What are the responsibilities and job description for the Senior SOC/Cloud Security Analyst position at Texas Health and Human Services?
Date: Feb 6, 2026
Location:
AUSTIN, TX
Join the Texas Health and Human Services Commission (HHSC) and be part of a team committed to creating a positive impact in the lives of fellow Texans. At HHSC, your contributions matter, and we support you at each stage of your life and work journey. Our comprehensive benefits package includes 100% paid employee health insurance for full-time eligible employees, a defined benefit pension plan, generous time off benefits, numerous opportunities for career advancement and more. Explore more details on the Benefits of Working at HHS webpage.
Functional Title: Senior SOC/Cloud Security Analyst
Job Title: Cybersecurity Analyst III
Agency: Health & Human Services Comm
Department: CHIEF INFO SECURITY OFFICE
Posting Number: 13651
Closing Date: 04/07/2026
Posting Audience: Internal and External
Occupational Category: Computer and Mathematical
Salary Group: TEXAS-B-27
Salary Range: $7,015.16 - $10,333.33
Pay Frequency: Monthly
Shift: Day
Additional Shift: Days (First)
Telework
Travel:
Regular/Temporary: Regular
Full Time/Part Time: Full time
FLSA Exempt/Non-Exempt: Exempt
Facility Location:
Job Location City: AUSTIN
Job Location Address: 701 W 51ST ST
Other Locations:
MOS Codes: 0605,0630,0631,0639,0670,0679,0681,1702,1705,1710,1720,1721,1799,2611,2659,8055,8858,14N,14NX,170A
170B,17A,17B,17C,17C0,17DX,17S,17SX,17X,181X,182X,183X,184X,1B4X1,1D7X1,1N4X1,255A,255N,255S,25B,25D
26A,26B,26Z,514A,5C0X1D,5C0X1N,5C0X1R,5C0X1S,5IX,681X,682X,683X,781X,782X,783X,784X,CTI,CTM,CTR,CWT
CYB10,CYB11,CYB12,CYB13,CYB14,IS,ISM,ISS,IT,ITS
Brief Job Description
This position is open to permanent residents or U.S. citizens only.
The Senior SOC / Cloud Security Analyst serves as a critical member of the HHSC Cybersecurity Operations team and is responsible for protecting enterprise systems, cloud environments, and sensitive data from evolving cyber threats. This role operates at an advanced technical level and functions as a subject matter expert in Security Operations, SIEM engineering, vulnerability management, threat detection, and incident response.
The analyst will lead to proactive threat monitoring across hybrid and multi-cloud environments, leveraging enterprise security platforms such as SIEM, EDR, vulnerability scanners (e.g., Qualys), and cloud-native security tools. This position plays a key role in strengthening HHSC’s cyber defense posture by identifying control gaps, reducing attack surface, and driving rapid remediation of vulnerabilities.
This role partners closely with infrastructure, cloud engineering, application teams, risk management, and incident response stakeholders to ensure security is embedded into enterprise technology deployments. The position also supports regulatory compliance efforts aligned with TAC 202, HIPAA, IRS 1075, NIST 800-53, and other state and federal cybersecurity requirements.
The Cybersecurity Analyst III operates with considerable independence, provides technical leadership during cyber incidents, mentors junior analysts, and contributes to the continuous maturation of HHSC’s Security Operations Center (SOC).
Essential Job Functions (EJFs)
Attends work on a regular and predictable schedule in accordance with agency leave policy and performs other duties as assigned.
(30%) Security Operations Monitoring & Incident Response
Preferred certifications include one or more of the following:
Candidates for this position will be subject to a pre-employment security review to determine employment eligibility.
This is an onsite position in our office located in Austin, TX. No hybrid/remote work schedule is permitted.
Any employment offer is contingent upon available budgeted funds. The offered salary will be determined in accordance with budgetary limits and the requirements of HHSC Human Resources Manual.
Review our Tips for Success when applying for jobs at DFPS, DSHS and HHSC.
Active Duty, Military, Reservists, Guardsmen, And Veterans
Military occupation(s) that relate to the initial selection criteria and registration or licensure requirements for this position may include, but not limited to those listed in this posting. All active-duty military, reservists, guardsmen, and veterans are encouraged to apply if qualified to fill this position. For more information please see the Texas State Auditor’s Job Descriptions, Military Crosswalk and Military Crosswalk Guide at Texas State Auditor's Office - Job Descriptions.
ADA Accommodations
In compliance with the Americans with Disabilities Act (ADA), HHSC and DSHS agencies will provide reasonable accommodation during the hiring and selection process for qualified individuals with a disability. If you need assistance completing the on-line application, contact the HHS Employee Service Center at 1-888-894-4747. If you are contacted for an interview and need accommodation to participate in the interview process, please notify the person scheduling the interview.
