Note: To apply for a state agency job with TFC, you must complete the electronic State of Texas Uniform Application for Employment through www.WorkInTexas.com.
Performs highly advanced (senior-level) information security work providing direction and guidance in strategic operations and planning. Work involves developing security and business continuance standards and action plans; developing security architecture and policies and procedures based on business needs, risk assessments, and regulatory requirements; conducting information security risk analysis and system audits; preparing budget recommendations; and evaluating potential network, system and endpoint enhancements. Works collaboratively with staff and leads all Information Security efforts. May supervise the work of others. Works under minimal supervision, with extensive latitude for the use of initiative and independent judgment.
§ Recommends system and procedural changes to protect agency information assets and ensure confidentiality of protected information.
§ Prepares security awareness informational materials and presents security awareness seminars.
§ Assists in preparation of risk management, agency security, and system security policies, procedures, and plans.
§ Evaluates information security products and services to identify strengths, weaknesses, and potential benefits to the agency.
§ Advise and assist computer and network systems administrators, application developers, and building controls systems administrators regarding security practices and platform hardening.
§ Supports external and internal audit activities, performs related responses, analysis and security remediation.
§ Produces reports for management regarding agency security posture and risk assessments.
§ Assists in developing agency plans, standards, and guidelines to address existing and new security technology issues and trends.
§ Participates in Data Center Services activities related to data center security.
§ Monitors security policies and procedures regarding agency’s Office 365 environment.
§ Performs other duties as assigned.
§ Bachelor’s degree from an accredited college or university with major college course work in information systems, computer science, management information systems, telecommunications or related field.
§ Experienced as an CISO, ISO or ISA.
§ Six (6) years of relevant full-time work experience in information technology.
§ Education and experience may be substituted for one another on a year-for-year basis. Master’s degree from an accredited college or university may substitute for up to two (2) years of the required experience.
Registration, Certification or Licensure: At least one of the following certifications CISM, CISA, CISSP, CCSP, CRISC