Security Analyst - Consultant

Security Analyst Consultant

Contract Duration: 12 Months (with possible extension)
Work Location: Hybrid 10311 Wilson Rd, Blythewood, SC 29016 (4 days remote, 1 day on-site)
Candidate Location: Must reside within South Carolina (no relocation allowed)
Interview Process: Virtual (1 round; scheduled 3 4 days after posting closes)

Submission Instructions

Please ensure the following documents are attached:

• SC Cover Sheet (attached)

• Valid Right to Represent (RTR)

• Resume with full legal first and last name

Withdrawn candidates cannot be replaced. If using a sub-vendor (one level deep only), please submit the Sub Vendor Usage Form.

Position Overview

This position is a rebid and will require the consultant to work approximately 15 hours per week. The Security Analyst will play a key role in implementing and maintaining DevSecOps security automation, analyzing system vulnerabilities, and ensuring secure application development across the environment.

Key Duties and Responsibilities

• Champion DevSecOps through Security Automation: Design, implement, and maintain security automation tools. Develop scripts to automate tasks such as data security checks, vulnerability scanning, and access control.

• Monitor and Analyze Security Events: Use SIEM tools to identify threats and suspicious activity. Analyze logs, investigate alerts, and identify security gaps in alignment with frameworks such as NIST, CIS, and CISA.

• Support Secure Application Development: Collaborate with developers to integrate secure coding practices throughout the SDLC. Conduct code reviews, threat modeling, and security consultations.

• Incident Response: Participate in security incident investigations to determine root cause, mitigate risk, and implement recovery procedures.

• Documentation: Develop and maintain clear documentation of security policies, procedures, and best practices. Create training materials and user guides to promote security awareness.

• Provide On-Call Support: Offer support as needed and perform other related duties.

Required Skills

• 5 years of expert-level experience with C#, Python, PowerShell, or Rust

• 1 year of experience applying automation principles using AI, ML, and scripting to streamline security operations

• 3 years of understanding of the Software Development Lifecycle (SDLC) and DevSecOps principles

• 3 years of experience with cloud security (identity & access management, data security, and compliance)

• Strong communication and interpersonal skills, with proven ability to deliver effective documentation and training

• Understanding of Secure by Design principles

Preferred Skills

• 1 year of experience with SIEM tools (configuration, tuning, threat hunting, and alert creation)

• 1 year of experience with security frameworks (NIST, CIS, CISA) in a hybrid environment

• 1 year of experience in data classification and DLP (Data Loss Prevention) configuration

• Experience in incident response processes and security control implementation

• Advanced understanding of hybrid environment security controls

Education Requirement

• Bachelor s degree in Information Technology Systems, Computer Science, Cybersecurity, or related field

  • Equivalent experience may substitute on a year-for-year basis

Preferred Certifications (Not required but preferred)

• Certified Incident Handler (GCIH)

• Certified Computer Security Incident Handler (CSIH)

• EC-Council Certified Incident Handler (ECIH)

• EC-Council Certified Network Defender (CND)

• GIAC Critical Infrastructure Protection (GCIP)

• GIAC Defensible Security Architecture (GDSA)