26 Cybersecurity Analyst III Jobs in Austin, TX
SORT BY
D
F
C
T
L
T
e
I
A
A
G
G
3
3
T
e
S
B
C
A
T
T
T
T
Cybersecurity Analyst III
$106k-134k (estimate)
Full Time
3 Weeks Ago
Sorry! This job is no longer available. Please explore similar jobs listed on the left.
Dept of Family & Protectve Svc is Hiring a Cybersecurity Analyst III Near Austin, TX
As a Cybersecurity Analyst III at the Texas Department of Family and Protective Services (DFPS), you must have at least three (3) years of relevant cybersecurity experience. Your main duties will include researching, analyzing, recommending, configuring, and administering applications, systems, and procedures to ensure the protection of information processed, stored, or transmitted. You will also be responsible for conducting "hands-on" computer forensics analysis for investigation and litigation support, analyzing systems and networks for security, and investigating security incidents as necessary.
The Cybersecurity Analyst III will work under the supervision of the Cybersecurity Operations Manager in our Security Operations Center (SOC). The Cybersecurity Analyst III will develop and manage the DFPS Security Information and Event Management (SIEM) platform, as well as our Security Orchestration and Automation (SOAR) platform and Endpoint Detection and Response (EDR) tools. The Cybersecurity Analyst III may act as a subject matter expert of the SOC environment for optimal design, engineering, and operation of the various platforms. The Cybersecurity Analyst II will review and work with our partner teams to tune the SIEM outputs, including custom dashboards and security event notables. The Cybersecurity Analyst III will monitor our applications and network to identify a possible cyber-attack or intrusion (event) and determines if it is a real, malicious threat (incident), and if it could have a business impact. The Cybersecurity Analyst III will be working in our Security Operations Center (SOC) under the guidance of the Cybersecurity Operations Manager. Their primary responsibility will be to develop and manage the DFPS Security Information and Event Management (SIEM) platform, as well as our Security Orchestration and Automation (SOAR) platform and Endpoint Detection and Response (EDR) tools. Additionally, they may act as a subject matter expert of the SOC environment for optimal design, engineering, and operation of the various platforms.
The Cybersecurity Analyst III will collaborate with our partner teams to review and fine-tune the SIEM outputs, including custom dashboards and security event notables. They will also be responsible for monitoring our applications and network to identify any possible cyber-attacks or intrusions (events) and determine if they pose a real, malicious threat (incident), and if they could have a business impact.
The Cybersecurity Analyst III will assist in the upkeep, maintenance, and ensuring that the SIEM and cybersecurity toolset is available and reliable. The Cybersecurity Analyst III will also be responsible for onboarding new data sources into SIEM, analyzing the data for anomalies and trends, and building dashboards highlighting key trends. The Cybersecurity Analyst III will assist the Chief Information Security Officer with activities such as investigations and litigation support.
The mission of DFPS is to protect children, the elderly, and people with disabilities from abuse, neglect, and exploitation by involving clients, families, and communities.
The Cybersecurity Analyst III is expected to work collaboratively with other team members from a positive, proactive, and mission-first perspective. They will assist in planning, developing, monitoring, and maintaining cybersecurity and information technology security processes and controls. The DFPS cybersecurity environment is very large and complex, allowing you to combine your previous experience in similar environments with your analytical skills.
This position is classified as a full-time position (40 hours a week). It is 100% telework within Texas and requires the candidate to maintain personal Wi-Fi and webcam capabilities during work hours to perform their duties. Work outside of regular hours may be required, and travel to other Austin offices(s) may be required. The candidate works under limited supervision, with considerable latitude for initiative and independent judgment.
