Are you ready to make a real difference in people's lives? Join the Harris Center for Mental Health and IDD as an IT Information Security Analyst III. The Information Security Analyst III leads security operations for the enterprise, encompassing day-to-day operations tuning and managing existing security solutions, and the identification, investigation, and resolution of security events detected by those systems. Level III Security Analysts are also responsible for the implementation of new security solutions and must participate in the creation and maintenance of policies, standards, baselines, guidelines, procedures, and reports. Level III analysts are responsible for leading all vulnerability tracking and reporting, and leading risk assessment data collections. Level III Security Analysts are expected to be fully aware of the enterprise’s security strategic plan, goals, policies, procedures and guidelines.

Your role in action:

Strategy & Planning

• Designing security operations systems and workflows.
• Creating enterprise security documents (policies, standards, baselines, guidelines, and
• procedures).
• Participating in enterprise risk assessments and related activities.

Acquisition & Deployment

• Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
• Recommend additional security solutions and enhancements to existing security solutions and processes to improve overall enterprise security.
• Deployment and integration of new security technologies to the existing security stack.

Operational Management

• Maintain up-to-date baselines for the secure configuration and operations of all in-place devices, whether they be under direct control (i.e., security tools) or not (i.e., workstations, servers, network devices, etc.).
• Maintain operational configurations of all in-place security solutions as per the

established baselines.

• Monitor all in-place security solutions for efficient and effective operations.
• Review logs and reports of all in-place devices, whether they be under direct control(i.e., security tools) or not (i.e., workstations, servers, network devices, etc.). Interpret the implications of that activity and devise plans for appropriate resolution.
• Lead investigations into suspicious activity (incident response).
• Design and execute vulnerability assessments, penetration tests and security audits

What qualifications you will need:

Education:

• Associate’s degree (A.A.S.) or equivalent.

• College diploma or university degree in an aligning field, i.e. computer science or information security.

One or more of the following certifications:

• CISSP
• GIAC Security Fundamentals
• GIAC Information Security Essentials
• Microsoft Certified Systems Administrator: Security
• Comp TIA Security

Experience:

• 6 years equivalent work experience.
• Experience with IDS & IPS, vulnerability scanning & penetration testing and reporting, and centrally managed antimalware solutions.
• Experience with SIEM solutions, server, network device, and endpoint security log collection/retention, and analysis.
• Experience with firewall and web filtering configurations.
• Experience with security report design and generation.

Knowledge, Skills & Abilities:

Knowledge & Experience

• Strong understanding of IP, TCP/IP, and other network administration protocols.
• Strong understanding of Microsoft endpoint and server operating systems security

configuration and auditing.

• Working technical knowledge of corporate information technology environments and all layers of the OSI model.
• Familiarity with Linux-based operating systems.
• Familiarity with firewall and web filtering configurations.
• Familiarity with applications security standards and analysis protocols, e.g. OWASP, and BSIMM.

Personal Attributes

• Positive, customer focused attitude.
• Proven analytical and problem-solving abilities.
• Ability to effectively prioritize and execute tasks in a high-pressure environment.

What we have to offer:

The HARRIS CENTER offers competitive salary, excellent benefits package, retirement plans with company matching, prior service credit towards generous PTO accrual, outstanding wellness programs and professional development. Employees can also take advantage of business casual dress code, corporate discounts, and gym memberships. New hire referral bonus, discounts are also available on an optional basis. These include mobile phone service, fitness centers and other wellness amenities.

What else you should know:

• This posting is associated with position #1147
• This position will be located at 9401 Southwest Fwy. Houston, TX 77074.

About us:

The HARRIS CENTER is the state-designated Local Mental Health Authority and Local Intellectual and Developmental Disability (IDD) Authority serving Harris County, Texas. As the largest behavioral and developmental disability care center in Texas, The HARRIS CENTER provided care to over 79,000 people in fiscal year 2019 and has an annual budget of over $275 million. As part of its mission to transform the lives of people with behavioral health and IDD needs in the third largest county in the United States, The HARRIS CENTER provides a full continuum of services at 86 different sites across Harris County. In addition, services are provided in more than 42 different languages as well as sign language in order to better serve what is one of the most diverse and multi-cultural communities in the nation.