Security & Compliance Analyst
Employment Information
Report this job
Job expired or something wrong with this job?
Job Description
Senior Analyst ensuring the security and compliance posture of ERP applications for Cayuse. Providing consultative services and technical assistance within the CAPPS Program.
Responsibilities:
- Plan, design, configure, deploy, support, and maintain system configurations and modifications for the CAPPS Program.
- Provide oversight of IAM workflows, including account lifecycle management, provisioning, de‑provisioning, and access reviews.
- Manage and enforce role-based access control (RBAC) and least‑privilege models within ERP (CAPPS) and connected systems.
- Design and maintain segregation of duties (SoD) rules; identify, analyze, and remediate SoD conflicts across business processes and tenants.
- Review and validate security roles, permission sets, and custom authorizations within CAPPS and all ancillary systems.
- Monitor and analyze authentication, authorization, and privilege‑escalation logs for suspicious behavior; coordinate findings with the Information Security Office.
- Oversee secure integration of third‑party applications using SAML, OAuth, OIDC, SCIM, and custom APIs.
- Validate CAPPS application changes, customizations, configurations, and workflows for security and compliance impact; recommend and track remediation activities.
- Respond to and investigate identity‑related security incidents, including account compromise, unauthorized access, and TDIS fraud indicators.
- Maintain and continuously improve standards for security, performance, compliance, and architecture across CAPPS and related platforms.
- Ensure that all digital products and content associated with CAPPS meet WCAG 2.1 accessibility standards, including perceivable, operable, understandable, and robust experiences for all users.
- Assist with contract management oversight responsibilities associated with the CAPPS Program.
- Assist and participate in annual IT control audits related to CAPPS Central applications, including preparation of evidence and remediation tracking.
- Ensure contract data security, user permissions, audit trails, and compliance with organizational and regulatory standards.
- Perform technical reviews of contract templates, metadata structures, workflows, and automation rules to ensure accuracy, usability, and compliance.
Requirements:
- 10 years – Extensive Texas public sector experience, directly working for or supporting a Texas state government agency.
- 10 years – Extensive experience performing technical activities in support of enterprise application systems (e.g., CAPPS or similar).
- 10 years – Extensive experience creating and managing a strategic roadmap by combining strong planning skills, technical insight, and effective cross‑functional communication.
- 10 years – Experience preparing materials for and conducting executive‑level presentations.
- 10 years – Experience performing technical project management activities in support of a large‑scale ERP program (such as the CAPPS program).
- 10 years – Experience interpreting contractual language and integrating it into daily workflows, including holding vendors accountable to contractual requirements.
- 10 years – Extensive knowledge of and experience with data integration, data quality, and SDLC processes and methodologies.
- 10 years – Experience in IT security and control practices, including implementation and monitoring of security controls.
- 10 years – Technical experience with PeopleSoft FSCM or HCM 9.2, PeopleTools, PeopleCode, Application Designer, SQL, PS/Query, SQR, Application Engine, and Oracle 11 or higher.
- 10 years – Experience with centralized production and deployment technical support activities for enterprise ERP solutions supporting more than 100 agencies/entities and multiple hub instances.
- 8 years – Experience with IT service desk functions and working knowledge of ITIL framework methodologies and processes.
- 5 years – Experience serving in a security analyst role with responsibility for overseeing a Managed Services provider.
- 5 years – Experience with user role segregation of duties (SoD) in multi‑tenant software applications.
- Must be able to pass a background check. May require additional background checks as required by projects and/or clients at any time during employment.
Benefits:
- Medical, Dental and Vision Insurance
- Wellness Program
- Flexible Spending Accounts (Healthcare, Dependent Care, Commuter)
- Short-Term and Long-Term Disability options
- Basic Life and AD&D Insurance (Company Provided)
- Voluntary Life and AD&D options
- 401(k) Retirement Savings Plan with matching after one year
- Paid Time Off
Similar Jobs
Product Security Engineer
Product Security Engineer at Aras focusing on securing CI/CD pipelines and cloud platforms. Drive security-first culture, advance DevSecOps maturity, and collaborate with engineering teams.