The Cybersecurity Analyst III will work under the supervision of the Cybersecurity Operations Manager in our Security Operations Center (SOC). The Cybersecurity Analyst III will develop and manage the DFPS Security Information and Event Management (SIEM) platform, as well as our Security Orchestration and Automation (SOAR) platform and Endpoint Detection and Response (EDR) tools. The Cybersecurity Analyst III may act as a subject matter expert of the SOC environment for optimal design, engineering, and operation of the various platforms. The Cybersecurity Analyst II will review and work with our partner teams to tune the SIEM outputs, including custom dashboards and security event notables. The Cybersecurity Analyst III will monitor our applications and network to identify a possible cyber-attack or intrusion (event) and determines if it is a real, malicious threat (incident), and if it could have a business impact. The Cybersecurity Analyst III will be working in our Security Operations Center (SOC) under the guidance of the Cybersecurity Operations Manager. Their primary responsibility will be to develop and manage the DFPS Security Information and Event Management (SIEM) platform, as well as our Security Orchestration and Automation (SOAR) platform and Endpoint Detection and Response (EDR) tools. Additionally, they may act as a subject matter expert of the SOC environment for optimal design, engineering, and operation of the various platforms.
The Cybersecurity Analyst III will collaborate with our partner teams to review and fine-tune the SIEM outputs, including custom dashboards and security event notables. They will also be responsible for monitoring our applications and network to identify any possible cyber-attacks or intrusions (events) and determine if they pose a real, malicious threat (incident), and if they could have a business impact.
The Cybersecurity Analyst III will assist in the upkeep, maintenance, and ensuring that the SIEM and cybersecurity toolset is available and reliable. The Cybersecurity Analyst III will also be responsible for onboarding new data sources into SIEM, analyzing the data for anomalies and trends, and building dashboards highlighting key trends. The Cybersecurity Analyst III will assist the Chief Information Security Officer with activities such as investigations and litigation support.
The mission of DFPS is to protect children, the elderly, and people with disabilities from abuse, neglect, and exploitation by involving clients, families, and communities.
The Cybersecurity Analyst III is expected to work collaboratively with other team members from a positive, proactive, and mission-first perspective. They will assist in planning, developing, monitoring, and maintaining cybersecurity and information technology security processes and controls. The DFPS cybersecurity environment is very large and complex, allowing you to combine your previous experience in similar environments with your analytical skills.
This position is classified as a full-time position (40 hours a week). It is 100% telework within Texas and requires the candidate to maintain personal Wi-Fi and webcam capabilities during work hours to perform their duties. Work outside of regular hours may be required, and travel to other Austin offices(s) may be required. The candidate works under limited supervision, with considerable latitude for initiative and independent judgment.
Essential Job Functions:
Support and maintain complete logging infrastructure including, but not limited to, log storage, syslog, and Windows Event Collector servers, cloud, and database connections with the DFPS SIEM platform. On-board new data sources into the SIEM, analyze the data for anomalies and trends and build dashboards highlighting key trends. Analyzes and investigates security alerts and helps tune and improve notables. Integrates SIEM with upstream data sources by automating data ingestion. Manages large data sets, including creating and organizing indexes. Analyzes and improves SIEM platform and search query performance. Ensure logs are being ingested and parsed correctly. Reviews and works with partner teams to tune SIEM outputs, including custom dashboards and security event notables. Perform regular vulnerability assessments and lead penetration testing initiatives. Develop and implement comprehensive incident response protocols; manage incidents from detection through resolution. Conduct advanced analysis of EDR (Endpoint Detection and Response) outputs and respond to alerts. Assess security posture against industry best practices and control frameworks and propose solutions and improvements. Guides internal agency partners (Information Technology Services) on log management and cybersecurity practices. Mentor and/or support periodic Cybersecurity Analyst Training Workshops regarding using the SIEM, best practices, and new features/capabilities. Participate in defining, implementing, and maintaining agency security policies and procedures and develop operational documentation and processes. Works to safeguard the agency against malicious code, intrusion or unauthorized access, denial-of-service attacks, and attacks by malicious actors. Research emerging technologies and participate in evaluating technologies that align with business goals, reduce costs, and improve reliability, scalability, and security. Champions information security amongst DFPS partners, sharing and promoting security awareness and safe operating procedures. Completes projects and tasks associated with security monitoring, detection, incident response, and security program initiatives. Researches and remains current with emerging threats and solutions relevant to cyber security and its implementations. Maintains current knowledge of industry trends and standards in information security. Accountable for continued personal growth in technology, business knowledge, and DFPS policies and platforms. Serve as a DFPS Information Security Incident Response Team member as needed. Using forensic analysis tools, analyze security systems, media, and logs and respond to incidents as appropriate.
