Cybersecurity Analyst II

#00054539

11/26/2025

Open Until Filled

Cybersecurity Analyst II

0320/B25

Army: 17C, 25D; Coast Guard: CYB11, CYB12, CYB14; Marine Corps: 1721, Air Force: 1N4X1, Space Force: 514A, 5C0X1N

Exempt

1

Office of the Chief Information Security Officer/Security Operations/Cybersecurity Incident Response Team

$7,833.34 - $8,025.00/monthly

Regular

40

Occasional

506 Dolorosa Street / San Antonio, Texas 78204

https://dir.texas.gov/

People and Culture Office

(512) 475-4957 or (512) 463-5920

• Select the link below to search for this position: https://capps.taleo.net/careersection/ex/jobsearch.ftl?lang=en
• Enter the job posting number 00053317 in the keyword search.

• You must create a CAPPS Career Section candidate profile or be logged in to apply.

• Update your profile and apply for the job by navigating through the pages and steps.

• Once ready, select “Submit” on the “Review and Submit” page.

• If you have problems accessing the CAPPS Career Section, please follow the instructions in the Resetting CAPPS Password for Job Candidate desk aid.

• Applicants must provide in-depth information in the EXPERIENCE & CREDENTIALS section to demonstrate how they meet the position qualifications. Incomplete applications may result in disqualification.

• Resumes may be uploaded as an attachment but are not accepted in lieu of the information required in the EXPERIENCE & CREDENTIALS section of the application.

Candidates will be notified for appointments as determined by the selection committee.

Section 651.005 of the Government Code requires males, ages 18 through 25 years, to provide proof of their Selective Service registration or proof of their exemption from the requirement as a condition of state employment.

We are unable to sponsor or take over sponsorship of an employment Visa at this time.

The Department of Information Resources does not exclude anyone from consideration for recruitment, selection, appointment, training, promotion, retention, or any other personnel action, or deny any benefits or participation in programs or activities, which it sponsors on the grounds of race, color, national origin, sex, religion, age, or disability. Please call 512-475-4922 to request reasonable accommodation.

We are a technology agency powered by people.

DIR offers secure, modern, and cost-effective technology to help government entities in Texas serve their constituents.

DIR is a fast-paced and collaborative environment with highly motivated, innovative, and engaged employees dedicated to achieving the best value for the state. We have over 325 professionals working at DIR who are honored to serve as the cornerstone of public sector technology in Texas. By joining DIR, you will be an integral part of transforming how technology serves Texans.

A role within the Office of the State Chief Information Security Officer (OCISO) that combines progressive incident response program development, works with many diverse organizations, plans for and responds to cybersecurity incidents, and reviews and communicates threats and vulnerabilities to a wide range of stakeholders. You will play a critical role in building the capability and capacity of the statewide Cybersecurity Incident Response Team (CIRT). The CIRT is vital to the security posture of Texas and its citizens by responding to cybersecurity incidents in Texas and preparing our state for future cyber incidents. If you are looking to be a changemaker, this role is for you!

Performs complex (journey-level) cybersecurity analysis work. Work involves protecting cybersecurity assets and delivering cybersecurity incident detection, incident response, threat assessment, cyber intelligence, and vulnerability assessment services. Will interact frequently with state agencies, institutions of higher education, local governmental officials, and other interagency personnel using a variety of communication mechanisms to engage and deliver incident response services. Work with the rest of the OCISO team to collaboratively identify and deliver statewide security program improvements and continuously improve the security posture of the State of Texas. May provide guidance to others. Works under general supervision, with limited latitude for the use of initiative and independent judgment.

