CAPPS Security Analyst (Contractor) 304FM202706/304FM202707

RESPEC is seeking a highly experienced CAPPS Security Analyst to support a major Texas state fiscal agency's enterprise ERP and Identity & Access Management (IAM) program. This is a senior-level, long-term engagement supporting the Centralized Accounting and Payroll/Personnel System (CAPPS) — a statewide platform serving over 100 Texas agencies across HR/Payroll, Financials, and ancillary systems.

This is not a generalist security role. The ideal candidate has spent their career in the Texas public sector, knows the CAPPS ecosystem inside and out, and can operate as a trusted technical advisor, security architect, and vendor accountability lead — all at once. If you've been the person other teams call when CAPPS security gets complicated, this role was written for you.

Core Responsibilities:

As the CAPPS Security Analyst, you will serve as the primary subject matter expert for IAM and ERP security across the CAPPS program. You'll own the full identity lifecycle — from account provisioning and de-provisioning to access reviews, RBAC enforcement, and least-privilege modeling — while also designing and maintaining Segregation of Duties (SoD) rules and remediating conflicts across business processes. You'll monitor authentication, authorization, and privilege-escalation logs for anomalies and coordinate findings directly with the client's Information Security Office.

Beyond IAM, you'll oversee the secure integration of third-party applications via SAML, OAuth, OIDC, SCIM, and custom APIs, and validate all CAPPS application changes and customizations for security and compliance impact. You'll serve as the Delegated Administrator Level 3 for Texas Digital Identity Services (TDIS) and act as the agency's internal SME for PathLock products, including User Access Review (UAR), Single Sign-On (SSO), Data Masking, and A360.

On the contract management side, you'll participate in annual IT control audits, review and approve technical deliverables related to CAPPS architecture, SDLC, Disaster Recovery, and Security System Plans (SSPs), and serve as a security advisor during procurement cycles — from drafting technical specifications to evaluating vendor proposals. You'll also coordinate PeopleSoft upgrades (images, Fluid, PeopleTools), maintain architecture and change management documentation, and support reporting on contract KPIs and compliance metrics. Accessibility compliance (WCAG 2.1) is a standing responsibility across all digital products and content you touch.