Cybersecurity Analyst II

University of Texas at Austin•Austin, TX

3d•$78,000

About The Position

The Cybersecurity Analyst II is an intermediate level professional responsible for developing, maintaining, and enhancing enterprise cybersecurity programs that safeguard organizational systems, networks, and data. Reporting to the Manager of Enterprise IT Security and Operations, this role emphasizes program design, documentation, and continuous improvement in alignment with organizational standards. The position manages activities within one or more assigned cybersecurity domains such as risk management, incident response, vulnerability management, and threat intelligence, executed under established frameworks and with guidance, ensuring effective delivery of programs with moderate complexity. The Cybersecurity Analyst II updates policies, procedures, playbooks/runbooks, and automation to enhance efficiency and effectiveness. The role ensures alignment with regulatory frameworks such as HIPAA, FERPA, PCI DSS, GDPR, ISO 27001, and NIST and collaborates with IT and business teams to integrate security requirements into SDLC and operational processes. Additionally, the Cybersecurity Analyst II provides guidance to junior analysts and supports a risk‑aware environment through outreach and education.

Requirements

Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field.
3 years of proven experience in developing security risk management programs, and associated tooling.
Proven experience with Risk Management Frameworks (NIST RMF, ISO).
Strong knowledge of security protocols, network monitoring, and vulnerability assessment tools.
Demonstrated experience in security incident detection, investigation, and response.
Demonstrated knowledge of network protocols, operating systems, SIEM tools, and ITIL processes.
Experience with compliance frameworks (NIST CSF, NIST 800-53, HITRUST).

Nice To Haves

Master’s degree in Cybersecurity, Information Technology, Computer Science, or a related field.
Minimum 4 years of healthcare experience.
Demonstrated knowledge of healthcare mission, HIPAA regulations, and medical device security considerations.
Minimum 8 years of experience with network scanning, cloud security, Risk Management Frameworks (RMF), threat intelligence programs, vulnerability management programs, security orchestration, automation, and response (SOAR) platforms.
Preferred: GIAC Certified Incident Handler (GCIH), Certified Incident Handler (ECIH), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Ethical Hacker (CEH), or CompTIA Security+ Certification.
Experience with ServiceNow Security Operations and Security Incident Response modules or similar ITSM platforms.

Responsibilities

Develops and Maintains Cybersecurity Programs
Designs and documents program components including policies, standard operating procedures, playbooks, and runbooks for one or more assigned cybersecurity domains such as risk management, incident response, vulnerability management, and threat intelligence, ensuring alignment with organizational standards and regulatory frameworks.
Implements automation and process improvements to enhance efficiency, strengthen domain controls, and support continuous improvement.
Maintains dashboards and performance metrics for assigned programs (e.g., SLA compliance, control health) and incorporates lessons learned into program updates.
Collaborates with IT and business stakeholders to integrate security requirements into operational processes and the software development lifecycle, ensuring alignment with enterprise security objectives.
Coordinates with the department's IT teams, campus IT, and campus Information Security Office (ISO) on the review, implementation, and monitoring of security controls on tools owned and managed by campus IT and ISO (firewalls, DLP, MFA) to safeguard digital infrastructure.
Executes Cybersecurity Operations
Manages investigations end‑to‑end and coordinates resolution for security events within scope.
Maintains and refines playbooks/runbooks; suggests workflow improvements based on lessons learned.
Implements automations for repetitive tasks (e.g., enrichment, triage, alerts, notifications).
Supports Governance, Risk, and Compliance
Applies policies, standards, and procedures; performs control testing and gathers audit evidence.
Monitors adherence to HIPAA, FERPA, PCI DSS, GDPR, ISO 27001, and NIST frameworks.
Updates risk registers, proposes mitigations, and tracks remediation to closure.
Conducts third‑party and vendor security assessments against organizational standards and documents follow‑ups.
Helps facilitate awareness initiatives and tabletop exercises; offers coaching during activities.
Reporting & Collaboration
Maintains dashboards and KPIs (e.g., MTTR, vulnerability SLA compliance, control health).
Prepares reports with actionable recommendations for stakeholders and leadership.
Partners with IT and project teams to embed security requirements in designs and changes; reviews changes for security impact.
Marginal or Periodic Functions
Maintains documentation specific to cybersecurity work (architecture diagrams, SOPs, inventories).
Represents the organization during audits and external assessments as assigned.
Participates in professional development and advanced training.
Supports disaster recovery and business continuity plan updates.
Adheres to internal controls and reporting structure.
Performs related duties as required.