Overview
On Site
Hourly
Contract - W2
Skills
Information Security
FOCUS
Data Security
Risk Management
Security Engineering
Mainframe
Collaboration
Security Controls
Cloud Computing
Identity Management
Encryption
NIST 800-53
TAC
Risk Analysis
DLP
API
Technical Writing
Incident Management
Tier 2
Change Control
Security Architecture
Cyber Security
Risk Assessment
Security Analysis
Vulnerability Scanning
Penetration Testing
SPL
Dashboard
Reporting
Onboarding
Splunk
IT Infrastructure
SIEM
System On A Chip
Workflow
Hardening
Security Operations
Amazon Web Services
Microsoft Azure
Cloud Security
IT Governance
Regulatory Compliance
SAP GRC
Privacy
JIRA
ServiceNow
Auditing
Exceed
Writing
Performance Management
Project Management
Preventive Maintenance
Management
Authorization
DICE
Job Details
City : Austin
State : Texas
DESCRIPTION OF SERVICES:
Neos requires the services of (01) Security Analyst 2, hereafter referred to as Candidate, who meets the general qualifications of Security Analyst 2
Our Customer's IT Enterprise Information Security division is seeking a technically proficient Security Analyst 2 to support the Security Engineering Management Team. The selected candidate will focus on implementing, configuring, and maintaining security tools and services across OAG's enterprise infrastructure. This includes conducting hands-on deployment of security technologies (e.g., CASB, endpoint detection, SIEM, DLP), integrating security controls into IT systems, and troubleshooting complex security issues across heterogeneous environments.
The Security Analyst 2 will collaborate with system administrators, developers, and project managers to ensure that security configurations align with organizational policies and compliance frameworks (e.g., CJIS, TAC 202, NIST 800-53). The role will also support secure transitions for major IT projects, including modernization efforts and the phased decommissioning of the customers legacy mainframe system, to ensure appropriate data protection and risk mitigation throughout the system's lifecycle.
Responsibilities may include, but are not limited to:
Review proposed system changes, technology upgrades, and application deployments to evaluate and enforce secure design principles and change control processes.
The above job description and requirements are general and may be subject to change based on the specific needs and requirements of the organization and project.
CANDIDATE SKILLS AND QUALIFICATIONS:
Minimum Requirements:
Years
Skills/Experience
3-6
Proven experience in information security architecture, enterprise cybersecurity operations, regulatory compliance, cloud security compliance, and formal risk assessments.
2-5
Strong background in Endpoint Detection & Response (EDR) platforms, including deployment, tuning, and threat investigation.
3-5
Proficiency in security assessment techniques, including vulnerability scanning, penetration testing, and remediation planning.
3-7
In-depth knowledge of cloud security principles and experience securing workloads in AWS and Microsoft Azure environments.
5-10
Expert-level proficiency in designing, engineering, and optimizing Splunk-based security solutions, including advanced SPL query development, dashboard/report creation, alerting, and reusable knowledge objects; onboarding and normalizing diverse data sources through field extractions, event types, tags, and custom source types; configuring Splunk for correlation searches, notable event frameworks, and risk-based alerting; integrating with enterprise security tools and IT infrastructure; and performing SIEM tuning, threat detection engineering, SOC workflow integration, and the development of security policies, hardening procedures, and baseline configurations to ensure consistent, compliant, and effective security operations.
Preferred Requirements:
Years
Skills/Experience
N/A
Experience in AWS and Azure cloud security and IT governance, risk, and compliance (GRC) advisory services, including control frameworks, ISPRB/IRM, data classification, policy violation management, security exception handling, sensitive data handling (SDHA), data privacy and governance, Purview data classification, JIRA/ServiceNow, and internal/external audit support.
TERM OF SERVICE:
Services are expected to start 9/03/2025 and are expected to complete by 8/31/2026. Total estimated hours per Candidate shall not exceed 1970 hours. This service may be amended, renewed, and/or extended providing both parties agree to do so in writing.
WORK HOURS AND LOCATION:
Normal business hours are Monday through Friday from 8:00 AM to 5:00 PM, excluding State holidays when the agency is closed.
The primary work location(s) will be Austin, TX 78741. Teleworking is currently allowed for this contract position with management approval.
Any and all travel, per diem, parking, and/or living expenses shall be at the Candidate's and/or Vendor's expense. The Customer will provide pre-approved, written authorization for travel for any services to be performed away from the primary work location(s). Pre-approved travel expenses are limited to the rates and comply with the rules prescribed by the State of Texas for travel by its classified employees, including any requirement for original receipts.
The Candidate(s) may be required to work outside the normal business hours on weekends, evenings and holidays, as requested. Payment for work over 40 hours will be at the hourly rate quoted and must be coordinated and pre-approved through the customer.