Knowledge Skills Abilities:
Solid working knowledge of SIEM Platform and understanding of all SIEM backend components, such as Universal Forwarders, Heavy Forwarders, Index Clusters, and Search Head Clusters. Capable of assessing security posture and proposing solutions and improvements against industry standards and frameworks. Expertise in performing security systems administration, including performing installation, configuration, monitoring system performance and availability, upgrades, and troubleshooting. Experience working with scripting languages such as Python or PowerShell. Strong knowledge and understanding of network infrastructure components such as routers, switches, and firewalls. Working knowledge and understanding of networking and switching protocols and infrastructure services able to troubleshoot and identify DNS, NTP, routing, switching, and firewall issues affecting connectivity of security tools. Strong knowledge of incident response life cycle and steps. Experience analyzing network and host-based security events. Candidates must be adept at detailed reporting of incidents, threats, and false positives. Candidates must show a commitment to continuous learning and stay updated with cybersecurity trends. Enjoys looking for and building efficiencies in the team, strong consensus building, multi-tasking, interpersonal, and analytical skills. Excellent written and verbal communication skills with the ability to adapt messaging to executive, technical, and non-technical audiences.
Registration or Licensure Requirements:
Industry-recognized certification related to cybersecurity (SANS, ISACA, ISC², CompTIA, etc.) is a plus but not required. The ability to complete certification within one (1) year is required.
Initial Selection Criteria:
Graduation from an accredited four-year college or university; experience may be substituted for education on a year-for-year basis. 3 years’ hands-on experience administering, maintaining, and scaling security toolsets. Note: You must meet the minimum initial screening criteria to be considered. You should not apply if your submittal documents do not reflect experience meeting the initial screening criteria.
Additional Information:
Note: There may be no military occupation(s) that relate to the initial selection criteria and registration or licensure requirements for this position. All active duty military, reservists, guardsmen, and veterans are encouraged to apply if qualified to fill this position. For more information see the Texas State Auditor’s Military Crosswalk at http://www.hr.sao.state.tx.us/Compensation/JobDescriptions.aspx.
Note: There may be no military occupation(s) that relate to the initial selection criteria and registration or licensure requirements for this position. All active duty military, reservists, guardsmen, and veterans are encouraged to apply if qualified to fill this position. For more information see the Texas State Auditor’s Military Crosswalk at http://www.hr.sao.state.tx.us/Compensation/JobDescriptions.aspx.
MOS Code:
17C, 25D, CYB10, CYB11, 0605, 1B4X1, 1D7X1, 3D0X2, 514A, 5C0X1D, 5C0X1N, 5C0X1S
17C, 25D, CYB10, CYB11, 0605, 1B4X1, 1D7X1, 3D0X2, 514A, 5C0X1D, 5C0X1N, 5C0X1S
As a state agency, DFPS is required Texas Administrative Code (TAC 206 and 213) to ensure all Electronic Information Resources (EIR) follow accessibility standards. The staff must be familiar with the WCAG 2.1 AA and Section 508 to create accessible content including but not limited to; Microsoft Office documents, Adobe PDFs, webpages, software, training guides, video, and audio files.
HHS agencies use E-Verify. You must bring your I-9 documentation with you on your first day of work.
In compliance with the Americans with Disabilities Act (ADA), HHS agencies will provide reasonable accommodation during the hiring and selection process for qualified individuals with a disability. If you need assistance completing the on-line application, contact the HHS Employee Service Center at 1-888-894-4747. If you are contacted for an interview and need accommodation to participate in the interview process, please notify the person scheduling the interview.
Job Summary
JOB TYPE
Full Time
SALARY
$106k-134k (estimate)
POST DATE
05/13/2024
EXPIRATION DATE
05/23/2024
Show more
Similar Jobs
Popular Articles
Top 10 Things to Avoid Putting on a Job Application
Read Article
How to Describe Your Education in a Resume
Read Article
How to Write a Memorable Cover Letter in 5 Ways
Read Article
4 Personal Finance Tips to Make During Job Transition
Read Article
4 Best Camera Setups for Interview
Read Article
Keeping a Job Search Journal: 9 Types of Journaling You Can Do
Read Article
