CAPPS Security Analyst

Responsible for theIAM (TDIS) and ERP (CAPPS) security framework which includes but is not limited to:
Provides oversight of IAM workflows including account lifecycle management provisioning de provisioning and access reviews.
Manage and enforce role based access control (RBAC) and least privilege models within ERP and connected systems.
Design and maintain segregation of duties (SoD) rules; identify and remediate SoD conflicts across business processes.
Review and validate security roles permission sets and custom authorizations within CAPPS and all ancillary systems.
Monitor and analyze authentication authorization and privilege escalation logs for suspicious behavior and coordinate any findings with CPA Information Security Office.
Oversee secure integration of third party apps via SAML OAuth OIDC SCIM and custom APIs.
Validate CAPPS application changes customizations and workflows for security and compliance impact.
Respond to and investigate identity related security incidents including account compromise unauthorized access and TDIS fraud indicators.
Maintain standards for security performance compliance and architecture.
Responsible for ensuring that all digital products and content meet WCAG 2.1 accessibility standards. This includes maintaining perceivable operable understandable and robust experiences for all users regularly reviewing content for compliance and implementing updates or remediation whenever accessibility issues are identified.
Assisting with all applicable contract management oversight responsibilities associated with the CAPPS Program including but not limited to:
Assisting and participating with the annual IT control audits related to the CAPPS Central applications.
Ensuring contract data security user permissions audit trails and compliance with organizational and regulatory standards.
Performing technical reviews of contract templates metadata structures workflows and automation rules to ensure accuracy and usability.
Working closely with Fiscal Managements contract managers to identify gaps and optimize contract processes.
Overseeing and/or assisting with technical oversight and support related to but not limited to SLAs system monitoring environment analysis hardware/software evaluation network troubleshooting migration paths coding standards security standards compare reports application change management review and batch scheduling review.
Maintaining documentation related to architecture configuration integrations and change management.
Supporting reporting and analytics for contract KPIs compliance metrics and lifecycle performance.
Reviewing and suggesting approval for all assigned Technical Deliverables related to CAPPS Architecture CAPPS System Development Lifecycle Disaster Recovery CAPPS Security Plans (SSP) and all CAPPS related Technology plans related to CAPPS applications currently and planning for the future.
Planning and coordinating various technical upgrades (e.g. PeopleSoft image PeopleSoft Fluid PeopleTools other software publisher upgrades etc.).
Participating as a security advisor during the procurement cycle for certain CPA-issued procurements for products or services associated with CPAs CAPPS Program. Activities may include but are not limited to the following: research of products and services planning activities drafting and reviewing documents for use in solicitations providing technical input for purposes of developing guidelines for evaluating the developed technical specifications and serving as a technical advisor providing input to CPAs teams during the evaluation and negotiation phases.
Special Skill Set

Serve as a subject matter expert associated with user role Segregation of Duties (SOD) in CAPPS multi-tenant software applications.

Serve as a subject matter expert and perform Delegated Administration Level 3 for the Texas Digital Identity Services (TDIS).
Serve as the subject matter expert and be able to implement support and maintain products offered by PathLock that include: User Access Review (UAR) Single Sign-On (SSO) Data Masking and A360.
Performing other related Work as . CANDIDATE SKILLS AND QUALIFICATIONSMinimum Requirements:
Candidates that do not meet or exceed the minimum stated requirements (skills/experience) will be displayed to customers but may not be chosen for this opportunity.
Years Required/Preferred Experience
10 Required Extensive Texas public sector experience directly working for or supporting a Texas state government agency
10 Required Extensive experience performing technical activities in support of CPA application systems
10 Required Extensive experience creating and managing a strategic roadmap by combining strong planning skills technical insight and effective cross functional communication
10 Required Experience preparing materials for and conducting executive-level presentations
10 Required Experience performing technical project management activities in support of CPAs CAPPS program
10 Required Experience in interpreting contractual language and integrating it into daily workflows while consistently holding vendors accountable to contractual requirements
10 Required Extensive knowledge of/experience with data integration data quality and SDLC processes and methodologies
10 Required Experience in IT security and control practices
10 Required Technical experience with PeopleSoft FSCM or HCM 9.2 PeopleTools Peoplecode Application Designer SQL PS Query SQR Application Engine and Oracle 11 or higher
10 Required Experience with CAPPS Central production and deployment technical support activities for more than 100 agencies and 5 Hub instances.
8 Required Experience with IT service desk functions knowledge of ITIL framework methodologies and processes.
5 Required Experience serving in a security analyst role with responsibility overseeing a Managed Services provider
5 Required Experience with user role segregation of duties (SoD) in multi-tenant software applications.
10 Preferred Experience with software and hardware management industry best practices
10 Preferred Experience with CPAs legacy Statewide Financial Systems production support activities
10 Preferred Experience developing technical specifications to support IT procurements