This is a remote position.

The
ERP Security Analyst (CAPPS IAM & Security Specialist)
will support the Texas Comptroller of Public Accounts (CPA) on the Centralized Accounting and Payroll/Personnel System (CAPPS) Program. This role performs highly advanced, senior-level consultative services and technical assistance in support of CPA's identity and access management (IAM), ERP security, and contract management oversight functions. The candidate will serve as a subject matter expert for user role Segregation of Duties in CAPPS multi-tenant software applications and as Delegated Administrator Level 3 for Texas Digital Identity Services (TDIS). This position requires deep technical expertise across PeopleSoft environments, security frameworks, and statewide fiscal systems, with the ability to integrate new platforms such as CGI Advantage as needed.

RESPONSIBILITIES

• 
  Oversee IAM workflows including account lifecycle management, provisioning, de-provisioning, and access reviews within the TDIS and CAPPS ERP environment.
• 
  Manage and enforce role-based access control (RBAC) and least privilege models across ERP and connected systems.
• 
  Design, maintain, and remediate Segregation of Duties (SoD) rules across business processes within CAPPS multi-tenant applications.
• 
  Monitor authentication, authorization, and privilege escalation logs for suspicious activity and coordinate findings with the CPA Information Security Office.
• 
  Oversee secure integration of third-party applications via SAML, OAuth, OIDC, SCIM, and custom APIs.
• 
  Implement, support, and maintain PathLock products including User Access Review (UAR), Single Sign-On (SSO), Data Masking, and A360.
• 
  Ensure all digital products and content meet WCAG 2.1 accessibility standards, conducting regular compliance reviews and implementing remediation as needed.
• 
  Assist with contract management oversight responsibilities including IT control audits, SLA monitoring, technical reviews of contract templates and workflows, and compliance reporting.
• 
  Review and recommend approval for technical deliverables related to CAPPS architecture, system development lifecycle, disaster recovery, and security plans.
• 
  Participate as a security advisor during CPA procurement cycles, including drafting solicitation documents, providing technical specifications, and advising during evaluation and negotiation phases.

Requirements

MINIMUM QUALIFICATIONS

• 
  10 years of extensive Texas public sector experience directly working for or supporting a Texas state government agency.
• 
  10 years of experience performing technical activities in support of CPA application systems.
• 
  10 years of experience creating and managing a strategic roadmap through planning, technical insight, and cross-functional communication.
• 
  10 years of experience preparing materials for and conducting executive-level presentations.
• 
  10 years of experience performing technical project management activities in support of CPA's CAPPS program.
• 
  10 years of experience interpreting contractual language and integrating it into daily workflows while holding vendors accountable to contractual requirements.
• 
  10 years of extensive knowledge of and experience with data integration, data quality, and SDLC processes and methodologies.
• 
  10 years of experience in IT security and control practices.
• 
  10 years of technical experience with PeopleSoft FSCM or HCM 9.2, PeopleTools, PeopleCode, Application Designer, SQL, PS Query, SQR, Application Engine, and Oracle 11 or higher.
• 
  10 years of experience with CAPPS Central production and deployment technical support activities for more than 100 agencies and 5 Hub instances.
• 
  8 years of experience with IT service desk functions and knowledge of ITIL framework methodologies and processes.
• 
  5 years of experience serving in a security analyst role with responsibility overseeing a Managed Services provider.
• 
  5 years of experience with user role Segregation of Duties (SoD) in multi-tenant software applications.

PREFERRED QUALIFICATIONS

• 
  10 years of experience with software and hardware management industry best practices.
• 
  10 years of experience with CPA's legacy Statewide Financial Systems production support activities.
• 
  10 years of experience developing technical specifications to support IT procurements.

ADDITIONAL REQUIREMENTS

• 
  The selected candidate must sign CPA's Additional Terms and Conditions (Attachment A) and all required security documents upon award.
• 
  The selected candidate must complete a minimum of 10 hours of annual professional training in a relevant area of expertise, conducted on personal time and at the candidate's expense.
• 
  The candidate's remote work location must remain within the continental United States at all times, and the city and state of the primary remote location must be reported to CPA annually.
• 
  Work outside of normal business hours, including evenings, weekends, and holidays, may be required as requested and pre-approved by CPA.
• 
  Total estimated hours shall not exceed 2,000 hours per contract term.

WORK LOCATION AND SCHEDULE