Hybrid - On Site and Telework, Austin TX
Initial contract: 04/01/2025 - 08/31/2025; may be extended up to 3 years.
I. DESCRIPTION OF SERVICES
8 or more years of experience, relies on experience and judgment to plan andaccomplish goals, independently performs a variety of complicated tasks, a widedegree of creativity and latitude is expected.
Understands business objectives and problems, identifies alternative solutions, performs studies and cost/benefit analysis of alternatives. Analyzes user requirements, procedures, and problems to automate processing or to improve existing computer system: Confers with personnel of organizational units involved to analyze current operational procedures, identify problems, and learn specific input and output requirements, such as forms of data input, how data is to be summarized, and formats for reports. Writes detailed description of user needs, program functions, and steps required to develop or modify computer program. Reviews computer system capabilities, specifications, and scheduling limitations to determine if requested program or program change is possible within existing system.
Additional job details and special considerations
Supports TIERS Operations, AWS Cloud Migration and TIERS Cloud Migration's Authority to Connect project by applying information security threat intelligence to identify and exploit vulnerabilities within different environments. On a daily basis you will perform analysis of on-prem and cloud security and operations related to security. Our ideal candidate has experience working in a large operations and development environments and is knowledgeable about custodian artifacts that are regulatory requirements. In this role you will assist IT operations and development teams to meet industry standards, and be proficient with the latest cybersecurity software. On a daily basis, interacts with all aspects of IT responsible for the management of DevSecOps. Requires knowledge of infrastructure in IT operations including understanding of databases and system administration. This position may be required to come to the office once a week or more.
1193591 - FY24/25 AES TIERS Cloud Migration
II. CANDIDATE SKILLS AND QUALIFICATIONS
Minimum Requirements:
Candidates that do not meet or exceed the minimum stated requirements (skills/experience) will be displayed to customers but may not be chosen for this opportunity.
Years
|
Required/Preferred
|
Experience
8
|
Required
|
Coordinates and executes security policies and controls, as well as assess vulnerabilities within the company.
8
|
Required
|
Experience with data and network security processing, security systems management, and security violation investigation.
8
|
Required
|
On a daily basis performs analysis of on-prem and cloud security operations and works with DevSecOps teams with delivery of security related activities including audits, documentation, and reporting.
8
|
Required
|
Understands regulatory requirements, has in-depth knowledge of industry standards and trends, and is proficient with the latest cybersecurity software. Works with DevSecOps and custodians.
8
|
Required
|
Experience with managing various projects and ability to plan and oversees all aspects of the projects.
8
|
Required
|
Strong ability to identify problems/issues, analyze and evaluate alternatives and recommend/implement effective solutions.
8
|
Required
|
Orchestrate calls to include, but not limited to project kick-off calls, notification of high/critical findings during the testing process, and close out calls to review test findings, evidence, process steps to reproduce, and remediation recommendations.
8
|
Required
|
Experience implementing security measures to protect computer systems, networks and data. Information security analysts are expected to stay up to date on the latest intelligence, including hackers’ methodologies, in order to anticipate breaches.
8
|
Required
|
Extensive experience with working with and implementing NIST 800-37, NIST 800-53, MARS-E controls, POA&Ms, and developing Corrective Action Plans.
8
|
Required
|
Review violations of computer security procedures and discuss procedures with HHSC/TIERS Security team. Confer with users to discuss issues such as computer data access needs, security violations, and programming changes.
8
|
Required
|
Experience with Security web application firewalls.
8
|
Required
|
Experience with managing conflict and resolving issues at managerial levels.
8
|
Required
|
Experience with reviewing and coordinating audit responses, evidence gathering, and plan of actions. Experience collaborating with IT departments to coordinate audit responses.
5
|
Preferred
|
Skilled information technology professional with advanced experience developing and implementing IT policy, standards and procedures.
4
|
Preferred
|
Experience in delivering technical training in cloud‐ based technology is a plus.
4
|
Preferred
|
Experience providing Windows and Linux operating system and application support.
4
|
Preferred
|
Experience with information security risk assessments.
4
|
Preferred
|
Experience with security governance and documentation and security plan documents.
4
|
Preferred
|
In-depth knowledge of AWS Cloud Security preferred.
4
|
Preferred
|
In depth knowledge and hand on experience on AWS Cloud Security preferred or experience with other Cloud service providers.
3
|
Preferred
|
Experience ITIL - ticketing using Remedy and ServiceNow.
3
|
Preferred
|
Ability to training staff on network and information security procedures, processes and information safeguarding.
3
|
Preferred
|
Experience working with Archer GRC, Dynatrace, Splunk, Imperva Web Application Firewall, Qualys and MS Office tools.
Note: Initial contract: 03/17/2025 - 08/31/2025; may be renewed (at the same title, level and rate) for up to three (3) additional fiscal years ending August 31, 2028.
Position is hybrid. Program will only allow candidates who are within the City of Austin or the surrounding cities. (LOCALS ONLY). 20% travel into the office is required. The tentative workdays are as follows below.
Onsite: Wednesdays (tentative) this can be subject to change.
Remote: Mondays, Tuesdays, Thursdays and Fridays (tentative) this can be subject to change.