Cybersecurity Operations Engineer (Cybersecurity ...

Please paste the following URL into a browser to view the entire job posting in the CAPPS Career Section: may apply to the job directly through the CAPPS Career Section. It is not necessary to apply both through Work In Texas and CAPPS Career SectionMISSION: The Texas Education Agency (TEA) will improve outcomes for all public-school students in the state by providing leadership, guidance, and support to school systems.Core Values:and#8226; We are Determined: We are committed and intentional in the pursuit of our main purpose, to improve outcomes for students.and#8226; We are People-Centered: We strive to attract, develop, and retain the most committed talent, representing the diversity of Texas, each contributing to our common vision for students.and#8226; We are Learners: We seek evidence, reflect on success and failure, and try new approaches in the pursuit of excellence for our students.and#8226; We are Servant Leaders: Above all else, we are public servants working to improve opportunities for students and provide support to those who serve them.New hires, re-hires, and internal hires will typically receive a starting salary between the posted minimum and the average pay of employees in their same classification. Offers will be commensurate with the candidateand#8217;s experience and qualifications and will thoughtfully consider internal pay equity for agency staff who perform similar duties and have similar qualifications. The top half of the posted salary range is generally reserved for candidates who exceed the requirements and qualifications for the role. The maximum salary range is reserved for candidates that far exceed the required and preferred qualifications for the role.About Office of ITThe Office of Information Technology works closely with all agency divisions to implement innovative technology solutions in a cost-efficient manner that supports the goals and priorities of the Texas Education Agency. The Office of IT provides efficient technology solutions and stellar customer services to internal staff, 20 Educational Service Centers, and 1,200-plus public-school districts and charter schools. The following services are provided by IT: leadership on IT initiatives; guidance on security/policy issues; new application development/enhancements; software acquisition; technical support; assistance with technical sections of purchasing documents such as Request for Information (RFI), Request for Offers (RFO), Request for Proposals (RFP); and oversight on the data collection process which helps to support and improve outcomes for all of Texasand#8217; 5 million-plus students.Position OverviewThis position is funded through December 30, 2026. Continuation of the position beyond that date is contingent on available funding.The Cybersecurity Operations Engineer assists the Texas Education Agency (TEA) mission to support every Texas public school student to be ready for college, career or the military and understands the Agency must first have a workforce of high-performing individuals who are committed to improving outcomes for Texas students. With this as our guiding principle, the Cybersecurity Operations Engineer works closely with TEAand#8217;s Cybersecurity Operations Team Lead to implement a stake-holder focused Information Security Program to protect the information which is shared with the Agency by the citizens of Texas and Local Education Agencies (LEAs). The Cybersecurity Operations Engineer will be responsible for key cybersecurity strategies including:and#8226; Working with the Cybersecurity Operations Team Lead to improve TEAand#8217;s cybersecurity maturity, following the Texas Cybersecurity Framework.and#8226; Following Incident Response processes to ensure swift and proper response to cyber incidents.and#8226; Administering security controls to prevent malware delivery, execution, and extent of cyber incidents.This role is in the Office of Information Technology. The Office of Information Technology (IT) works closely with all agency divisions to implement innovative technology solutions in a cost-efficient manner that supports the goals and priorities of TEA.Flexible work location within the state of Texas may be considered for qualified candidates. Please note that a resume is a required attachment for applying to this position. Incomplete applications will not be considered. Applicants who are strongly being considered for employment must submit to a national criminal history background check.Essential FunctionsJob duties are not limited to the essential functions mentioned below. You may perform other functions as assigned.1. Cybersecurity Engineering: Implement, maintain, tune, and manage, various cybersecurity tools with a primary focus on our SOAR/SIEM tools, included but not limited to; collecting and normalizing data via log collector or APIs, managing the log forwarder server(s), creating alert and detection rules, configuring RBAC, creating relevant dashboards, visuals, and reports based on stakeholder requirements, documenting functionality and implementation. Manage and monitor EDR platform.2. Cybersecurity Analysis: Provide cybersecurity consultation for TEA projects that align with TEAand#8217;s Information Security Program; may provide guidance on projects to assess security requirements and controls and to ensure that security controls are implemented as planned. Analyze information from various sources (especially the SIEM/SOAR/EDR to better inform detection and reporting) to help inform improving monitoring and detect emerging threats (in the SIEM/SOAR tool). May be required to put analysis in writing (report form).3. Incident Response: Resolve security issues in a diverse and decentralized environments; communicate effectively; detect, investigate, remediate, and recover from cybersecurity threats across TEA; report to Cybersecurity Operations Team Lead or designated Incident Response Lead, concerning residual risk, vulnerabilities, and other security exposures, including misuse of information assets and noncompliance. Document incidents as required.4. Cybersecurity Advisor: Assist in advising management and users regarding security policy, procedures, and security best practices; especially as it relates to maximizing the utility of our SIEM/SOAR solution.Qualifications: Minimum Qualificationsand#8226; Education: Graduation from an accredited four-year college or universityand#8226; Degree field(s): Cybersecurity, information technology security, computer engineering, computer information systems, computer science, management information systems, or a related fieldand#8226; Experience: At least two (2) years of experience in an enterprise environment, doing all of the following: managing and configuring an enterprise grade SIEM/SOAR solution, using Python or PowerShell to collect data from APIs, normalize that data, and sending that data to a SIEM/SOAR platform, creating alerts, dashboards, and reports (especially around cybersecurity metrics) in a SIEM solution, validating and deploying security controls/solutions in a safe and approved manner, and responding (as needed) to alerts/events generated by security tools. The two (2) years of minimum experience must be recent (within the last year), paid, professional experience, in a moderate to large enterprise environment.and#8226; Substitutions: Each additional year of related experience above the required minimum may substitute for education on a year-for-year basisOther Qualificationsand#8226; Share the belief that all Texas students can achieve at high levels and are able to succeed in college, career, or the militaryand#8226; Experience administrating, configuring, and using CrowdStrike Next Gen SIEM and/or Splunk is preferredand#8226; Understanding of modern threat actor techniques, tactics, and procedures (TTPs) is preferredand#8226; Knowled

Created: 2025-12-12