Apply on Employer Site

Texas Education Agency · 1 month ago

Cybersecurity Operations Engineer (Cybersecurity Analyst II)

Austin, TX

Full-time

Onsite

Entry, Mid Level

$5,797.67/mo - $7,333.81/mo

2+ years exp

The Texas Education Agency (TEA) is focused on improving outcomes for public-school students in Texas. The Cybersecurity Operations Engineer will assist in implementing an Information Security Program to protect sensitive information and work closely with the Cybersecurity Operations Team Lead to enhance TEA’s cybersecurity maturity.

Education

Responsibilities

Working with the Cybersecurity Operations Team Lead to improve TEA’s cybersecurity maturity, following the Texas Cybersecurity Framework

Following Incident Response processes to ensure swift and proper response to cyber incidents

Administering security controls to prevent malware delivery, execution, and extent of cyber incidents

Implement, maintain, tune, and manage various cybersecurity tools with a primary focus on our SOAR/SIEM tools, included but not limited to; collecting and normalizing data via log collector or APIs, managing the log forwarder server(s), creating alert and detection rules, configuring RBAC, creating relevant dashboards, visuals, and reports based on stakeholder requirements, documenting functionality and implementation. Manage and monitor EDR platform

Provide cybersecurity consultation for TEA projects that align with TEA’s Information Security Program; may provide guidance on projects to assess security requirements and controls and to ensure that security controls are implemented as planned. Analyze information from various sources (especially the SIEM/SOAR/EDR to better inform detection and reporting) to help inform improving monitoring and detect emerging threats (in the SIEM/SOAR tool). May be required to put analysis in writing (report form)

Resolve security issues in a diverse and decentralized environments; communicate effectively; detect, investigate, remediate, and recover from cybersecurity threats across TEA; report to Cybersecurity Operations Team Lead or designated Incident Response Lead, concerning residual risk, vulnerabilities, and other security exposures, including misuse of information assets and noncompliance. Document incidents as required

Assist in advising management and users regarding security policy, procedures, and security best practices; especially as it relates to maximizing the utility of our SIEM/SOAR solution

Qualification

SIEM/SOAR managementPythonIncident ResponseCrowdStrikeSplunkCybersecurity consultationSecurity policy advisingCustomer experienceOrganizational skills

Required

Graduation from an accredited four-year college or university

Degree field(s): Cybersecurity, information technology security, computer engineering, computer information systems, computer science, management information systems, or a related field

At least two (2) years of experience in an enterprise environment, doing all of the following: managing and configuring an enterprise grade SIEM/SOAR solution, using Python or PowerShell to collect data from APIs, normalize that data, and sending that data to a SIEM/SOAR platform, creating alerts, dashboards, and reports (especially around cybersecurity metrics) in a SIEM solution, validating and deploying security controls/solutions in a safe and approved manner, and responding (as needed) to alerts/events generated by security tools. The two (2) years of minimum experience must be recent (within the last year), paid, professional experience, in a moderate to large enterprise environment

Preferred

Experience administrating, configuring, and using CrowdStrike Next Gen SIEM and/or Splunk

Understanding of modern threat actor techniques, tactics, and procedures (TTPs)

Knowledge and experience with FERPA

Collaborative team player with a proactive approach to projects, adaptable to acquiring new skills and responsibilities

Skill in translating business imperatives and risk tolerances into effective security solutions, adhering to change control processes, documenting findings clearly, and managing expectations with professionalism

Strong organizational skills with the ability to effectively manage multiple priorities while fostering collaboration and teamwork

Demonstrated excellence in customer experience and relationship building, with the ability to communicate professionally across all organizational levels and business units