Cybersecurity Engineer

Houston, TX, United States

This position is fully grant-funded with a grant end date of August 31, 2024.

Classification: Administrative/Professional

Exemption Status: Exempt

Job Grade: 5

Department: Texas Education Exchange

Reports To: Director

Job Goal:

Responsible for safeguarding the computer networks, cloud systems, and data environments for the Texas Education Exchange's customers across the state. Responsibility includes developing and implementing security measures to monitor and protect sensitive data and systems from infiltration and cyber-attacks and successfully obtaining and retaining Texas Risk and Authorization Management Program (TX-RAMP) certification. The position is also responsible for ensuring that information security policies and procedures for the Texas Education Exchange are enforced and comply with federal and state laws, regulations, and standard industry best practices.

Qualifications:

Education

Bachelor's degree from an accredited college/university, or equivalent practical work experience

Experience

Three years of experience with security engineering and architecture

Experience developing and documenting information security and service continuity policies and procedures

Knowledge of TEA and House and Senate Bill cybersecurity requirements

Knowledge of Cybersecurity best practices

Strong working knowledge and experience within the cybersecurity domain, including cyber defense, threat and vulnerability management, advanced security analytics, data security, identity management, security operations, and managed security services

Experience in network security (VPN, SIEM, URL Filtering, and web content filtering)

Experience with the secure deployment of workloads into public cloud services (AWS, Azure, Google)

Implementation of TLE, CIS, and NIST security frameworks, including creating and managing policies and rulesets

Special Knowledge and Skills Strong working knowledge of network firewalls and web application firewalls

Knowledge of cybersecurity and security technology, including firewall, endpoint protection, backup, archiving, and reporting tools

Expertise in developing solutions based on threat assessments

Proven analytical, problem-solving, and troubleshooting skills

Ability to fully manage a security project independently and develop solution proposals

Extensive Microsoft and Linux operating system knowledge

Knowledge of routing protocols (OSPF, BGP, IGRP/EIGRP)

Excellent organizational, communication, and interpersonal skills

Outstanding team player, able to operate efficiently in cross-functional and cross-departmental roles

Strong written and verbal communication skills and the ability to build and maintain effective working relationships with those encountered in the course of employment

Preferred Qualifications Bachelor's Degree from an accredited college/university in the field of Computer Science, Telecommunications, or Management

Experience with Computer Forensics, investigating and analyzing how and why a breach or other compromise occurred

Experience with Information Security Risk Management processes and methodologies

GIAC, CISM, and/or CISSP certifications

Major Responsibilities : Maintain necessary documentation to support security strategy by outlining the requirements and benefits of specific security tools and/or solutions.

Maintain and update security documentation, including diagrams, security standards, and disaster recovery manuals.

Provide expertise, guidance, recommendations, and documented security configurations for implementing security tools and processes.

Supervise and evaluate internal and external cybersecurity programs, including the guidance of staff in other departments to meet cybersecurity requirements.

Use penetration and vulnerability analysis of various products and applications, and provide professionally written reports, including deep technical analysis and high-level non-technical overview.

Monitor system log information for evidence of compromise; respond to and report security incidents.

Develop and implement cybersecurity processes and procedures to ensure cybersecurity threats are mitigated.

Develop and report on information security metrics and key security, risk, and compliance indicators.

Serve as the Subject Matter Expert (SME) for security-related issues and initiatives and lead the Exchange Cybersecurity Taskforce.

Administer ongoing information security education and awareness programs.

Develop and provide cybersecurity and related training.

Participate in and actively collaborate with key internal and external stakeholders, industry groups and law enforcement to understand threats and leading practices.

Provide documentation and reporting as specified by any applicable state grant that funds this position.

Other duties as assigned.

Supervision/Personnel Management:

None

Physical Demands/Environmental Factors/ Mental Demands:

Frequent use of standard office equipment; prolonged sitting; occasional bending/stooping, pushing/pulling, and twisting; repetitive hand motions (keyboarding and use of a mouse); occasional lifting and carrying (up to 15 pounds); may work prolonged and irregular hours; work with frequent interruptions; maintain emotional control under pressure.