Cybersecurity Teacher
Cybersecurity Teacher responsible for providing online education and support for students at Texas Virtual Academy in Texas. Delivering course content and ensuring student success in a virtual learning environment.
Information Security Officer – Maternity Leave Coverage
Information Security Officer at Vecima Networks responsible for ISMS maintenance and ISO compliance. Supporting governance activities, supplier security, and incident response during maternity leave coverage.
Senior Pre-Sales Security Architect
Senior Pre-Sales Security Architect serving as strategic advisor in cybersecurity for enterprise clients. Bridging cybersecurity strategy, solution architecture, and commercial execution across a broad partner ecosystem.
Email Security Architecture Manager
Manage Email Security Architects at Doppel, providing social engineering defense for clients. Establish operational excellence and guide customers in their security deployments.
Senior Cybersecurity Analyst – Blue Team, Vulnerability Management
Senior Cybersecurity Analyst at Dfense Security integrating into a client’s Blue Team. Responsible for vulnerability management and risk analysis in a dynamic environment.
Cybersecurity Professional
Cybersecurity Professional defining the standard for risk management at Humana. Involving assessments, initiatives, and decisions to enhance technology-related cybersecurity posture.
IS Technical Specialist – RACF Security Engineer
RACF Infrastructure Engineer handling identity & access management services for a major financial institution. Collaborating with teams to ensure compliance with security and privacy standards.
Senior Cloud Cybersecurity Specialist – AWS/FedRAMP
Senior Cloud Cybersecurity Specialist focusing on cloud security for federal clients. Leading cybersecurity operations and compliance efforts for AWS and Databricks environments.
Cybersecurity Engineer
Cybersecurity Engineer responsible for managing security projects in a top 20 CPA and advisory firm. Collaborating across teams to implement security controls and ensure operational integrity.
Information Security Officer 3 – Security Architect, Application and Product Security
Information Security Officer specializing in application and product security for the Government of Alberta. Safeguarding digital services through collaboration and compliance with cybersecurity policies.
Industrial OT Security Specialist – Operational Technology
Especialista em Segurança Industrial OT focado em Cyber Security para apoiar operações do Grupo Cosan. Lidera iniciativas de monitoramento de segurança e desenvolve casos de uso de detecção.
Staff Security Engineer – Proactive Security
Staff Security Engineer at DoorDash leading threat modeling and security operations for product and cloud domains. Collaborating with teams to ensure secure infrastructure and services.
Enterprise Security Engineer
Enterprise Security Engineer at DoorDash protecting workforce through security controls and automation. Collaborating across DoorDash, Wolt, and Deliveroo to enhance security systems.
Senior AI Security Engineer
Senior AI Security Engineer designing safeguards for internal AI usage at Backblaze. Focused on agentic systems, developer protection, and runtime security.
Senior Account Manager – BMS/Fire/Security/SaaS
Senior Account Manager responsible for managing key customer accounts and driving sales growth at Honeywell. Foster client relationships to deliver tailored solutions while collaborating with internal teams.
Senior Manager, Workday Security
Workday Security Senior Manager overseeing Workday security architecture and compliance for Fortrea. Collaborating with HR, Finance, IT, and Compliance teams to safeguard sensitive data access.
Senior Splunk Technical Account Manager – Cybersecurity
Senior Splunk Technical Account Manager driving security objectives through Splunk platform optimization. Cultivating partnerships and enhancing customer satisfaction.
Security Consultant – Detection Engineer
Detection Engineer supporting enterprise security monitoring and threat detection initiatives. Responsible for developing and maintaining security detections in a large-scale environment.
Cybersecurity Tech Writer – Part Time
GovCon Cybersecurity Proposal Tech Writer producing technical and proposal content remotely for federal contracting. Coordinates with clients and proposal manager on projects.