for developing security-focused management controls of access points, servers, desktops, and various other hardware assets.

b.      Knowledge of IT security threats and ability to implement preventative controls including firewalls, access controls, authentication systems, intrusion detection systems, VPNs, and encryption.

c.      Knowledge of the techniques used in the operation of security applications, and information security practices, procedures, and regulations.

d.      Knowledge of Microsoft server products including

                                      i.     Windows Server 2016+,

                                     ii.     Hyper-V virtualization, and

                                   iii.     Active Directory

e.      In-depth knowledge and understanding of information risk concepts and principles,

f.      Ability to balance business needs with security controls.

g.      Knowledge of or experience with the NIST Incident Response Processes.

h.     Skills in the use of vulnerability assessment and penetration testing tools

2.      Analytical Skills

a.      Using logic and reasoning to identify the strengths and weaknesses of alternative solutions, conclusions, or approaches to problems.

b.      Coordinating solutions to problems; scheduling, testing, installing, and implementing system software; and troubleshooting computer systems.

c.      Ability to analyze problems and develop solutions; to determine systems and network problems; to communicate effectively with clients/customers to gather information and/or explain policies and procedures.

3.      Communication and Other Skills

a.      Ability to communicate effectively in a variety of forms and to different audiences.

b.      Ability to establish and maintain positive and effective working relationships with others and to work well under pressure and maintain flexibility.

c.      Ability to produce high-level correspondence/reports/documents/policies/procedures and prepare training/instructional manuals.

d.      Ability to complete project assignments within allocated time frame, demonstrating patience and meticulousness in the implementation of information security solutions.

e.      Ability to handle multiple projects at one time.

Experience and Education­

1.      At least four (r) years progressively responsible work experience.  Experience with State of Texas

a.      Implementing security best practices within the enterprise IT ecosystem.

b.      Experience configuring and administering SonicWALL security, wireless and Dell switches.

c.      Developing standards, policies, and procedures and align them with technology and information assets.

d.      Experience in cybersecurity Incident Response or Network Security Monitoring

e.      Hands on experience with Incident Detection Techniques and the use of Vulnerability Assessment Tools

f.      Experience collaborating with outsourced IT service delivery organizations.

2.      Graduation from an accredited four-year college or university with major course work in computer science, computer information systems, or management information systems.  Education and experience may be substituted for one another.

3.      Applicants must have or can secure high-speed internet access with a minimum speed of 20 MBPS download and 2 MBPS upload. Applicants may be required to provide confirmation from the area ISP.

4.      Must be a United States citizen.

5.      Certifications will not be substituted for work experience.

 

Applicants who are strongly being considered for employment must submit to a national criminal history background check.

EQUAL EMPLOYMENT OPPORTUNITY EMPLOYER

 

The Texas Medical Board does not discriminate on the basis of race, color, national origin, sex, age, religion, disability or veteran status. Employment opportunities shall not be denied a qualified individual with a disability that requires a reasonable accommodation. The applicant should communicate requests for reasonable accommodations by calling (512) 305-7146.

Selective Service Requirement: If selected for employment, male applicants age 18 through 25 must present proof of registration or exemption with the federal Selective Service System.

 

Qualifications

 

TEXAS MEDICAL BOARD

STATE JOB VACANCY NOTICE

IT DEPARTMENT

Internal/External

 

TELECOMMUTE ELIGIBLE

 

Job Posting:   25-503-07             Opening Date:   4 November 2024     No. of Openings: 1     

Monthly Salary:    $6,562.50       Closing Date:    Open Until Filled      Type of Employment: Full- Time

 

Job Title:                            Cybersecurity Analyst

Classification:                   Cybersecurity Analyst I

Class Number:                   0319     

Salary Group:                     B23

FLSA Status:                     Exempt

Remote Category:              Yes/Category 3

Location:                            Austin – George H.W. Bush Building, 1801 Congress Ave, Austin, TX 78701

How to Apply:                   All applications for employment with the Texas Medical Board must be submitted electronically either via CAPPS at CAPPS RECRUIT website or click the Texas Medical Board (state.tx.us) link for instructions or submit application through Work in Texas (WIT) before 12:00 a.m. central time on the job closing date.  Applications can be FAXED to 512.305.7124 or e-mailed to Human.Resources@tmb.state.tx.us. All fields on the application must be completed.  We may reject applications that do not include all of the required information.  Resumes do not take the place of the information required on the state of Texas application. 

 

Additional Information:  Must reside in Texas.  No dual state employment with another state agency or higher education is allowed.  Must provide DOB for background check.  Agency does not reimburse for travel or lodging expenses to attend job interviews.  Virtual job interviews can be requested. For veteran’s preference, please submit with your application a copy of the DD-214.

Additional Military Crosswalk information can be accessed at: Military Crosswalk for Occupational Category - Information Technology (texas.gov)

 Agency Information

We have over 200 employees across the state of Texas. We are a collaborative and team environment work culture that values an environment of trust and accountability. Together we work towards our Board’s mission to protect and enhance the public’s health, safety, and welfare by establishing and maintaining standards of excellence used in regulating the practice of medicine and ensuring quality health care for the citizens of Texas through licensure, discipline, and education.  

We value employee work-life balance and provide our team incentives that include telework, flexed and compressed work schedules, wellness leave, health insurance and retirement programs, 401K, vacation paid leave, sick paid leave, holiday pay, promotional opportunities, free parking, employee assistance program, and other various benefits.

