Job Details

Level Description

8 or more years of experience, relies on experience and judgment to plan and accomplish goals, independently performs a variety of complicated tasks, a wide degree of creativity and latitude is expected.



Job Description

Coordinate and execute security policies and controls, as well as assess vulnerabilities within a company. They are responsible for data and network security processing, security systems management, and security violation investigation.



Additional job details and special considerations

Supports the TIERS Learning Center and Operations by applying information security threat intelligence to identify and exploit vulnerabilities within different environments. On a daily basis you will perform analysis of on-prem and cloud security and monitor security operations including security architecture reviews. Our ideal candidate understands regulatory requirements, has in-depth knowledge of industry standards and trends, and is proficient with the latest cybersecurity software.

Responsible for implementing security measures to protect computer systems, networks and data. Information security analysts are expected to stay up to date on the latest intelligence, including hackers’ methodologies, in order to anticipate breaches.
Responsible for ensuring all networks have adequate security to prevent unauthorized access. Also must ensure that all security systems are current with any software or hardware changes in the company.
Conduct application security assessments using off-the-shelf or internally developed tools. Also produce and deliver vulnerability and exploit information to clients in the form of a professional security assessment report.
Orchestrate calls to include, but not limited to project kick-off calls, notification of high/critical findings during the testing process, and close out calls to review test findings, evidence, process steps to reproduce, and remediation recommendations.
Perform proactive research to identify and understand new threats, vulnerabilities and exploits. Perform procedures necessary to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access or destruction.
Extensive experience with working with and implementing NIST 800-37, NIST 800-53, MARS-E controls, POA&Ms, and developing Corrective Action Plans.
Prepare impact assessment reports that document security breaches and the extent of the damage caused by the breaches. Create standard operating procedure documents in adherence to security policies and standards.
Review violations of computer security procedures and discuss procedures with HHSC/TIERS Security team. Confer with users to discuss issues such as computer data access needs, security violations, and programming changes.
Skilled information technology professional with advanced experience developing and implementing IT policy, standards and procedures.
Ability to prepare concise written reports appropriate to the audience. Ability to communicate effectively verbally and in writing.
Experience working with Archer GRC, Dynatrace, Splunk, Imperva Web Application Firewall, Qualys and MS Office tools.
Conduct research to recommend security enhancements and purchases of new security tools.
Ability to training staff on network and information security procedures, processes and information safeguarding.