Pre-Employment Checks And Work Eligibility
Depending on the program area and position requirements, applicants selected for hire may be required to pass background and other due diligence checks.
HHSC uses E-Verify. You must bring your I-9 documentation with you on your first day of work. Download the I-9 Form
Telework Disclaimer
This position may be eligible for telework. Please note, all HHS positions are subject to state and agency telework policies in addition to the discretion of the direct supervisor and business needs.
Nearest Major Market: Austin
Location:
AUSTIN, TX
Join the Texas Health and Human Services Commission (HHSC) and be part of a team committed to creating a positive impact in the lives of fellow Texans. At HHSC, your contributions matter, and we support you at each stage of your life and work journey. Our comprehensive benefits package includes 100% paid employee health insurance for full-time eligible employees, a defined benefit pension plan, generous time off benefits, numerous opportunities for career advancement and more. Explore more details on the Benefits of Working at HHS webpage.
Functional Title: Senior SOC/Cloud Security Analyst
Job Title: Cybersecurity Analyst III
Agency: Health & Human Services Comm
Department: CHIEF INFO SECURITY OFFICE
Posting Number: 13651
Closing Date: 04/07/2026
Posting Audience: Internal and External
Occupational Category: Computer and Mathematical
Salary Group: TEXAS-B-27
Salary Range: $7,015.16 - $10,333.33
Pay Frequency: Monthly
Shift: Day
Additional Shift: Days (First)
Telework
Travel:
Regular/Temporary: Regular
Full Time/Part Time: Full time
FLSA Exempt/Non-Exempt: Exempt
Facility Location:
Job Location City: AUSTIN
Job Location Address: 701 W 51ST ST
Other Locations:
MOS Codes: 0605,0630,0631,0639,0670,0679,0681,1702,1705,1710,1720,1721,1799,2611,2659,8055,8858,14N,14NX,170A
170B,17A,17B,17C,17C0,17DX,17S,17SX,17X,181X,182X,183X,184X,1B4X1,1D7X1,1N4X1,255A,255N,255S,25B,25D
26A,26B,26Z,514A,5C0X1D,5C0X1N,5C0X1R,5C0X1S,5IX,681X,682X,683X,781X,782X,783X,784X,CTI,CTM,CTR,CWT
CYB10,CYB11,CYB12,CYB13,CYB14,IS,ISM,ISS,IT,ITS
Brief Job Description
This position is open to permanent residents or U.S. citizens only.
The Senior SOC / Cloud Security Analyst serves as a critical member of the HHSC Cybersecurity Operations team and is responsible for protecting enterprise systems, cloud environments, and sensitive data from evolving cyber threats. This role operates at an advanced technical level and functions as a subject matter expert in Security Operations, SIEM engineering, vulnerability management, threat detection, and incident response.
The analyst will lead to proactive threat monitoring across hybrid and multi-cloud environments, leveraging enterprise security platforms such as SIEM, EDR, vulnerability scanners (e.g., Qualys), and cloud-native security tools. This position plays a key role in strengthening HHSC’s cyber defense posture by identifying control gaps, reducing attack surface, and driving rapid remediation of vulnerabilities.
This role partners closely with infrastructure, cloud engineering, application teams, risk management, and incident response stakeholders to ensure security is embedded into enterprise technology deployments. The position also supports regulatory compliance efforts aligned with TAC 202, HIPAA, IRS 1075, NIST 800-53, and other state and federal cybersecurity requirements.
The Cybersecurity Analyst III operates with considerable independence, provides technical leadership during cyber incidents, mentors junior analysts, and contributes to the continuous maturation of HHSC’s Security Operations Center (SOC).
Essential Job Functions (EJFs)
Attends work on a regular and predictable schedule in accordance with agency leave policy and performs other duties as assigned.
(30%) Security Operations Monitoring & Incident Response
- Serve as a senior analyst within the Security Operations Center (SOC) responsible for advanced threat detection, triage, investigation, and response.
- Monitor and analyze security events using SIEM platforms (e.g., Splunk, Sentinel) to identify malicious or anomalous activity.
- Lead incident investigations, perform root cause analysis, and coordinate containment, eradication, and recovery efforts.
- Develop and refine detection use cases, correlation rules, and behavioral analytics to improve threat visibility.
- Provide technical leadership during high-severity cyber incidents.
- Conduct threat hunting activities across network, endpoint, identity, and cloud telemetry.
- Serve as the technical lead for vulnerability management using enterprise scanning platforms such as Qualys.
