Job Description

I. DESCRIPTION OF SERVICES


Texas Health and Human Services Commission requires the services of 2 Network Security Analyst 2, hereafter referred to as Candidate(s), who meets the general qualifications of Network Security Analyst 2, Security and the specifications outlined in this document for the Texas Health and Human Services Commission.

All work products resulting from the project shall be considered "works made for hire" and are the property of the Texas Health and Human Services Commission and may include pre-selection requirements that potential Vendors (and their Candidates) submit to and satisfy criminal background checks as authorized by Texas law. Texas Health and Human Services Commission will pay no fees for interviews or discussions, which occur during the process of selecting a Candidate(s).

Level Description

4-7 years of experience in the field or in a related area. Familiar with standard concepts, practices, and procedures within a particular field. Relies on limited experience and judgment to plan and accomplish goals. A certain degree of creativity and latitude is required. Works under limited supervision with considerable latitude for the use of initiative and independent judgment. Ability to maintain the security and integrity of critical infrastructure systems by preventing unauthorized access and ensuring compliance with laws and regulations related to national security and foreign ownership restrictions.



Job Description

A network security analyst ensures that information systems and computer networks are secure. This includes protecting the company against hackers and cyber-attacks, as well as monitoring network traffic and server logs for activity that seems unusual. Additionally, these analysts are responsible for finding vulnerabilities in the computer networks and creating recommendations for how to minimize these vulnerabilities. The network security analyst investigates security breaches, develops strategies for any security issues that arise, and utilizes the help of firewalls and antivirus software to maintain security. DISCLAIMER: Candidates for this position will be subject to a pre-employment security review to determine employment eligibility.



The Network Security Analyst II (NSA II) – RSA Archer Specialist is responsible for planning, designing, implementing, configuring, and supporting enterprise RSA Archer Governance, Risk, and Compliance (GRC) solutions. This role works closely with Information Security, Data Privacy, Risk Management, Compliance, and system stakeholders to deliver scalable, user-friendly Archer applications that enable assessment, authorization, control assurance, issue management, and continuous compliance monitoring.

The position operates independently on complex assignments while collaborating across cross-functional technical and business teams. The NSA II ensures Archer solutions align with organizational governance frameworks, regulatory obligations, and security control requirements.



Required Certifications

Must Have:

• Archer Certified Professional (ACP)

OR

• Level 3 Archer Certified Administrator – Expert Certification

Essential Duties and Responsibilities

The essential duties for this role include, but are not limited to:

• Design, implement, configure, and maintain RSA Archer solutions, with emphasis on:

o Assessment & Authorization (A&A)

o Controls Assurance Program Management

o Issues Management

o Custom Archer applications

o System integrations

• Perform detailed business and functional requirements gathering and analysis; translate requirements into:

o Solution designs

o Configuration specifications

o User stories

o Implementation plans

• Configure and customize Archer applications including:

o Questionnaires and surveys

o Forms and data fields

o Workflows and approvals

o Calculations and data relationships

o Access controls and role-based permissions

o Data feeds and automated imports

• Develop and integrate RESTful and web services to enable API connectivity between Archer and external enterprise systems (e.g., ServiceNow or other ITSM, CMDB, or risk platforms).

• Implement client-side logic, validations, and dynamic behaviors using JavaScript and jQuery within Archer applications.

• Produce and maintain technical documentation covering:

o System design and configuration

o Integration specifications

o Testing plans and results

o Change requests and deviations

o Process transformation artifacts

o Project management documentation using standard templates

• Utilize project management and tracking tools to monitor development progress, deliverables, risks, and milestones.

• Follow established change management, release management, and governance processes for all deployments to production environments.

• Provide troubleshooting, defect resolution, and performance optimization for Archer applications.

• Support end-user adoption through knowledge transfer, training materials, and solution walkthroughs.

• Perform related duties and special projects as assigned.



Knowledge, Skills, and Abilities

• Expert knowledge of RSA Archer platform architecture, data model, application configuration, and workflow design

• Strong understanding of GRC processes, risk management, compliance frameworks, and security control assurance

• Experience integrating Archer with external enterprise platforms using REST APIs and web services

• Proficiency in JavaScript/jQuery for client-side customizations

• Ability to translate complex business requirements into technical configurations

• Strong documentation and communication skills

• Experience working in structured change-controlled environments

• Ability to work independently on complex technical implementations



Preferred Qualifications

• Experience supporting large enterprise or government GRC implementations

• Familiarity with security frameworks such as NIST, ISO 27001, SOC, or regulatory compliance programs

• Experience integrating Archer with ServiceNow or similar ITSM platforms

• Prior work in information security, risk, or compliance teams



Work Environment

• Works independently and collaboratively in cross-functional teams

• Engages with security, risk, compliance, IT, and business stakeholders

• Supports mission-critical enterprise GRC operations


II. CANDIDATE SKILLS AND QUALIFICATIONS

Minimum Requirements:
Candidates that do not meet or exceed the minimum stated requirements (skills/experience) will be displayed to customers but may not be chosen for this opportunity.

Years	Required/Preferred	Experience
5	Required	Must Have: • Archer Certified Professional (ACP) OR • Level 3 Archer Certified Administrator – Expert Certification
10	Preferred	Experience supporting large enterprise or government GRC implementations • Familiarity with security frameworks such as NIST, ISO 27001, SOC, or regulatory compliance programs • Experience integrating Archer with ServiceNow or similar ITSM platforms

III. TERMS OF SERVICE

Services are expected to start 03/30/2026 and are expected to complete by 08/31/2026. Total estimated hours per Candidate shall not exceed 1167 hours. This service may be amended, renewed, and/or extended providing both parties agree to do so in writing.

IV. WORK HOURS AND LOCATION

Services shall be provided during normal business hours unless otherwise coordinated through the Texas Health and Human Services Commission. Normal business hours are Monday through Friday from 8:00 AM to 5:00 PM, excluding State holidays when the agency is closed.

The primary work location(s) will be at 701 W 51st Street Austin, TX 78751. The working position is On Site. Any and all travel, per diem, parking, and/or living expenses shall be at the Candidate's and/or Vendor's expense. Texas Health and Human Services Commission will provide pre-approved, written authorization for travel for any services to be performed away from the primary work location(s). Pre-approved travel expenses are limited to the rates and comply with the rules prescribed by the State of Texas for travel by its classified employees, including any requirement for original receipts.

The Candidate(s) may be required to work outside the normal business hours on weekends, evenings and holidays, as requested. Payment for work over 40 hours will be at the hourly rate quoted and must be coordinated and pre-approved through Texas Health and Human Services Commission.

V. OTHER SPECIAL REQUIREMENTS

Position is ONSITE at the location listed above (NO REMOTE WORK). Program will only accept LOCAL ONLY candidates for this position.