Cybersecurity Analyst III (IAM Analyst/DIR Texas.gov Information Security Officer)

Organization: DEPARTMENT OF INFORMATION RESOURCES

Work Locations: Austin Data Center 9500 Metric Boulevard Austin 78758

Standard Hours Per Week: 40.00

Job Posting:

00056950

Opened:

3/16/2026

Closes:

3/31/2026

Position Title:

Cybersecurity Analyst III

(Identity and Access Management Analyst/DIR Texas.gov Information Security Officer)

Class/Group:

0321/B27

Military Occupation Specialty Code:

Army: 17C, 25D; Navy: IT; Coast Guard: CYB10, CYB11, CYB12; Marine Corps: 0681, 0605; Air Force: 1D7X1, 1N4X1, Space Force: 5C0X1D, 5C0X1N, 5C0X1S

Fair Labor Standards Act Status:

Exempt

Number of Vacancies:

1

Division/Section:

COO/Shared Technology Services Security

Salary Range:

$8,333.34 – $10,000.00/month

Duration:

Regular

Hours Worked Weekly:

40

Travel:

Occasional

Work Location:

North / Austin, Texas 78758

Web site:

https://dir.texas.gov/

Refer Inquiries to:

People and Culture Office

Telephone:

(512) 475-4957

How To Apply:

• Select the link below to search for this position: https://capps.taleo.net/careersection/313/jobsearch.ftl?lang=en

• Enter the job posting number “00056950” in the keyword search.

• You must create a CAPPS Career Section candidate profile or be logged in to apply.

• Update your profile and apply for the job by navigating through the pages and steps.

• Once ready, select “Submit” on the “Review and Submit” page.

• If you have problems accessing the CAPPS Career Section, please follow the instructions in the Resetting CAPPS Password for Job Candidate desk aid.

Special Instructions:

• Applicants must provide in-depth information in the EXPERIENCE & CREDENTIALS section to demonstrate how they meet the position qualifications. Incomplete applications may result in disqualification.

• Resumes may be uploaded as an attachment but are not accepted in lieu of the information required in the EXPERIENCE & CREDENTIALS section of the application.

Interview Place/Time:

Candidates will be notified for appointments as determined by the selection committee.

Selective Service Registration:

Section 651.005 of the Government Code requires males, ages 18 through 25 years, to provide proof of their Selective Service registration or proof of their exemption from the requirement as a condition of state employment.

H-1B Visa Sponsorship:

We are unable to sponsor or take over sponsorship of an employment Visa at this time.

Equal Opportunity Employer

The Department of Information Resources does not exclude anyone from consideration for recruitment, selection, appointment, training, promotion, retention, or any other personnel action, or deny any benefits or participation in programs or activities, which it sponsors on the grounds of race, color, national origin, sex, religion, age, or disability. Please call 512-475-4922 to request reasonable accommodation.

Position DescriptionWhat We Do

We are a technology agency powered by people.

DIR offers secure, modern, and cost-effective technology to help government entities in Texas serve their constituents.

DIR is a fast-paced and collaborative environment with highly motivated, innovative, and engaged employees dedicated to achieving the best value for the state. We have over 325 professionals working at DIR who are honored to serve as the cornerstone of public sector technology in Texas. By joining DIR, you will be an integral part of transforming how Texas government serves Texans.

Position Summary

This Cybersecurity Analyst III (Identity and Access Management Analyst/DIR Texas.gov Information Security Officer) role supports DIR’s statewide security program and Shared Technology Services (STS) program by providing identity and access management (IAM) strategy, governance, and security guidance. The position partners with state agencies, DIR teams, and vendor service providers to advance how Texas government entities protect identity, access, and authentication through consistent standards, risk-based decision-making, and practical implementation guidance.

This role performs highly complex (senior-level) cybersecurity analysis work including work planning, implementing, and monitoring security program elements and shared services that support agencies, institutions of higher education, and other eligible governmental entities across Texas. The role frequently engages executives, technical leaders, and vendor partners to deliver guidance, standards, and implementation support aligned to DIR requirements and the statewide security program. The position works under limited supervision with considerable latitude for initiative and independent judgment and may provide guidance to others. This role also serves as the DIR accountable Information Security Officer (ISO) for Texas.gov, providing governance and risk accountability while coordinating with the Texas.gov vendor, who performs day-to-day technical security implementation and operational execution under DIR oversight.

