CAPPS Security Analyst (Contractor) 304FM202706/304FM202707

About The Position

Requirements

• 10+ Years Direct experience working for or in technical support of a Texas state government agency — not just general public sector, but specifically Texas state
• 10+ Years Hands-on technical work supporting CPA application systems (this is a hard requirement, not a "similar environment" qualifier)
• 10+ Years CAPPS Central production and deployment support across more than 100 agencies and 5 Hub instances
• 10+ Years PeopleSoft FSCM or HCM 9.2 technical experience, including PeopleTools, PeopleCode, Application Designer, SQL, PS Query, SQR, Application Engine, and Oracle 11+
• 10+ Years Strategic roadmap creation and management, including cross-functional communication and executive stakeholder alignment
• 10+ Years Preparation and delivery of executive-level presentations
• 10+ Years Technical project management in support of the CAPPS program
• 10+ Years Contract interpretation and vendor accountability management — translating contractual language into daily operational workflows
• 10+ Years Data integration, data quality, and SDLC methodologies (Agile and others)
• 10+ Years IT security and control practices, including NIST frameworks and audit support
• 8+ Years IT service desk functions and ITIL framework methodologies and processes
• 5+ Years Security analyst role with direct responsibility for overseeing a Managed Services Provider (MSP)
• 5+ Years Segregation of Duties (SoD) in multi-tenant software applications — SME-level, not just familiarity

Nice To Haves

• 10+ years supporting CPA's legacy Statewide Financial Systems in a production support capacity
• 10+ years of experience with software and hardware management industry best practices in a large enterprise or government environment
• 10+ years developing technical specifications to support IT procurements, including drafting solicitation language and advising during vendor evaluation

Responsibilities

• Serve as the primary subject matter expert for IAM and ERP security across the CAPPS program.
• Own the full identity lifecycle — from account provisioning and de-provisioning to access reviews, RBAC enforcement, and least-privilege modeling.
• Design and maintain Segregation of Duties (SoD) rules and remediating conflicts across business processes.
• Monitor authentication, authorization, and privilege-escalation logs for anomalies and coordinate findings directly with the client's Information Security Office.
• Oversee the secure integration of third-party applications via SAML, OAuth, OIDC, SCIM, and custom APIs.
• Validate all CAPPS application changes and customizations for security and compliance impact.
• Serve as the Delegated Administrator Level 3 for Texas Digital Identity Services (TDIS).
• Act as the agency's internal SME for PathLock products, including User Access Review (UAR), Single Sign-On (SSO), Data Masking, and A360.
• Participate in annual IT control audits.
• Review and approve technical deliverables related to CAPPS architecture, SDLC, Disaster Recovery, and Security System Plans (SSPs).
• Serve as a security advisor during procurement cycles — from drafting technical specifications to evaluating vendor proposals.
• Coordinate PeopleSoft upgrades (images, Fluid, PeopleTools).
• Maintain architecture and change management documentation.
• Support reporting on contract KPIs and compliance metrics.
• Ensure accessibility compliance (WCAG 2.1) across all digital products and content.

Benefits

• Employee-owned company
• All your information will be kept confidential according to EEO guidelines.