CAPPS Security Analyst

Performing highly advanced (senior-level) consultative services and technical assistance work related to supporting the CAPPS Program.

Responsible for the(CAPPS) security framework which includes but is not limited to:.

Manage and enforce rolebased access control (RBAC) and leastprivilege models within CAPPS and connected systems.

Design and maintain segregationofduties (SoD) rules; identify and remediate SoD conflicts across business processes.

Review and validate security roles permission sets and custom authorizations within CAPPS and all ancillary systems.

Monitor and analyze authentication authorization and privilegeescalation logs for suspicious behavior and coordinate any findings with CPA Information Security Office.

Oversee secure integration of thirdparty apps via SAML OAuth OIDC SCIM and custom APIs.

Validate CAPPS application changes customizations and workflows for security and compliance impact.

Respond to and investigate identityrelated security incidents including account compromise unauthorized access and fraud indicators.

Maintain standards for security performance compliance and architecture.

Responsible for ensuring that all digital products and content meet WCAG 2.1 accessibility standards. This includes maintaining perceivable operable understandable and robust experiences for all users regularly reviewing content for compliance and implementing updates or remediation whenever accessibility issues are identified.

Reviewing and suggesting approval for all assigned Security Deliverables related to CAPPS Architecture CAPPS System Development Lifecycle Disaster Recovery CAPPS Security Plans (SSP) and all CAPPS related Security plans related to CAPPS applications currently and planning for the future.

Service Desk Support

Plans designs develops deploys supports and maintains system configurations and modifications for CPAs CAPPS HR/Payroll application to ensure the system produces accurate data performs efficiently and adheres to applicable policies.

Performs highly advanced analysis and participates in special projects and cyclic processes in support of CPAs CAPPS HR/Payroll application which may include but is not limited to production expansion projects (i.e. agency deployments of CAPPS new agency creation deployment of new functionality) fiscal year end closer legislative system changes third-party integrations PeopleSoft Image upgrades and/or decommissioning functionality.

Supports CAPPS agencies with discovery prototyping configuration security conversion integration and acceptance testing for either implementation or post-production support.

Provides Level 2 Service Desk duties inclusive of but not limited to ticket handling for complex issues in-depth troubleshooting well documented analysis and basic configurations following an established and auditable process. All work is done in cooperation and collaboration with a Managed Services vendor that is responsible for all Level 3 duties.

Performs all duties following CPAs processes policies and procedures within project scope and on schedule accordance with milestones deliverables and due dates.

Works under minimal supervision relying on experience and judgment to plan and accomplish goals independently performing a variety of complicated tasks. Established processes and procedures must be followed.

Performs all work in accordance with Information Technology Infrastructure Library (ITIL) principles and practices for IT activities such as IT service management (ITSM) and IT asset management (ITAM) that focus on aligning IT services with the needs of the business.

Actively responds to and maintains customer ticket requests via the CAPPS Service Desk with current information and statuses including but not limited to break fixes incidents required maintenance and enhancement requests.

Actively participates in CPAs Major Incident Management (MIM) process for P1 and P2 incidents according to module responsibilities.

Participates in Disaster Recovery and Upgrade Testing activities.

Assists with expansion activities.

Makes presentations at CAPPS User Groups.

Plans designs develops implements supports and maintains the information technology security measures to safeguard system information.

Participates as directed in an annual SOC-1 attestation audit designed to ensure that controls are effectively designed and operated to ensure the accuracy and security of all information contained/processed via CAPPS. Any enhancements process changes or system fixes consider security availability processing integrity confidentiality and privacy as solutions are suggested approved and implemented.

Performing other related Work as assigned.