Job/Position DescriptionThis position performs highly complex (senior-level) information security and cybersecurity analysis work. Works under limited supervision, with considerable latitude for the use of initiative and independent judgment. Supports planning, implementing, and monitoring security measures for the protection of information systems and infrastructure. Work also includes protecting cybersecurity assets and delivering cybersecurity incident detection, incident response, threat assessment, cyber intelligence, software security, and vulnerability assessment services. Employs generally accepted risk analysis and risk management methodologies to administer risk management framework and assist with governance, risk, and compliance functions to determine specific needs for security policies and procedures and to evaluate the potential effectiveness and appropriateness of security solutions. Reviews new and modified regulatory requirements about information security to determine if new policies and procedures are needed and monitor related and#147;best practicesand#148; and emerging security technologies for a potential application. Participates in internal and external compliance and regulatory audits and implements recommended security enhancements. Guides agency users in adhering to the Security Policy, Guidelines and Standards, Texas Administrative Code (TAC 202), Health Insurance Portability and Accountability Act (HIPAA), and other state and federal rules and regulations. Provides information security expertise and support, in partnership with the HHS agency Information Security Officer and staff, in addressing security vulnerabilities. Consults on high visibility/high-risk IT projects and provides guidance on security and compliance matters. Essential Job FunctionsAttends work on a regular and predictable schedule in accordance with agency leave policy and performs other duties as assigned.1.Supports development of Information Security, Policies, Procedures, and controls coordinating and communicating with the HHSC CISO Office in a collaborative manner2.Provides security and risk management services by performing risk identification, assessment, remediation, and regulatory and internal compliance monitoring using standards and processes to adequately protect HHS personnel, facilities, infrastructure, information, and business operations. Plan, create, and implement security program documentation.3.Participates in or facilitates security projects and tasks.4.Performs security tests and threat assessments in support of the Information Security Program.5.Coordinates all security activities with HHS Information Security.Registrations, Licensure Requirements or CertificationsOne or more of the following is preferred:Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC), Certified Information Security Manager (CISM, Information Systems Audit and Control Association. (ISACA), CompTIA Security +. Knowledge Skills AbilitiesKnowledge of risk assessment methodologies and processes. Knowledge of network technologies to include wireless and mobile platforms. Knowledge of incident response concepts and processes. Knowledge of Secure-System Development Lifecycle (S-SDLC) methodologies and processes. Knowledge of compliance requirements including HIPAA/HITECH, PCI, SOX, 1 TAC 202, MARS-E, Texas Business and Commerce Code, and Texas Health and Safety Code. Knowledge of security and risk frameworks i https://jobshrportal.hhsc.state.tx.us/ENG/CareerPortal/job_profile.cfm?szOrderID=590831 Copy the URL in the preceding sentence to an Internet Explorer browser to apply to the job directly through the Texas Health and Human Services Career Portal.