• Provides IAM strategy, governance, and security guidance across STS and statewide stakeholders, including standards for authentication, access management, and identity data protection.
• Supports identity security initiatives and modern authentication methods by defining requirements, success measures, and adoption guidance, and coordinating implementation with service providers and stakeholders.
• Serves as a visible leader in statewide cybersecurity governance and shared services efforts, building alignment across agencies and stakeholders through communications, advisory groups, and working sessions.
• Evaluates customer security requirements and risks and provide recommendations that support customer security programs, including executive communications and stakeholder engagement.
• Serves as the DIR accountable ISO for Texas.gov, responsible for security governance, risk acceptance/exception decisions, and executive communications, and coordinate with the Texas.gov vendor technical security leadership responsible for operational implementation and execution.
• Establishes and maintain governance mechanisms for Texas.gov security and related services (risk register, exception workflow, reporting cadence, escalation paths, and control ownership clarity), and coordinate vendor service delivery expectations and program artifacts (service documentation, requirements, operating procedures).
• Analyzes the potential statewide impact of security and privacy policy, legislation, and standards, translate business and operational requirements into practical security solutions and governance workflows (GRC/automation), research emerging IAM technologies and develop business cases, collaborate with the COO team on continuous improvement, and participate in an on-call rotation for incident escalation support and oversight.
• Performs other work-related duties as assigned.

Education

• Graduation from an accredited four-year college or university with major coursework in information technology security, computer information systems, computer science, management information systems, or a related field.
• Additional work-related experience may be substituted for education on a year-for-year basis (High-school diploma required).

Experience and Training Required

• Five (5) years of progressively responsible experience in the IT industry.
• Five (5) years of progressively responsible experience in information technology security or project management work.
• Two (2) years of program or project management development and implementation.
• Certifications: If not already certified, must obtain within one year of employment a Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Security Professional (CISSP), GIAC Security Essentials Certification (GSEC), or similar certification.

Experience and Training Preferred

• Project/program management experience in an information technology environment.
• Experience analyzing, recommending, developing, and implementing enterprise-wide policies, standards, and guidelines.
• Experience working with state or federal IT regulatory issues and processes.
• Experience in researching and documenting findings on information technology issues, processes or programs.
• Experience with identity security initiatives (MFA rollouts, SSO/federation, access governance, privileged access management) in a complex enterprise or multi-tenant environment.

Knowledge, Skills, and Abilities

• Knowledge of applied security concepts, such as the principle of least privilege, multi-factor authentication, and identity and access management.
• Broad understanding of identity management, access management, access governance, and privileged access management capabilities and methodologies.
• Knowledge of generally accepted IT standards and practices and IT management practices.
• Knowledge of the security limitations and capabilities of computer systems and of information security practices, procedures, and regulations.
• Knowledge of security architecture and security program requirements.
• Knowledge of relevant DIR IT Security Services and regulations including Texas Government Code Chapter 2059, Texas Administrative Code §202, and related security documentation, standards, and best practices.
• Knowledge of ITIL processes and standards.
• Knowledge of standard concepts, practices, and procedures for computer operations and data center operations.
• Demonstrated documentation and stakeholder communication skills, including the ability to produce clear, defensible guidance and decision support for leadership.
• Skill in the use of applicable software and in the configuring, deploying, monitoring, and automating of security applications and infrastructure.
• Ability to resolve complex security issues in diverse and decentralized environments; to plan, develop, monitor, and maintain cybersecurity and information technology security processes and controls; and to communicate effectively.
• Ability to communicate effectively using interpersonal skills and appropriate supporting technology.
• Ability to promote and support the mission, goals, and efforts of DIR and the statewide security program.
• Ability to learn and adapt quickly in a dynamic environment.
• Ability to manage programs and projects to resolve complex issues in diverse and decentralized environments.
• Ability to assist executives, through discussion and facilitation, in evaluating security architecture, policy choices, and risk tradeoffs.
• Ability to establish and maintain effective and cordial working relationships at all organizational levels, including agency management, direct supervisors, co-workers, internal and external customers.
• Ability to understand, follow and convey brief oral and/or written instructions.
• Ability to communicate both verbally and in writing, in a clear and concise manner.
• Ability to work independently and as part of a team, and to support and contribute to a cohesive team environment.
• Ability to work under pressure and exacting schedules to complete assigned tasks.
• Ability to work a flexible schedule to meet required deadlines.
• Ability to comply with all agency policy and applicable laws.
• Ability to comply with all applicable safety rules, regulations, and standards.
• Ability to maintain the security and integrity of any critical infrastructure researched, worked on, or accessed for work purposes.

Computer Skills

• Proficiency in using approved productivity and collaboration tools (Microsoft Office preferred) and authorized AI/LLM tools in accordance with DIR policies to support research, drafting, summarization, and workflow efficiency while protecting sensitive information.

Other Requirements

• Regular and punctual attendance at the workplace.
• Criminal background check.

Working Conditions

• Frequent use of computers, copiers, printers, and telephones.
• Frequent standing, walking, sitting, listening, and talking.
• Frequent work under stress, as a team member, and in direct contact with others.
• Occasional bending, stooping, lifting, and climbing.
• May occasionally work extended hours.