Senior Information Security Architect

TxDOT is seeking a seasoned leader to support the Information Security Risk Management function. The selected candidate will work directly with the Information Security Officer in leading teams, developing processes, and supervising the work of over thirty personnel. These teams implement and perform Information System inventories, Security Categorizations, secure baseline monitoring, third party evaluation of procurements, security assessments, and risk tracking functions for over 600 information systems. He or she must be knowledgeable in NIST RMF, Texas Cybersecurity Framework, and familiar with network architectures and technical security capabilities. While the role doesn't require managing or configuring technical tools, knowing how networks function and how security tools work is a required competency. The ideal candidate, in addition to the above, has more than five years as a manager or ISO in a medium to large organization, is a clear communicator in both written and spoken English, and has experience building and documenting team processes and standards

At TxDOT, we value work-life balance and are committed to providing our employees with a comprehensive range of benefits and programs, including:

• Retirement Plans
• Alternative and/or Flexible Work Schedules
• Paid Leave and Holidays
• Health Premiums paid at 100% for Full-Time Employees
• On-the-Job Training
• Tuition Assistance Program
• Holistic Wellness Program with Leave Incentives
• Career Development and Advancement Opportunities
• Family-Friendly Policies and Programs

In 2024, TxDOT was recognized as a Best Place for Working Parents, and many of our offices statewide are also designated as Texas Mother-Friendly Worksites. These recognitions reflect our dedication to supporting families and promoting a healthy work-life balance.

For a complete list of our total compensation package please visit our website at: Total Compensation Package

To view benefits available to all State of Texas employees visit: Benefits at a Glance | ERS (texas.gov)

Performs highly advanced information security analysis work. Work involves defining information security standards and ensuring compliance across solutions, managing integration of services across departments and technologies and maintaining agency wide information security risk management program. Position is responsible for planning, implementing and monitoring security measures using the NIST Risk management framework and Texas security frameworks for information systems and department infrastructure. Reports to the Information Security Officer. Work requires contact with governmental officials and private entities. Employees at this level are expected to independently perform the most complex information security work and advise management and users regarding information security. Issues are rarely referred to the supervisor but are handled at the occurrence.

Essential Duties:

• Develops and/or coordinates the development of agency policies for encryption of data transmissions and the erection of firewalls to conceal information as it is being transmitted and to eliminate tainted digital transfers.
• Develops information technology disaster recovery and business continuity planning.
• Develops and maintains the Information Security risk management program.
• Architects solutions across multiple hardware/software computing environments and system components.
• Coordinates the implementation of computer security plans with agency personnel and outside vendors.
• Advises management and users regarding security procedures.
• Performs and reviews technical risk assessments and reviews of new and existing applications and systems, including data center physical security and environment.
• Researches, evaluates and recommends systems and procedures for the prevention, detection, containment, and correction of data security breaches.
• Develops and manages the Information Security Roadmap.
• Ensures appropriate information security standards and procedures are defined. Manages the development of centers of excellence around key technologies.
• Ensures agile best practices are adhered to in the adoption of new technologies.
• Ensures the delivery process and information security strategies are coherent and optimized.
• Maintains an ongoing partnership with the business and vendor partners to apply in-depth knowledge of the business operations, strategies, priorities and information security requirements to establish the technical direction and an enterprise view.
• Manages multi-project management accountabilities in developing and architecting solutions in a collaborative environment.
• May serve as a lead worker or project leader.
• May serve as interim Section Director in their absence.
• Oversees and participates in the development of enterprise level strategies and technical information security direction, including establishing processes and procedures for retiring applications that are no longer within the technology road map
• Oversees and participates in the development of enterprise-wide architectural vision to appropriately align information security to strategic business needs and goals.
• Oversees and participates in the development of the system, technical, and application architectures, and in some instances the business systems/process architecture for major areas of development
• Oversees the design and delivery of proofs-of-concept for new or improved enterprise-wide technologies that are used across multiple areas of the business.
• Participates in the recruitment, training and development of professional and technical staff to support and improve services and products in area of responsibility.
• Plans and implements process re-engineering or process improvement.
• Provides strategic advice regarding information security to the agency.
• Researches, evaluates and selects from existing and emerging technologies the options best fitting business and IT strategic needs.
• Develops and implements continuous automated security compliance capabilities.
• Trains users and promotes security awareness to ensure system security and improve application, server, and network efficiency.
• Performs other job responsibilities as assigned.

Minimum Qualifications:

Education: Bachelor's Degree in e in Computer Science, Information Systems, MIS or related discipline. Relevant work experience may be substituted for degree on a year per year basis. Substitutions for Minimum Qualifications

Experience: 6 years of experience in information security analysis work. (Experience can be satisfied by full time or prorated part time equivalent). Related graduate level education may be substituted for experience on a year per year basis.

Licenses and Certifications: Valid driver's license. This position requires driving a state vehicle.

Competencies:

Extensive knowledge of:

• Common information security management frameworks such as the NIST Risk Management Framework, NIST Cybersecurity Framework, and Texas Information Security Standards
• Developing and implementing programs
• Program/project planning, development, and management methodologies
• Information security and technology support and consulting services
• Systems development using analysis, design and documentation methodologies
• Applicable mainframe systems and operations
• Methods and equipment used in information systems support and maintenance
• Basic computer concepts
• Applicable computer programming techniques and languages
• Applicable computer software applications and hardware
• Contract development and oversight
• Applicable laws, rules, and regulations
• Budgeting methods and procedures

Expert skill in:

• Public relations for maintaining effective working relationships with individuals and groups, both internal and external
• Maintaining effective working relationships with others
• Planning, directing, coordinating and leading the work of others
• Leading projects and project teams
• Establishing plans and setting objectives and goals that support overall business strategy/results; anticipating and adjusting for problems/roadblocks
• Developing, interpreting, and implementing policies, procedures, and technical information
• Persuasion and negotiation of critical issues
• Analyzing and organizing business and technical data
• Prioritizing and organizing work assignments
• Communicating technical information effectively
• Developing and giving presentations
• Using and supporting of applicable computer systems

Ability to:

• Communicate effectively

Other Attributes:

• Exercises logic and reasoning to define problems, establish facts and draw valid conclusions; makes decisions that support business objectives and goals

Physical Requirements and Working Conditions:

Sedentary work: Lift up to 10 lbs at a time and occasionally carry files/small tools

• Light work: Lift up to 20 lbs at a time and frequently lift or carry objects up to 10 lbs
• Standing-prolonged periods of time
• Repetitive Motion-substantial movements of the wrists, hands, and/or fingers
• Close Visual Acuity-work includes data/figures; view a computer screen; extensive reading

Conditions of Employment:

Please click this link to read the standard conditions of employment for all positions: Standard Conditions of Employment (TxDOT)

TxDOT is committed to hiring veterans. To assist in determining whether your military experience may pertain to the minimum requirements for this position, Military Occupational Specialty (MOS) codes from each branch of the U.S. Armed Forces have been assigned to each state classification code/title where applicable. The MOS codes are grouped by occupational category.

To view the MOS codes please click on link below and click on the appropriate occupational category.

The Texas Department of Transportation is an Equal Opportunity Employer.

If requested, reasonable accommodations will be made for persons with disabilities for any part of the employment process in accordance with the Americans with Disabilities Action of 1990.

Please click this link to read the information for applicants: Additional Applicant Information