Cybersecurity Analyst - Vulnerability Management

Position: Cybersecurity Analyst Vulnerability Management Duration: 12 months Location: Austin Texas (Hybrid) WORK LOCATION: Working remotely is accepted in accordance with TxDOT's policies. The resource must be in the office a minimum of four days a week, or as approved by TxDOT. Note: Resource may be required to work evenings or weekends to meet business needs and deadlines. Term of Service: The initial term of the contract shall commence upon execution of the contract and expires one year from commencement with the option to renew for two, one-year period(s) at TxDOT's sole discretion. TxDOT will provide an intent to renew, in writing, a minimum of 30 days prior to expiration of the current term. NOTE: The dates, listed below, are estimated and based on the anticipated award date of the contract and will be in accordance with the DIR contract. 1st Renewal Option: One year based on commencement. 2nd Renewal Option: One year based on commencement. DESCRIPTION OF SERVICES

Texas Department of Transportation requires the services of 1 Network Security Analyst 1, hereafter referred to as Candidate(s), who meets the general qualifications of Network Security Analyst 1, Security and the specifications outlined in this document for the Texas Department of Transportation.

All work products resulting from the project shall be considered "works made for hire" and are the property of the Texas Department of Transportation and may include pre-selection requirements that potential Vendors (and their Candidates) submit to and satisfy criminal background checks as authorized by Texas law. Texas Department of Transportation will pay no fees for interviews or discussions, which occur during the process of selecting a Candidate(s).

Primary Responsibilities

• Vulnerability Remediation Coordination
• Review, triage, and manage vulnerability remediation assignments within ServiceNow IT Remediation Workspace.
• Coordinate remediation efforts for vulnerabilities that cannot be addressed through normal patch cycles (e.g., emergency, high-risk CVEs, exceptions, or special remediation scenarios).
• Serve as the central point of coordination between Server Operations, Security (CSOC), and other impacted teams throughout the remediation lifecycle.
• Track remediation status, dependencies, and outstanding actions to ensure vulnerabilities progress to closure in accordance with policy and risk priorities.
• Ensure remediation activities align with the Vulnerability Remediation Process and supporting work instructions.
  
  

ServiceNow & IT Remediation Workspace

• Create, manage, and update:
• Vulnerability Remediation Tasks (VUL)
• Associated Change Requests
• Related Configuration Items (CIs)
• Ensure accurate documentation of remediation plans, implementation steps, validation outcomes, and rollback plans within ServiceNow records.
• Validate that vulnerability remediation tasks meet ServiceNow process requirements and audit expectations before change submission.
• Coordinate remediation sequencing across multiple server platforms and support teams using ServiceNow workflows and assignment rules.
  
  

Change Management & CAB Presentation

• Prepare and submit Normal and Standard Change Requests for vulnerability remediation activities.
• Present vulnerability remediation changes to CAB, clearly articulating:
• Security risk and urgency
• Scope and impacted systems
• Remediation approach
• Testing and validation plans
• Rollback and risk mitigation measures
• Address CAB questions and coordinate follow up actions as needed to secure approval.
• Ensure approved changes are scheduled, communicated, and implemented in alignment with change windows and operational constraints.
  
  

Cross Platform Server Support

• Coordinate vulnerability remediation across:
• Windows Server environments
• Linux Server environments (RHEL)
• Citrix server platforms
• Work with platform SMEs to understand remediation requirements and constraints without directly executing patching activities.
• Ensure consistent remediation tracking and reporting across heterogeneous server platforms.
  
  

Organization, Tracking & Reporting

• Maintain detailed tracking of:
• Outstanding vulnerabilities
• Change approvals
• Implementation status
• Validation and closure evidence
• Support audit, compliance, and leadership reporting with accurate, up to date remediation metrics and status summaries.
• Identify process gaps, bottlenecks, or recurring issues and recommend improvements to remediation and change workflows.
  
  

II. CANDIDATE SKILLS AND QUALIFICATIONS

• 5 years of experience Proven experience coordinating server vulnerability remediation in an enterprise environment.
• 5 years of experience Strong hands-on experience with ServiceNow, including Change Management and IT Remediation Workspace.
• 5 years of experience Solid understanding of change management processes and presenting changes to a CAB.
• 5 years of experience Practical knowledge of server platforms: Windows Server, Linux Server, Citrix Infrastructure
• 5 years of experience Exceptional organizational skills with the ability to manage multiple parallel remediation efforts.
• 5 years of experience Strong written and verbal communication skills, especially for CAB and cross team coordination.
• 5 years of experience supporting vulnerability remediation in a government, regulated, or large enterprise environment.
  
  

Preferred Skills

• Familiarity with vulnerability management workflows involving CSOC, Infrastructure, and Application teams.
• Experience coordinating remediation outside of standard patching schedules (emergency or out of band remediation).
• Prior exposure to audit, compliance, or security evidence collection related to vulnerability remediation.
• Timely remediation of high risk and exception-based vulnerabilities.
• High quality, CAB approved change records with complete and accurate documentation.
• Clear, auditable tracking of vulnerability remediation status from assignment through closure.
• Improved coordination and reduced remediation delays across server platforms.