The CIRT Analyst will assist in developing, maintaining, or supporting a Threat intelligence capability to identify current and emerging security risks to the state of Texas. The CIRT Analyst will:

• Support cyber incident response activities and recovery services for any eligible governmental entity across the State of Texas.
• Coordinate with industry partners, government agencies (including law enforcement and intelligence agencies) and other specialists to establish and maintain situational awareness of current and emerging risks and threats to the state.
• Apply systems administration knowledge to support cybersecurity operations, including log analysis, endpoint/server hardening, patch management, active directory, and troubleshooting of operating systems and networked environments.
• Leverage prior experience with enterprise IT systems to identify misconfigurations, mitigate vulnerabilities, and support recovery efforts during cyber incidents.
• Develop and potentially deliver tabletop preparedness exercises for both technical and non-technical stakeholders, providing educational and awareness presentations on sound security practices to improve the security maturity of the state.
• Work collaboratively to identify and deliver statewide security program improvements and continuously improve the security posture of the State of Texas as a whole.
• Support development and maintenance of the State of Texas CIRT security incident response and recovery process, including all required supporting materials and applicable knowledge transfer.
• Performs other work-related duties as assigned.

• Graduation from an accredited four-year college or university with major coursework in information technology security, computer information systems, computer science, management information systems, or a related field.
• Additional years of work-related experience may be used to substitute for each year of formal education. (High School diploma or equivalent certificate required.)

• Three (3) years of progressively responsible experience in the IT industry.
• Three (3) years of progressively responsible experience in information technology security or project management work.
• One (1) year of experience in responding to security incidents.

• Experience and training in analyzing, recommending, developing, and implementing enterprise-wide policies, standards, and guidelines.
• Experience in researching and documenting findings on information technology issues, processes, or programs.
• Experience in adult learning techniques, including curriculum development and delivery of technical and non-technical training.
• Experience in creating and editing documentation, related processes public presentations, and other written communication.
• Have or work towards obtaining Certified Ethical Hacker (CEH) GAIC Certified Incident Handler (GCIH), GCFE Certified Forensic Examiner (GAIC ), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Security Professional (CISSP), GIAC Security Essentials Certification (GSEC), Certified Incident Handler (GCIH) and/or CyberSec First Responder (CFR) or similar certification, or serve as a SME on a certification creation committee or equivalent.

• Knowledge of applied “sound security” concepts, such as the principal of least privilege, the use of multi-factor authentication, and identity and access management.
• Knowledge of generally accepted information technology standards and practices; of information technology practices; and of information technology management practices.
• Knowledge of the security limitations and capabilities of computer systems and of information security practices, procedures, and regulations.
• Knowledge of security architecture and security program requirements.
• Knowledge of relevant DIR IT Security Services and regulations including Texas Government Code Chapter 2063, Texas Administrative Code § 202, and other related security codes, documentation, standards, and best practices.
• Demonstrated documentation skills.
• Ability to communicate effectively using interpersonal skills and appropriate supporting technology.
• Ability to promote and support the overall mission, goals, and efforts of the team.
• Ability to learn and adapt quickly in a dynamic environment.
• Ability to manage projects to resolve complex issues in diverse and decentralized environments.
• Ability to establish and maintain effective and cordial working relationships at all organizational levels, including agency management, direct supervisors, co-workers, internal and external customers.
• Ability to understand, follow and convey brief oral and/or written instructions.
• Ability to communicate both verbally and in writing, in a clear and concise manner.
• Ability to work independently and as part of a team, and to support and contribute to a cohesive team environment.
• Ability to work under pressure and exacting schedules to complete assigned tasks.
• Ability to occasional work beyond scheduled hours and/or a flexible schedule as needed to meet required deadlines.
• Ability to travel as necessary.
• Ability to comply with all agency policy and applicable laws.
• Ability to comply with all applicable safety rules, regulations, and standards.
• Ability to maintain the security and integrity of any critical infrastructure researched, worked on, or accessed for work purposes.

Proficiency in the use of a computer and applicable software necessary to perform work assignments e.g., word processing, spreadsheets (Microsoft Office preferred).

• Regular and punctual attendance at the workplace.
• Criminal background check.

• Frequent use of computers, copiers, printers, and telephones.
• Frequent standing, walking, sitting, listening, and talking.
• Frequent work under stress, as a team member, and in direct contact with others.
• Occasional bending and stooping.
• Infrequent lifting and climbing.
• May occasionally work extended hours.
• May occasionally travel, including on short notice.