General Description

Performs complex (journey-level) cybersecurity analysis work under general supervision and direction.  May provide cybersecurity consultation for projects; may provide guidance on projects to assess security requirements and controls and to ensure that security controls are implemented as planned. Assist cybersecurity initiative activities to include technical implementation, and policy standardization.  Works under supervision of the Director of Information Technology with moderate latitude for the use of initiative and independent judgment

Principal Duties and Responsibilities

(45%) Maintains and administers security operations for TMB.

·       Monitor and assist in the administration of security focused software and analyze alerts from various cyber security tools, network devices and information systems.

·       Administer security controls to prevent malware delivery, execution, and extent of cyber incidents.

·       Monitor agency and software systems for cybersecurity threats and attacks, remediating problems.

·       Assist with defining security configuration and operations standards for security .

·       Participate in threat assessment, cyber intelligence, software security, and vulnerability assessment services.

·       Participates in researching and analyzing cybersecurity threat indicators and their behaviors and recommend threat mitigation strategies. 

(40%) Assists in designing, implementing, and maintaining the agency IT security architecture, policies, and procedures to improve TMB’s cybersecurity maturity.

·       Assist in developing, updating, and maintaining agency security policies, procedures, and other cybersecurity program documentation.

·       Prepare reports for oversight agencies including but not limited to Monthly Incident Report and biennial Agency Security Plan.

·       Develop cybersecurity awareness training strategies to serve multiple user groups and presents security awareness training.

·       Assist in advising management and users regarding security policy and procedures; assists with stakeholder communication for optimal support to reach cybersecurity maturity goals.

·       Implement or support programs or projects that ensure agency compliance with privacy and cybersecurity standards and legislation.

·       Support external and internal audit activities, perform related responses, analysis, and security remediation.

(10%) Incident Response

·       Reports to Director of Information Technology, or designated Incident Response Lead, concerning residual risk, vulnerabilities, and other security exposures, including misuse of information assets and noncompliance.

·       Participates in Detecting, investigating, remediating, and recovering from cybersecurity threats across TMB.

·       Supports tactical response of incident detection and incident response.

(5%) Performs related work as assigned.

Knowledge and Skills

1.      Technical Skills

a.      Knowledge of best practices, principles, and techniques for developing security-focused management controls of access points, servers, desktops, and various other hardware assets.

b.      Knowledge of IT security threats and ability to implement preventative controls including firewalls, access controls, authentication systems, intrusion detection systems, VPNs, and encryption.

c.      Knowledge of the techniques used in the operation of security applications, and information security practices, procedures, and regulations.

d.      Knowledge of Microsoft server products including

                                      i.     Windows Server 2016+,

                                     ii.     Hyper-V virtualization, and

                                   iii.     Active Directory

e.      In-depth knowledge and understanding of information risk concepts and principles,

f.      Ability to balance business needs with security controls.

g.      Knowledge of or experience with the NIST Incident Response Processes.

h.     Skills in the use of vulnerability assessment and penetration testing tools

2.      Analytical Skills

a.      Using logic and reasoning to identify the strengths and weaknesses of alternative solutions, conclusions, or approaches to problems.

b.      Coordinating solutions to problems; scheduling, testing, installing, and implementing system software; and troubleshooting computer systems.

c.      Ability to analyze problems and develop solutions; to determine systems and network problems; to communicate effectively with clients/customers to gather information and/or explain policies and procedures.

3.      Communication and Other Skills

a.      Ability to communicate effectively in a variety of forms and to different audiences.

b.      Ability to establish and maintain positive and effective working relationships with others and to work well under pressure and maintain flexibility.

c.      Ability to produce high-level correspondence/reports/documents/policies/procedures and prepare training/instructional manuals.

d.      Ability to complete project assignments within allocated time frame, demonstrating patience and meticulousness in the implementation of information security solutions.

e.      Ability to handle multiple projects at one time.

Experience and Education­

1.      At least four (r) years progressively responsible work experience.  Experience with State of Texas

a.      Implementing security best practices within the enterprise IT ecosystem.

b.      Experience configuring and administering SonicWALL security, wireless and Dell switches.

c.      Developing standards, policies, and procedures and align them with technology and information assets.

d.      Experience in cybersecurity Incident Response or Network Security Monitoring

e.      Hands on experience with Incident Detection Techniques and the use of Vulnerability Assessment Tools

f.      Experience collaborating with outsourced IT service delivery organizations.

2.      Graduation from an accredited four-year college or university with major course work in computer science, computer information systems, or management information systems.  Education and experience may be substituted for one another.

3.      Applicants must have or can secure high-speed internet access with a minimum speed of 20 MBPS download and 2 MBPS upload. Applicants may be required to provide confirmation from the area ISP.

4.      Must be a United States citizen.

5.      Certifications will not be substituted for work experience.

 

Applicants who are strongly being considered for employment must submit to a national criminal history background check.

EQUAL EMPLOYMENT OPPORTUNITY EMPLOYER

 

The Texas Medical Board does not discriminate on the basis of race, color, national origin, sex, age, religion, disability or veteran status. Employment opportunities shall not be denied a qualified individual with a disability that requires a reasonable accommodation. The applicant should communicate requests for reasonable accommodations by calling (512) 305-7146.

Selective Service Requirement: If selected for employment, male applicants age 18 through 25 must present proof of registration or exemption with the federal Selective Service System.