Posting number: 16947
Department: Universal Services
Job classification: Security Analyst
Posting type: Open
Categories: IT and Computers, Planning and Development, Management, Investigative, Project Management, Communications, Program Management, Database Administration, Software
About Harris County and Universal Services:
Harris County Universal Services is transforming the way the County does business and seeking a Threat and Vulnerability Management Analyst to join our team.
Universal Services is the enterprise IT solutions center for the departments and offices of Harris County, providing Information Technology, Public Safety and Justice Technologies, 311 Constituent Engagement Services, Fleet Services, and Records and Information Governance Services.
Harris County is the third largest and most diverse county in the nation, with a population of more than 4.7 million. Harris County Commissioners Court, the County’s governing body, directs a budget of more than $4 billion providing essential services including flood control, infrastructure, healthcare, housing, and justice administration.
This is a great time to join Universal Services as we enhance critical services to Harris County residents and internal customers.
The Threat & Vulnerability Management Analyst is responsible for identifying, investigating, and helping remediate cybersecurity threats and vulnerabilities across the enterprise. This role conducts vulnerability assessments, investigates security alerts, analyzes emerging threats, and collaborates with IT and security teams to strengthen the organization's security posture. The ideal candidate has strong analytical and investigative skills, a passion for cybersecurity, and the ability to translate technical findings into actionable recommendations.
Job Responsibilities:
Conduct continuous vulnerability scanning of servers, workstations, network devices, cloud resources, and applications to identify security weaknesses.
Analyze and prioritize vulnerabilities based on risk, exploitability, asset criticality, CVSS scores, and threat intelligence.
Coordinate remediation efforts with infrastructure, application, cloud, and endpoint teams to ensure vulnerabilities are addressed within established service-level objectives (SLOs).
Validate remediation activities by performing research and verifying that vulnerabilities have been successfully mitigated or remediated.
Monitor threat intelligence feeds, CISA advisories, vendor security bulletins, and zero-day vulnerabilities to assess organizational exposure.
Develop and maintain vulnerability management dashboards, metrics, and executive reports that track remediation progress, risk trends, compliance, and key performance indicators.
Investigate Security Operations Center (SOC) alerts to validate potential threats, determine scope and impact, and identify indicators of compromise (IOCs).
Investigate security events and anomalies to identify root causes, affected assets, attack vectors, and recommended remediation actions.
Support incident response by triaging SOC alerts, collecting evidence, documenting findings, and escalating confirmed security incidents in accordance with established procedures.
Correlate SOC alerts with vulnerability and asset data to determine whether identified security weaknesses contributed to the observed activity and recommend mitigation measures.
Maintain and optimize Threat and Vulnerability Management tools (e.g., Microsoft Defender Vulnerability Management, Rapid7), including scan configurations, asset inventories, and reporting.
Harris County is an Equal Opportunity Employer
https://hrrm.harriscountytx.gov/Pages/EqualEmploymentOpportunityPlan.aspx
If you need special services or accommodations, please call (713) 274-5445 or email ADACoordinator@bmd.hctx.net
This position is subject to a criminal history check. Only relevant convictions will be considered and, even when considered, may not automatically disqualify the candidate.
Education:
High School Diploma or GED
Experience:
2–5 years of experience in IT, cybersecurity or systems analysis.
Knowledge, Skills, and Abilities
Proficiency in using SIEM tools, firewalls, intrusion detection/prevention systems, and vulnerability scanners.
Familiarity with operating systems (Windows, Linux) and networking protocols.
Understanding of regulatory frameworks and compliance requirements.
Strong analytical, communication, and documentation skills.
NOTE Qualifying education, experience, knowledge and skills must be documented in your job application. You may attach a resume to the application as supporting documentation but ONLY information stated on the application will be used for consideration. "See Resume" will not be accepted for qualifications.
Location:
406 Caroline St., Houston, TX 77002
Work Arrangement:
Monday - Friday, 8am - 5pm, Hybrid (exact hybrid schedule can be determined by the manager)
Employment may be contingent on passing a drug screen and meeting other standards.
Due to a high volume of applications positions may close prior to the advertised closing date or at the discretion of the Hiring Department.

Harris County is a county located in the U.S. state of Texas within the Houston–Sugar Land–Baytown metropolitan area. As of 2000 U.S. Census, the county had a population of 3,400,578 (though a 2007 estimate placed the population at 4,011,475), making it the most populous county in Texas and the third most populous county in the United States. Its county seat is Houston.