• Support the Texas Comptroller of Public Accounts on the Centralized Accounting and Payroll/Personnel System (CAPPS) Program. • Deliver highly advanced, senior-level consultative services and technical assistance in support of CAPPS security architecture, configuration, and compliance across HR/Payroll, Financials, STARR, and all ancillary systems. • Manage and enforce the CAPPS security framework, including role-based access control, segregation of duties, identity governance, and secure third-party integrations. • Provide Level 2 Service Desk support, system configuration and maintenance, and participation in major incident management, disaster recovery, and audit activities. • Monitor and analyze authentication, authorization, and privilege escalation logs for suspicious behavior; coordinate findings with the CPA Information Security Office. • Oversee secure integration of third-party applications via SAML, OAuth, OIDC, SCIM, and custom APIs. • Respond to and investigate identity-related security incidents, including account compromise, unauthorized access, and fraud indicators. • Review, validate, and suggest approval for all assigned security deliverables related to CAPPS Architecture, System Development Lifecycle, Disaster Recovery, and Security Plans (SSP). • Plan, design, develop, deploy, support, and maintain system configurations and modifications for the CAPPS HR/Payroll application to ensure accuracy, efficiency, and policy adherence. • Ensure all digital products and content meet WCAG 2.1 accessibility standards, regularly reviewing for compliance and implementing remediation as needed.

• Oversee IAM workflows including account lifecycle management, provisioning, de-provisioning, and access reviews within the TDIS and CAPPS ERP environment. • Manage and enforce role-based access control (RBAC) and least privilege models across ERP and connected systems. • Design, maintain, and remediate Segregation of Duties (SoD) rules across business processes within CAPPS multi-tenant applications. • Monitor authentication, authorization, and privilege escalation logs for suspicious activity and coordinate findings with the CPA Information Security Office. • Oversee secure integration of third-party applications via SAML, OAuth, OIDC, SCIM, and custom APIs. • Implement, support, and maintain PathLock products including User Access Review (UAR), Single Sign-On (SSO), Data Masking, and A360. • Ensure all digital products and content meet WCAG 2.1 accessibility standards, conducting regular compliance reviews and implementing remediation as needed. • Assist with contract management oversight responsibilities including IT control audits, SLA monitoring, technical reviews of contract templates and workflows, and compliance reporting. • Review and recommend approval for technical deliverables related to CAPPS architecture, system development lifecycle, disaster recovery, and security plans. • Participate as a security advisor during CPA procurement cycles, including drafting solicitation documents, providing technical specifications, and advising during evaluation and negotiation phases.

• Plan and implement security measures to meet federal compliance and protect computer systems, networks, and data. • Analyze and document security risks, breaches, and cyber security incidents to understand their impact and improve security measures. • Develop and implement network disaster recovery plans to ensure business continuity. • Oversee the monitoring of computer networks for security issues and take proactive measures to address potential threats. • Install and operate security software and measures, including firewalls and data encryption programs, to protect systems and information infrastructure. • Stay informed about the latest security trends and guidelines, especially those relevant to federal contracts, and make recommendations to enhance security posture.

Role Description We're looking for a Security Analyst to become an integral member of our Security Team. In this high-impact role, you will be responsible for maintaining patient safety through managing our security tools to improve security outcomes in the domains of Data Loss Prevention, Zero Trust, and Endpoint Security. This role will also have exposure and responsibilities in our Incident investigations and in the subsequent Response lifecycle. This is a hands-on role, and our ideal candidate will maintain high standards, is passionate about delivery of care to patients, and wants to play an impactful role in the development of our innovative medical devices. This is an excellent opportunity for someone eager to learn and grow. Responsibilities - Own our endpoint security solution and be the primary/secondary go-to person to triage the alerts. - Help improve our Data Loss Prevention tooling by creating baselines and tuning based on false positives and usage. - Work off of our SIEM tool and be an all-rounded resource who can create dashboards, trendlines, and can detect anomalous events that can be investigated on a daily basis. - Understand Imagen's technical footprint, identify possible threat entry-points, and come up with high-quality, efficient ways to safeguard against them. - Play a key role in our Incident Response lifecycle. - Partner with key internal stakeholders to improve and maintain the security of Imagen’s medical devices. - Be responsible for maintaining our security awareness training tool and triage our phishing alerts and tests. - Create detailed documentation for investigations and troubleshooting. Qualifications - At least 2 years experience as a security analyst, incident analyst, working in a Security Operations Center (SOC), or equivalent education. - Knowledge of working with a SIEM. - Experience with modern endpoint security solutions. - High standards and the ability to plan, prioritize, and manage competing priorities to ensure deadlines are met. - Have (at least minimal) knowledge of Digital Forensics. - Enjoys working with technical and non-technical stakeholders. Preferred Qualifications - Understand a coding or a scripting language (Python, Bash, Powershell, etc). - Comfortable with working inside CLI interfaces. - Compliance experience (e.g., HIPAA, HITRUST, or SOC2). - Security certification such as an OSCP, GCIH, GCFA, or similar. - Own our security tools (e.g., SIEM, endpoint security solutions, vulnerability scanners, compliance managers, password managers, etc.) with the goal of creating and fulfilling effective baselines. - Proactively identify tools and perform projects across the cybersecurity and compliance domains as necessary to improve Imagen’s systems and operations. Compensation The base salary for the position is between $80,000 - $90,000, plus equity and benefits. Please note that the range is a guideline, and individual total compensation will vary based on factors such as qualifications, skill level, competencies, and work location. Equal Employment Opportunity Imagen is committed to the principle of equal employment opportunity for all employees and applicants for employment and prohibits discrimination and harassment of any kind without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. Imagen will not tolerate discrimination or harassment based on any of these characteristics. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training. Substance Abuse Policy Imagen Technologies maintains a Substance Abuse and Testing policy. Being under the influence of alcohol or controlled substances while on the job or while conducting business on Imagen’s behalf is prohibited. Imagen reserves the right to test any applicant or employee for alcohol and/or drug use, subject to compliance with any applicable state and/or federal laws.