Security Analyst II

Security Analyst II College Station, TX Job Details Full-time 2 days ago Qualifications Safe work practices DevSecOps Practices Azure Security analysis Cloud security engineering Automation Kubernetes Procedural guides Technical documentation ISO standards Infrastructure as Code (IaC) DevOps IT system monitoring Regulatory compliance Compliance audits & assessments HIPAA Project timeline management Google Cloud Platform Family Educational Rights and Privacy Act (FERPA) Mid-level 3 years Bash Information security compliance Technical solutions implementation AWS Analysis skills Policy & process development Incident response Bachelor's degree IT security architecture System risk assessment (security system operation) NIST standards Continuous integration Incident Investigation Vulnerability scanning Organizational skills Technical writing Vulnerability management Security System Administration (security operations) Integration testing Cloud monitoring Information security auditing Communication skills Python PowerShell Project scheduling IT security monitoring Full Job Description Job Title Security Analyst II Agency Texas A&M University Department Technology Services - IT Security & Risk Proposed Minimum Salary $6,666.67 monthly Job Location College Station, Texas Job Type Staff Job Description A Glimpse of the Job In this role, you'll be responsible for securing our multi-cloud infrastructure across AWS, Azure, GCP, and Kubernetes environments. Your typical day will involve monitoring security platforms for alerts, investigating cloud misconfigurations and potential security incidents, and working directly with engineering teams to remediate vulnerabilities. You'll analyze cloud-native threats and translate compliance frameworks like CIS and NIST into practical security baselines tailored to our specific risk profile. A significant part of your role is helping dev and ops teams catch security issues before they reach production. You'll implement and manage security scanning tools that integrate into development workflows and CI/CD pipelines, so developers can identify and fix problems early in the development lifecycle. You'll automate security checks, build infrastructure-as-code security standards, and develop detection rules for risky configurations. This position requires someone comfortable with both hands-on technical work and collaborative problem-solving, as you'll work closely with engineers across the organization to balance security requirements with operational needs.

Essential Duties and Tasks:

Security Analysis Enforces, audits, and consults on the appropriate application of security policies and procedures. Administers and monitors data security on various platforms, conducts audits, reviews security violation reports, and investigates security exceptions. Conducts and reports on internal investigations of possible security violations. Reviews the accuracy of documentation and logs of information security incidents, responses, plans, methods, and procedures. Develops risk analysis scenarios and response procedures. Solutions Engineering Develops and manages data, system, and network security architecture. Implements new technology deployments and integration testing. Evaluates security products, services, and procedures to enhance productivity and effectiveness. Assists project leaders with developing work plans and time schedules for projects including outlining phases and identifying personnel and computing equipment requirements. Strategic Collaboration & Partnerships Collaborates with enterprise stakeholders to coordinate the development of specifications within service-based solutions. Serves as a resource for other teams or organizations. Advises technical staff, policy administrators, and clients on the integrity of security procedures, systems, and policies in the design of systems and facilities. Documentation Develops standard operating procedures. Coordinates documentation provided to partner support teams, customers, stakeholders, and vendors. Create and maintain documentation for technologies, including installation, configuration, and appropriate troubleshooting steps. Professional Development Participates in training, professional development sessions, and continual and ongoing training and exploration into new technologies. What you need to know

Salary:

$80,000 annually

Special Instructions:

A cover letter and resume are strongly recommended. You may upload these in the CV/Resume section.

Required Education and Experience:

Bachelor's degree or equivalent combination of education and experience. Three years of security analysis or development experience.

Knowledge, Skills, and Abilities:

Ability to multitask and work cooperatively with others. Ability to analyze and solve complex problems. Excellent written communication, interpersonal, and organizational skills.

Preferred Qualifications:

Knowledge of security best practices and ability to conduct risk assessments, audits, and tests. Knowledge of security tools like SIEMs, firewalls, vulnerability scanners, and intrusion detection systems. Ability to identify security incidents, anomalies, and vulnerabilities. Understanding of frameworks like

ISO 27001, NIST CSF, NIST

800-53 and 800-171, CIS controls, etc. Familiarity with regulatory frameworks such as

HIPAA, FERPA, GLBA, TAC 202, TGC

2054, etc. Scripting experience of some kind (Python, Bash, Powershell, etc.). The ideal candidate will have a blend of hands-on technical expertise, knowledge of security frameworks and policies, and analytical thinking. Soft skills like communication, collaboration, and the ability to translate technical details for non-technical audiences are also key for this role.

Other Requirements and Factors:

Ability to maintain the security and integrity of critical infrastructure, which may include communications systems, computer networks and systems, cybersecurity systems, electrical grid, hazardous waste treatment system or water treatment system Hiring restrictions in compliance with System Policy 15.02

Export Controls:

Must be a United States citizen, permanent resident, or a person granted asylum or refugee status in accordance with 15 CFR, Part 762; 22 CFR §§122.5, 123.22 and 123.26; and 31 CFR § 501.601 This role may require working outside of standard office hours, including evenings, weekends, and holidays, to support the demands of technology services and ensure the seamless operation of essential systems. This position is security sensitive. This position requires compliance with state and federal laws/codes and Texas A&M University System/TAMU policies, regulations, rules and procedures. All tasks and job responsibilities must be performed safely without injury to self or others in compliance with System and University safety requirements (If applicable) This position allows alternate work location per TAMU guidelines Instructions to

Applicants:

Applications received by Texas A&M University must either have all job application data entered or a resume attached. Failure to provide all job application data or a complete resume could result in an invalid submission and a rejected application. We encourage all applicants to upload a resume or use a LinkedIn profile to pre-populate the online application. All positions are security-sensitive. Applicants are subject to a criminal history investigation, and employment is contingent upon the institution's verification of credentials and/or other information required by the institution's procedures, including the completion of the criminal history check. Equal Opportunity/Veterans/Disability Employer.