- Analyze vulnerability data, prioritize risks based on exploitability and business impact, and drive remediation with system owners.
- Validate patching effectiveness and oversee closure of critical and high-risk findings.
- Identify systemic weaknesses and recommend compensating controls.
- Produce executive-ready risk metrics and dashboards to support leadership decision-making.
- Secure AWS, Azure, and other cloud platforms through continuous monitoring and configuration assessment.
- Investigate cloud-native threats including identity compromise, misconfigurations, exposed services, and lateral movement.
- Implement and tune cloud security tooling such as CSPM, CWPP, and identity threat detection capabilities.
- Partner with DevOps and cloud teams to embed security controls into infrastructure deployments.
- Support secure architecture reviews and recommend improvements aligned with Zero Trust principles.
- Design, onboard, and normalize log sources to improve enterprise visibility.
- Enhance detection engineering by developing automated workflows, playbooks, and response integrations.
- Tune alerts to reduce false positives while improving detection fidelity.
- Support integration of threat intelligence feeds into security tooling.
- Evaluate emerging SOC technologies to strengthen defensive capabilities.
- Support audit requests, control validations, and security assessments.
- Maintain documentation for investigations, procedures, and operational playbooks.
- Ensure operational activities align with agency security policies and regulatory obligations.
- Includes participation in disaster response, cybersecurity incidents, and Continuity of Operations (COOP) activities as required.
- Advanced knowledge of Security Operations Center practices, incident response, and threat detection methodologies.
- Knowledge of scripting or automation (PowerShell, Python, or similar).
- Knowledge of Zero Trust architecture principles.
- Strong knowledge of cloud security principles across AWS and Azure environments.
- Knowledge of attacker tactics, techniques, and procedures (MITRE ATT&CK).
- Strongly skilled SIEM platforms such as Splunk, Microsoft Sentinel, or equivalent.
- Strongly skilled in vulnerability management tools such as Qualys and enterprise remediation programs.
- Skilled in endpoint detection and response (EDR/XDR) platforms.
- Strong analytical and problem-solving skills with the ability to operate during high-pressure incidents.
- Excellent written and verbal communication skills.
- Ability to mentor junior analysts and contribute to a high-performing SOC culture.
- Ability to translate technical risk into business impact for leadership.
- Ability to maintain the security and integrity of critical infrastructure systems by preventing unauthorized access and ensuring compliance with laws and regulations related to national security and foreign ownership restrictions
Preferred certifications include one or more of the following:
- CISSP
- GCIA, GCIH, or GCED
- Microsoft SC-200 or SC-100
- AWS Security Specialty
- Certified Ethical Hacker (CEH)
- CompTIA Security (advanced candidates preferred beyond baseline cert)
- Minimum 5 years of progressive cybersecurity experience, with at least 3 years in a SOC or security operations role.
- Experience with SIEM and vulnerability management platforms.
- Experience securing cloud environments (AWS, Azure, or Google Cloud).
- Experience with incident response in enterprise environments.
Candidates for this position will be subject to a pre-employment security review to determine employment eligibility.
This is an onsite position in our office located in Austin, TX. No hybrid/remote work schedule is permitted.
Any employment offer is contingent upon available budgeted funds. The offered salary will be determined in accordance with budgetary limits and the requirements of HHSC Human Resources Manual.
Review our Tips for Success when applying for jobs at DFPS, DSHS and HHSC.
Active Duty, Military, Reservists, Guardsmen, And Veterans
Military occupation(s) that relate to the initial selection criteria and registration or licensure requirements for this position may include, but not limited to those listed in this posting. All active-duty military, reservists, guardsmen, and veterans are encouraged to apply if qualified to fill this position. For more information please see the Texas State Auditor’s Job Descriptions, Military Crosswalk and Military Crosswalk Guide at Texas State Auditor's Office - Job Descriptions.
ADA Accommodations
In compliance with the Americans with Disabilities Act (ADA), HHSC and DSHS agencies will provide reasonable accommodation during the hiring and selection process for qualified individuals with a disability. If you need assistance completing the on-line application, contact the HHS Employee Service Center at 1-888-894-4747. If you are contacted for an interview and need accommodation to participate in the interview process, please notify the person scheduling the interview.
Pre-Employment Checks And Work Eligibility
Depending on the program area and position requirements, applicants selected for hire may be required to pass background and other due diligence checks.
HHSC uses E-Verify. You must bring your I-9 documentation with you on your first day of work. Download the I-9 Form
Telework Disclaimer
This position may be eligible for telework. Please note, all HHS positions are subject to state and agency telework policies in addition to the discretion of the direct supervisor and business needs.
Nearest Major Market: Austin
Salary : $7,015 - $10,333