Security Manager 3 - Energetic Workplace

Solicitation Reference Number
529400961

Customer Name
Texas Health and Human Services Commission

Category
Security

Customer Entity Name
Health and Human Services Commission

Title
Information Security Manager

Level
Information Security Manager 3

Estimated Hours
640

SSR Status
Posted

Number of Positions
1

Status
New

# of Resumes Allowed
1

Candidates Submitted

Full/Part Time
Full Time

IT STAFFING SERVICES SOLICITATION UNDER
DEPARTMENT OF INFORMATION RESOURCES
IT STAFF AUGMENTATION CONTRACT (ITSAC)
RFO DIR-CPO-TMP-445Solicitation Reference Number: 529400961Working Title: Information Security Manager 3Title/Level: Information Security Manager 3Category: SecurityFull Time

I. DESCRIPTION OF SERVICES

Texas Health and Human Services Commission requires the services of 1 Information Security Manager 3, hereafter referred to as Candidate(s), who meets the general qualifications of Information Security Manager 3, Security and the specifications outlined in this document for the Texas Health and Human Services Commission.

All work products resulting from the project shall be considered "works made for hire " and are the property of the Texas Health and Human Services Commission and may include pre-selection requirements that potential Vendors (and their Candidates) submit to and satisfy criminal background checks as authorized by Texas law. Texas Health and Human Services Commission will pay no fees for interviews or discussions, which occur during the process of selecting a Candidate(s).

Level Description

8 or more years of experience, relies on experience and judgment to plan and accomplish goals, independently performs a variety of complicated tasks, a wide degree of creativity and latitude is expected.

Job Description

Coordinate and execute security policies and controls, as well as assess vulnerabilities within a company. They are responsible for data and network security processing, security systems management, and security violation investigation.

Additional job details and special considerations

Supports the TIERS Learning Center and Operations by applying information security threat intelligence to identify and exploit vulnerabilities within different environments. On a daily basis you will perform analysis of on-prem and cloud security and monitor security operations including security architecture reviews. Our ideal candidate understands regulatory requirements, has in-depth knowledge of industry standards and trends, and is proficient with the latest cybersecurity software.

II. CANDIDATE SKILLS AND QUALIFICATIONSMinimum Requirements:
Candidates that do not meet or exceed the minimum stated requirements (skills/experience) will be displayed to customers but may not be chosen for this opportunity.YearsRequired/PreferredExperience8RequiredResponsible for implementing security measures to protect computer systems, networks and data. Information security analysts are expected to stay up to date on the latest intelligence, including hackers' methodologies, in order to anticipate breaches.8RequiredResponsible for ensuring all networks have adequate security to prevent unauthorized access. Also must ensure that all security systems are current with any software or hardware changes in the company.8RequiredConduct application security assessments using off-the-shelf or internally developed tools. Also produce and deliver vulnerability and exploit information to clients in the form of a professional security assessment report.8RequiredOrchestrate calls to include, but not limited to project kick-off calls, notification of high/critical findings during the testing process, and close out calls to review test findings, evidence, process steps to reproduce, and remediation recommendations.8RequiredPerform proactive research to identify and understand new threats, vulnerabilities and exploits. Perform procedures necessary to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access or destruction.8RequiredExtensive experience with working with and implementing NIST 800-37, NIST 800-53, MARS-E controls, POA&Ms, and developing Corrective Action Plans.8RequiredPrepare impact assessment reports that document security breaches and the extent of the damage caused by the breaches. Create standard operating procedure documents in adherence to security policies and standards.8RequiredReview violations of computer security procedures and discuss procedures with HHSC/TIERS Security team. Confer with users to discuss issues such as computer data access needs, security violations, and programming changes.8RequiredSkilled information technology professional with advanced experience developing and implementing IT policy, standards and procedures.6PreferredAbility to prepare concise written reports appropriate to the audience. Ability to communicate effectively verbally and in writing.6PreferredExperience working with Archer GRC, Dynatrace, Splunk, Imperva Web Application Firewall, Qualys and MS Office tools.4PreferredConduct research to recommend security enhancements and purchases of new security tools.3PreferredAbility to training staff on network and information security procedures, processes and information safeguarding.
III. TERMS OF SERVICE

Services are expected to start 05/20/2024 and are expected to complete by 08/31/2024. Total estimated hours per Candidate shall not exceed 640 hours. This service may be amended, renewed, and/or extended providing both parties agree to do so in writing.
IV. WORK HOURS AND LOCATION

Services shall be provided during normal business hours unless otherwise coordinated through the Texas Health and Human Services Commission. Normal business hours are Monday through Friday from 8:00 AM to 5:00 PM, excluding State holidays when the agency is closed.

The primary work location(s) will be at 701 W. 51st Street, Austin, TX 78751. Any and all travel, per diem, parking, and/or living expenses shall be at the Candidate's and/or Vendor's expense. Texas Health and Human Services Commission will provide pre-approved, written authorization for travel for any services to be performed away from the primary work location(s). Pre-approved travel expenses are limited to the rates and comply with the rules prescribed by the State of Texas for travel by its classified employees, including any requirement for original receipts.

The Candidate(s) may be required to work outside the normal business hours on weekends, evenings and holidays, as requested. Payment for work over 40 hours will be at the hourly rate quoted and must be coordinated and pre-approved through Texas Health and Human Services Commission.
V. OTHER SPECIAL REQUIREMENTS

Services are expected to start 05/20 /2024 and are expected to complete by 08/31/2024. Total estimated hours per Candidate shall not exceed 640 hours. This service may be amended, renewed, and/or extended providing both parties agree to do so in writing.

WORK HOURS AND LOCATION

A) Services shall be provided during normal business hours unless otherwise coordinated through the Agency. Normal business hours are Monday through Friday from 8:00 a.m. through 5:00 p.m., excluding Texas state holidays when the agency is closed.

B) The primary work location will be 701 W 51st Street, Austin, Texas 78751. Position will be 100% remote. However, this will require on-calls. Candidates must be within the Metro Area in Austin, TX or any surrounding cities due to the on-call schedules and/or will need to come in the headquarters as requested.

C) Any and all travel, per diem, parking, and/or living expenses shall be at the worker's and/or Vendor's expense.

D) The worker may be required to work remotely at HHSC discretion, up to 100 percent of the time.

E) The worker may be required to work outside the normal business hours on weekends, evenings and holidays, as requested. Payment for work over 40 hours will be at the hourly rate quoted and must be coordinated and pre-approved through the Agency.

Interviews will be conducted: (check all that apply)

By Phone

In person

Through Microsoft Teams