#DICE
State : Texas
DESCRIPTION OF SERVICES:
Neos requires the services of (01) Security Analyst 2, hereafter referred to as Candidate, who meets the general qualifications of Security Analyst 2
Our Customer's IT Enterprise Information Security division is seeking a technically proficient Security Analyst 2 to support the Security Engineering Management Team. The selected candidate will focus on implementing, configuring, and maintaining security tools and services across OAG's enterprise infrastructure. This includes conducting hands-on deployment of security technologies (e.g., CASB, endpoint detection, SIEM, DLP), integrating security controls into IT systems, and troubleshooting complex security issues across heterogeneous environments.
The Security Analyst 2 will collaborate with system administrators, developers, and project managers to ensure that security configurations align with organizational policies and compliance frameworks (e.g., CJIS, TAC 202, NIST 800-53). The role will also support secure transitions for major IT projects, including modernization efforts and the phased decommissioning of the customers legacy mainframe system, to ensure appropriate data protection and risk mitigation throughout the system's lifecycle.
Responsibilities may include, but are not limited to:
- Provide ongoing security engineering support and operationalassurance for the Children Are My Priority (ChAMP) platform, now serving as the primary case management system following the successful retirement of the agency's legacy mainframe.
- Collaborate with cross-functional IT teams to maintain and optimize security controls in ChAMP's cloud-native architecture, including identity management, data encryption, role-based access, and audit logging.
- Partner with the Security Architecture Management Team to analyze, design, implement, and continuously improve technical safeguards, ensuring alignment with the Office of the Attorney General's (OAG) cybersecurity policies and industry-standard frameworks (e.g., NIST 800-53, CJIS, TAC 202).
- Conduct vulnerability assessments, penetration tests, and risk analyses to proactively identify system weaknesses and validate control effectiveness across ChAMP and related services.
- Engineer and maintain configurations for security tools and platforms, including but not limited to SIEM, EDR, CASB, DLP, and secure API gateways.
- Develop, update, and enforce security standards, technical documentation, and system hardening guides to ensure consistent implementation across all infrastructure and application tiers.
- Participate in security incident response activities, providing tier-2/3 analysis, recommendations, containment support, and lessons-learned reporting.
Review proposed system changes, technology upgrades, and application deployments to evaluate and enforce secure design principles and change control processes.
The above job description and requirements are general and may be subject to change based on the specific needs and requirements of the organization and project.
CANDIDATE SKILLS AND QUALIFICATIONS:
Minimum Requirements:
Years
Skills/Experience
3-6
Proven experience in information security architecture, enterprise cybersecurity operations, regulatory compliance, cloud security compliance, and formal risk assessments.
2-5
Strong background in Endpoint Detection & Response (EDR) platforms, including deployment, tuning, and threat investigation.
3-5
Proficiency in security assessment techniques, including vulnerability scanning, penetration testing, and remediation planning.
3-7
In-depth knowledge of cloud security principles and experience securing workloads in AWS and Microsoft Azure environments.
5-10
Expert-level proficiency in designing, engineering, and optimizing Splunk-based security solutions, including advanced SPL query development, dashboard/report creation, alerting, and reusable knowledge objects; onboarding and normalizing diverse data sources through field extractions, event types, tags, and custom source types; configuring Splunk for correlation searches, notable event frameworks, and risk-based alerting; integrating with enterprise security tools and IT infrastructure; and performing SIEM tuning, threat detection engineering, SOC workflow integration, and the development of security policies, hardening procedures, and baseline configurations to ensure consistent, compliant, and effective security operations.
Preferred Requirements:
Years
Skills/Experience
N/A
Experience in AWS and Azure cloud security and IT governance, risk, and compliance (GRC) advisory services, including control frameworks, ISPRB/IRM, data classification, policy violation management, security exception handling, sensitive data handling (SDHA), data privacy and governance, Purview data classification, JIRA/ServiceNow, and internal/external audit support.
TERM OF SERVICE:
Services are expected to start 9/03/2025 and are expected to complete by 8/31/2026. Total estimated hours per Candidate shall not exceed 1970 hours. This service may be amended, renewed, and/or extended providing both parties agree to do so in writing.
WORK HOURS AND LOCATION:
Normal business hours are Monday through Friday from 8:00 AM to 5:00 PM, excluding State holidays when the agency is closed.
The primary work location(s) will be Austin, TX 78741. Teleworking is currently allowed for this contract position with management approval.
Any and all travel, per diem, parking, and/or living expenses shall be at the Candidate's and/or Vendor's expense. The Customer will provide pre-approved, written authorization for travel for any services to be performed away from the primary work location(s). Pre-approved travel expenses are limited to the rates and comply with the rules prescribed by the State of Texas for travel by its classified employees, including any requirement for original receipts.
The Candidate(s) may be required to work outside the normal business hours on weekends, evenings and holidays, as requested. Payment for work over 40 hours will be at the hourly rate quoted and must be coordinated and pre-approved through the customer.
#DICE
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.