Cybersecurity Analyst II; Threat Researcher

While currently a position at DIR, this role will be part of the new Texas Cyber Command, the state’s newest agency to defend against and respond to cyber threats.

Job Posting: #

Opened: 10/4/2025

Closes: 10/18/2025

Position Title:

Cybersecurity Analyst II (Threat Researcher)

Class/Group: 0320/B25

Military Occupation Specialty Code:
Army: 17C, 25D;
Coast Guard: CYB
11, CYB
12, CYB
14;
Marine Corps: 1721, Air Force: 1N4X1, Space Force: 514A, 5C0X1N

Fair Labor Standards Act Status:
Exempt

Number of Vacancies: 1

Division/Section:
Office of the Chief Information Security Officer/Security Operations/Cybersecurity Incident Response Team

Salary Range: $7,833.34 - $8,025.00/monthly

Duration:
Regular

Hours Worked Weekly: 40

Travel:
Occasional

Work Location:

• San Antonio, Texas - preferred work location
• Austin, Texas - optional

We are a technology agency powered by people.

DIR offers secure, modern, and cost-effective technology to help government entities in Texas serve their constituents.

DIR is a fast-paced and collaborative environment with highly motivated, innovative, and engaged employees dedicated to achieving the best value for the state.

A role within the Office of the State Chief Information Security Officer (OCISO) that combines progressive incident response program development, works with many various organizations, plans for and responds to cybersecurity incidents, and reviews and communicates threats and vulnerabilities to a wide range of stakeholders.

Performs complex (journey-level) cybersecurity analysis work.

Work involves protecting cybersecurity assets and delivering cybersecurity incident detection, incident response, threat assessment, cyber intelligence, and vulnerability assessment services.

• Engage with industry partners, government agencies, and intelligence communities to gather and disseminate threat intelligence.
• Coordinate with industry partners, government agencies, and other specialists to establish and maintain situational awareness of current and emerging risks and threats to the state.
• Use open source and commercial intelligence providers to gain insight into adversary tactics, techniques, and procedures.
• Advise the Department leadership and state cybersecurity community of significant emerging threats.
• Develop and potentially deliver tabletop preparedness exercises for both technical and non-technical stakeholders.
• Conduct proactive threat research and dark web monitoring to identify compromised accounts, exposed data, vulnerabilities, and emerging adversary tactics affecting Texas governmental entities.
• Support cyber incident response and recovery services for any eligible governmental entity across the State of Texas.

Graduation from an accredited four-year college or university with major coursework in information technology security, computer information systems, computer science, management information systems, or a related field.

Three (3) years of progressively responsible experience in the IT industry.

Three (3) years of progressively responsible experience in information technology security or project management work.

One (1) year of experience in responding to security incidents.

• Experience and training in analyzing, recommending, developing, and implementing enterprise-wide policies, standards, and guidelines.
• Experience in researching and documenting findings on information technology issues, processes, or programs.
• Experience in adult learning techniques, including curriculum development and delivery of technical and non-technical training.
• Experience in creating and editing documentation, related processes public presentations, and other written communication.
• Certified Ethical Hacker (CEH), GAIC Certified Incident Handler (GCIH), GCFE Certified Forensic Examiner (GAIC), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Security Professional (CISSP), GIAC Security Essentials Certification (GSEC), Certified Incident Handler (GCIH), or Cyber Sec First Responder (CFR) or similar certification.

• Knowledge of applied “sound security” concepts, such as the principal of least privilege, the use of multi-factor authentication, and identity and access management.
• Knowledge of generally accepted information technology standards and practices.
• Knowledge of the security limitations and capabilities of computer systems and of information security practices, procedures, and regulations.
• Ability to communicate effectively using interpersonal skills and appropriate supporting technology.
• Ability to promote and support the overall mission, goals, and efforts of the team.

The Department of Information Resources does not exclude anyone from consideration for recruitment, selection, appointment, training, promotion, retention, or any other personnel action, or deny any…