Cybersecurity Analyst IV

Cybersecurity Analyst IVGeneral Position Summary:Performs advanced (senior level) information security and cybersecurity analysis work. Under the direction from the Chief Information Security Officer (CISO), assist with the planning, implementation, and maintenance of the agencys information security program. Works under limited supervision, with considerable latitude for the use of initiative and independent judgment.Tasks include but are not limited to the following areas: Security and Risk Management, Asset Security, Security Architecture and Engineering, Communications and Network Security, Identity and Access Management, Security Assessment and Testing, Security Operations, and Software Development Security. Contribute to the development and implementation of security policies and procedures. Initiates, facilitates, and promotes activities to create information security awareness within the organization. Monitors compliance with information security policies and procedures, referring problems to the appropriate department manager or business area. Provides input in selection of system software and hardware, with emphasis on security and compliance requirements. Implements ongoing improvements to security configurations and operating procedures.Hiring Range:$101,860 - $145,000/yearClosing Date:April 1, 2026GENERAL QUALIFICATION REQUIREMENTSRequired Experience:A minimum of seven (7) years of professional experience in information security and information technology, of which at least four (4) of those years must have been performed at a Texas state agency or public institution of higher education.Five (5) years progressively responsible experience in information security.Experience working with and applying Texas Department of Information Resources (DIR) security services and requirements in an enterprise environment.Experience working with the Texas Cybersecurity Framework, Texas Administrative Code 202 Information Security Standards, and other related security codes, documentation, standards, and best practices.Experience in developing and implementing security program functions into a risk-based security program with the ability to demonstrate in-depth knowledge of policy development, risk evaluation, and cost-benefit analysis to support security program decisions.Experience operating enterprise EDR/XDR platforms to investigate, contain, and remediate endpoint-based threats.Experience analyzing, recommending, developing, and implementing cogent enterprise-wide information security controls, policies, procedures, standards, and guidelines.Experience identifying security incidents and performing proactive threat hunting using hypothesis-driven and intelligence-led methodologies within a SIEM and other relevant tools.Experience conducting endtoend risk assessments, including identifying vulnerabilities, analyzing potential business impacts, and implementing effective risk mitigation strategies.Experience performing third-party risk security reviews and control effectiveness assessments and supporting audits and regulatory response activities.Hands-on experience auditing various cloud arch

Created: 2026-03-26