|Company||Texas General Land Office|
|Preferred GIAC Certifications||GSEC, GCIH|
|Salary||$5,500 - $8,300 per month|
Essential Job Elements:
Monitors and analyzes cybersecurity alerts from cybersecurity tools, network devices, and information systems. Monitors and maintains cybersecurity infrastructure and/or policies and procedures to protect information resources. May assign and/or supervise the work of others. Performs vulnerability scans of networks and applications to assess effectiveness and identify weaknesses. Performs reviews of vulnerability scans and assess the risk-based values of scans. Identifies and evaluates new cybersecurity technologies to remediate vulnerabilities. Assists in advising management and users regarding security procedures. Evaluates network and system security configuration for best practices and risk-based access controls. Reviewing the system security configurations on a regular schedule and provides feedback to subject matter experts as needed. Develops, recommends, and implements plans to safeguard computer configuration and data files against accidental or unauthorized modification, destruction, or disclosure and to meet emergency data processing needs. Oversees the implementation of computer system security plans with agency personnel and outside vendors. Performs and reviews technical risk assessments and reviews of new and existing applications and systems, including data center physical security and environment.
Experience with web application security testing. Experience with SIEM technologies and event/incident correlation. Experience with network analysis, endpoint analysis, malware analysis, and incident response. Scripting and/or Programming languages (PHP, PowerShell, Python, Java, C/C++, .NET, etc.). Proficiencies with the use of risk and control frameworks and process improvement models (e.g. Risk IT, ISO 27000/9000, COBIT, COSO, CMM, ITIL, etc.). Ability to analyze complex information to identify patterns and develop recommendations for future remediation activities. Certifications related to the duties and responsibilities specified, including but not limited to GCIH, GSEC, CISSP, and other technology related certifications will be considered.