This is a remote position.
· Performing highly advanced (senior-level) consultative services and technical assistance work related to supporting the CAPPS Program.
· Responsible for the(CAPPS) security framework, which includes but is not limited to:.
Manage and enforce role‑based access control (RBAC) and least‑privilege models within CAPPS and connected systems.
Design and maintain segregation‑of‑duties (SoD) rules; identify and remediate SoD conflicts across business processes.
Review and validate security roles, permission sets, and custom authorizations within CAPPS and all ancillary systems.
Monitor and analyze authentication, authorization, and privilege‑escalation logs for suspicious behavior and coordinate any findings with CPA Information Security Office.
Oversee secure integration of third‑party apps via SAML, OAuth, OIDC, SCIM, and custom APIs.
Validate CAPPS application changes, customizations, and workflows for security and compliance impact.
Respond to and investigate identity‑related security incidents, including account compromise, unauthorized access, and fraud indicators.
Maintain standards for security, performance, compliance, and architecture.
· Responsible for ensuring that all digital products and content meet WCAG 2.1 accessibility standards. This includes maintaining perceivable, operable, understandable, and robust experiences for all users, regularly reviewing content for compliance, and implementing updates or remediation whenever accessibility issues are identified.
Reviewing and suggesting approval for all assigned Security Deliverables related to CAPPS Architecture, CAPPS System Development Lifecycle, Disaster Recovery, CAPPS Security Plans (SSP), and all CAPPS related Security plans related to CAPPS applications currently and planning for the future.
Service Desk Support
· Plans, designs, develops, deploys, supports and maintains system configurations and modifications for CPA’s CAPPS HR/Payroll application to ensure the system produces accurate data, performs efficiently, and adheres to applicable policies.
· Performs highly advanced analysis and participates in special projects and cyclic processes in support of CPA’s CAPPS HR/Payroll application which may include but is not limited to production expansion projects (i.e., agency deployments of CAPPS, new agency creation, deployment of new functionality), fiscal year end closer, legislative system changes, third-party integrations, PeopleSoft Image upgrades and/or decommissioning functionality.
· Supports CAPPS agencies with discovery, prototyping, configuration, security, conversion, integration, and acceptance testing for either implementation or post-production support.
· Provides Level 2 Service Desk duties inclusive of, but not limited to ticket handling for complex issues, in-depth troubleshooting, well documented analysis, and basic configurations following an established and auditable process. All work is done in cooperation and collaboration with a Managed Services vendor that is responsible for all Level 3 duties.
· Performs all duties following CPA’s processes, policies, and procedures within project scope and on schedule accordance with milestones, deliverables, and due dates.
· Works under minimal supervision, relying on experience and judgment to plan and accomplish goals, independently performing a variety of complicated tasks. Established processes and procedures must be followed.
· Performs all work in accordance with Information Technology Infrastructure Library (ITIL) principles and practices for IT activities such as IT service management (ITSM) and IT asset management (ITAM) that focus on aligning IT services with the needs of the business.
· Actively responds to and maintains customer ticket requests via the CAPPS Service Desk with current information and statuses, including but not limited to break fixes, incidents, required maintenance, and enhancement requests.
· Actively participates in CPA’s Major Incident Management (MIM) process for P1 and P2 incidents according to module responsibilities.
· Participates in Disaster Recovery and Upgrade Testing activities.
· Assists with expansion activities.
· Makes presentations at CAPPS User Groups.
· Plans, designs, develops, implements, supports, and maintains the information technology security measures to safeguard system information.
· Participates as directed in an annual SOC-1 attestation audit designed to ensure that controls are effectively designed and operated to ensure the accuracy and security of all information contained/processed via CAPPS. Any enhancements, process changes, or system fixes consider security, availability, processing integrity, confidentiality, and privacy as solutions are suggested, approved, and implemented.
· Performing other related Work as assigned.
II. CANDIDATE SKILLS AND QUALIFICATIONS
