OAG - Enterprise Information Security | Cybersecurity Analyst V | 26-0086

GENERAL DESCRIPTION
Are you ready to protect mission-critical systems that serve millions of Texas families? Join the IT Division at the Texas Office of the Attorney General (OAG) as a Cybersecurity Analyst V (Senior IT Security Analyst). In this role, you’ll safeguard sensitive data, lead incident response efforts, and ensure compliance with cybersecurity standards. Working in a hybrid cloud environment, you’ll collaborate across teams to assess risk, implement controls, and respond to evolving threats—helping secure systems that directly impact the lives of Texas children and families.

Why the OAG?
At the OAG, we’re not just looking for a security analyst—we’re seeking a mission-driven professional who thrives on complexity, understands the importance of regulatory compliance, and brings a proactive mindset to cybersecurity operations. If you’re passionate about protecting public sector systems and want to make a meaningful impact, this is your opportunity to do important, high-visibility work in service of Texas families.

Your Responsibilities:
•    Security Operations & Incident Response:
Ensure the safety and continuity of services for millions of Texans through leading efforts to detect, investigate, and respond to security threats impacting mission critical systems.
•    Threat Intelligence & Vulnerability Management:
Stay ahead of evolving threats by analyzing cyber intelligence, conducting proactive threat hunting, and identifying vulnerabilities. You'll play a key role in strengthening the agency’s security posture.
•    Risk & Compliance:
Support audits and assessments that uphold public trust and regulatory compliance. Your contributions help the agency meet high standards like IRS Pub 1075 and the NIST Cybersecurity Framework.
•    Security Architecture & Controls:
Collaborate with technical teams to design and validate security controls across hybrid environments. Your input helps shape secure, scalable systems that support long-term program success.
•    Policy & Awareness:
Help build a culture of security by contributing to policies, standards, and awareness efforts. Your guidance empowers teams to make informed, secure decisions every day.

The OAG is committed to delivering modern, value-driven IT services that empower the agency to serve the people of Texas more effectively. We believe that placing the right people in the right roles—and equipping them with the right tools—creates a dynamic environment where innovation thrives.

The OAG is a dynamic state agency with over 4,000 employees throughout the State of Texas.  As the State’s law firm, the OAG provides exemplary legal representation in diverse areas of law.  OAG employees enjoy excellent benefits (https://ers.texas.gov/Benefits-at-a-Glance) along with tremendous opportunities to do important work at a large, dynamic state agency making a positive difference in the lives of Texans. 

• ESSENTIAL POSITION FUNCTIONS
• Security Operations & Incident Response
• •    Monitor security alerts and logs across cloud and on-prem environments to detect and respond to potential threats.
• •    Lead incident response activities, including investigation, containment, remediation, and post-incident analysis.
• •    Coordinate with internal teams and external partners to ensure timely and effective resolution of security incidents.
• Threat Intelligence & Vulnerability Management
• •    Conduct proactive threat hunting and analyze cyber intelligence to identify emerging risks.
• •    Perform vulnerability assessments and penetration testing; track and verify remediation efforts.
• •    Maintain awareness of current threat landscapes and recommend appropriate defensive measures.
• Risk Management & Compliance
• •    Support internal and external audits, security assessments, and compliance reviews (e.g., IRS Pub 1075, NIST CSF, CJIS).
• •    Assist in risk analysis, control validation, and documentation of findings and mitigation plans.
• •    Contribute to the development and maintenance of system security plans and risk registers.
• Security Architecture & Control Implementation
• •    Collaborate with infrastructure, DevSecOps, and application teams to design and implement security controls.
• •    Validate the effectiveness of technical safeguards across AWS, Salesforce, and hybrid systems.
• •    Provide input on secure configuration baselines, access controls, and encryption standards.
• Policy, Governance & Awareness
• •    Contribute to the development, review, and enforcement of cybersecurity policies, procedures, and standards.
• •    Support security awareness and training initiatives for IT staff and business users.
• •    Participate in governance activities such as change reviews, architecture reviews, and security advisory boards.
• Interface with auditors, vendors, and regulatory bodies to support audits, assessments, and compliance initiatives, and to ensure audit readiness.
• Maintain current knowledge of cybersecurity frameworks, tools, and best practices, ensuring the agency’s security posture remains resilient and adaptive.
• Ensure the confidentiality, integrity, and availability of sensitive and protected information, and comply with all agency policies, including those related to ethics and integrity.
• Prepare and present technical reports, risk analyses, and strategic recommendations to executive leadership and stakeholders.
• Support business continuity planning, including the development and testing of contingency plans and emergency response procedures.
• Performs related work as assigned
• Maintains relevant knowledge necessary to perform essential job functions
• Attends work regularly in compliance with agreed-upon work schedule
• Ensures security and confidentiality of sensitive and/or protected information
• Complies with all agency policies and procedures, including those pertaining to ethics and integrity

Minimum Qualifications

• Education: Graduation from high school or equivalent
• Experience: 10 years of full-time experience working in the following (or closely related) fields:  Cybersecurity operations or incident response; threat intelligence or threat hunting; security architecture or secure system design; risk assessment, compliance, or IT audit; vulnerability management or penetration testing; may substitute credit hours from an accredited college or university for the required experience on a year-for-year basis.Knowledge, Skills, and Abilities•    Deep understanding of cybersecurity frameworks (e.g., NIST SP 800-53, NIST CSF, CIS Controls, CJIS)•    Strong grasp of network and systems fundamentals, and zero trust architecture•    Hands-on experience AWS and/or Azure cloud security•    Familiarity with secure SDLC practices, threat modeling, and code review•    Skilled in risk management, governance, and continuous improvement of security programs•    Excellent communication and analytical skills•    Ability to lead, mentor, and influence across cross-functional teams•    Self-directed with the ability to manage multiple priorities independently
• Ability to work in person at assigned OAG work location, perform all assigned tasks at designated OAG work space within OAG work location, and perform in-person work with coworkers (e.g., collaborating, training, mentoring) for the entirety of every work week (unless on approved leave).
• Ability to work remotely as a manager-provided option, depending on work requirements and the needs of the OAG.
• Ability to arrange for personal transportation for business-related travel
• Ability to work more than 40 hours as needed and in compliance with the FLSA
• Ability to lift and relocate 30 lbs.
• Ability to travel (including overnight travel) up to 5% 

Preferred Qualifications

• Experience advising teams on security best practices and secure architecture in a public sector or regulated environment 
• Hands-on experience with encryption, digital certificates, key management, and secure communication protocols
• Experience supporting compliance with IRS Pub 1075, CJIS, or other federal/state cybersecurity regulations
• Experience with cloud-native security tools in AWS and/or Azure (e.g., IAM, KMS, GuardDuty, Security Hub) 
• Experience supporting large-scale, mission-critical systems in government or enterprise settings
• Active CISSP certification
• One or more additional certifications such as: •    CISA, CAP, CGEIT, CIPP, NSA IAM/IEM•    GIAC (e.g., GCIH, GPEN, GCFA, GCCC, GSNA)•    PMP (Project Management Professional)

To Apply

To apply for a job with the OAG, electronic applications can be submitted through CAPPS Recruit. A State of Texas application must be completed to be considered, and paper applications are not accepted. Your application for this position may subject you to a criminal background check pursuant to the Texas Government Code. Military Crosswalk information can be accessed at  

https://hr.sao.texas.gov/Compensation/MilitaryCrosswalk/MOSC_InformationTechnology.pdf

THE OAG IS AN EQUAL OPPORTUNITY EMPLOYER