Data Modeling Engineer (Security Architect - Consultant)

Job ID: 11439 Client: State of South Carolina, Department of Administration's Division of Information Security Employment Type: Contract Duration: 12 Months (with possibility for extension) Work Location: 100% Remote. Note: Open to nationwide candidates with no SC residency required. However, preference will be given to candidates who can occasionally work onsite in Columbia, SC, to perform local administrative tasks. All travel-related costs for onsite work are the responsibility of the candidate. Work Schedule: Standard business hours. Candidate MUST be willing to participate in an on-call roster. Interview Process: 1-2 Rounds of Virtual Interviews (Camera On)

The State of South Carolina is seeking a Data Modeling Security Engineer focused on Cribl ingestion within the Department of Administration's Division of Information Security.

The successful candidate will demonstrate extensive experience successfully designing, implementing, and maintaining data modeling using Cribl for log ingestion in large-scale security environments. This contractor will work alongside a large enterprise security team to assist full-time security architects and engineering staff with the design, implementation, and integration of Cribl data modeling to enhance existing technologies and programs.

In addition to data modeling Cribl pipelines, this role requires providing hands-on technical support across multiple security disciplines, including SIEM, XDR, Vulnerability Management, Data Loss Prevention (DLP), Security Awareness, endpoints, Linux sensor deployment, and security automation initiatives.

Primary Responsibilities:

• Assist in the planning, design, deployment, and operational support of enterprise security platforms, heavily focusing on:

  • Cribl data modeling and log pipeline ingestion.

  • Security Information and Event Management (SIEM).

  • Assisting with the design and configuration of Linux-based security sensors and endpoint monitoring tools.

Secondary Responsibilities:

• Assist in the planning, design, deployment, and operational support of enterprise security platforms, including:

  • Extended Detection and Response (XDR).

  • Vulnerability Management platforms and processes.

  • Data Loss Prevention (DLP) solutions.

  • Security Awareness and training platforms.

General Security Architecture Duties:

• Collaborate with security architects to design and implement enterprise security solutions that align with leadership's business goals, regulatory requirements, and organizational risk tolerance.

• Design, deploy, and manage countermeasures to address known security threats and contribute to mitigation strategies for emerging threats to enterprise data, systems, and services.

• Ensure consistent application of security controls across enterprise infrastructure and applications; validate control effectiveness and recommend improvements.

• Support incident detection and response activities through monitoring, log analysis, and reporting.

• Develop technical documentation, implementation guides, and standard operating procedures as needed.

• Perform other duties as assigned in support of the Department of Administration's Division of Information Security.

Required Skills:

• Cribl data modeling and log pipeline design and implementation.

• Strong understanding of enterprise security architecture and engineering principles.

• Experience implementing and supporting enterprise security tools (SIEM, XDR, Vulnerability Management, DLP, endpoint security).

• Experience developing automation and integrations using scripting languages such as Python and Bash.

• Knowledge of cybersecurity best practices, threat detection, and defensive security strategies.

• Experience with Linux and Windows operating systems, including system hardening and security configuration.

• Understanding of networking concepts, security protocols, and secure system design.

Preferred Skills:

• Hands-on Cribl data modeling experience.

• Hands-on SIEM administration, analysis, and reporting experience.

• Experience building and deploying Linux-based security sensors.

• Familiarity with security frameworks and compliance standards such as NIST CSF, CJIS, IRS 1075, and CMS MARS-E.

• Education: Bachelor's degree in an Information Technology or Information Security-related field. (Note: Eight years of relevant work experience may be substituted in lieu of education).

• Experience: 5+ years of experience supporting large IT environments and/or system deployments.

• Preferred Certifications: CISSP, Security+

These requirements are strictly enforced and non-negotiable by the State of South Carolina. No exceptions can be granted. Candidates who cannot pass these requirements will not be eligible for hire.

• All applicants must successfully pass a full credit check and a criminal background check during the initial hiring process.

• Once onboarded, the candidate must obtain and retain annual CJIS certification as part of the ongoing employment process.