Security Analyst - Consultant

Overview

On Site
Depends on Experience
Accepts corp to corp applications
Contract - W2

Skills

Information systems security
FISMA compliance
NIST standards
CMS MARS-E
HIPAA Security and Privacy
Risk analysis
Security audits
eGRC systems (Archer)
Cloud security
Vendor management
SIEM
IAM

Job Details

Job : Security Analyst Consultant

Location: Columbia, SC, USA

The Senior Security Analyst will oversee day-to-day security and compliance requirements for complex information systems. The role includes leading security and compliance initiatives, providing guidance to SCDHHS leadership, business units, partners, and vendors, and ensuring adherence to state, federal, and regulatory standards such as FISMA, NIST, CMS MARS-E, and HIPAA.

Key Responsibilities:

  • Lead and actively participate in the implementation and enhancement of information systems security and compliance programs.

  • Perform detailed architectural reviews and risk analyses of security-related requests (network design, system/data access models, firewall rule requests, baseline configuration deviations, vulnerability management).

  • Audit and assess internal agency systems and business partner/service provider security controls.

  • Document and report audit and assessment activities using Microsoft Office, Service Manager, Archer eGRC, Bizagi, and Atlassian tools.

  • Conduct security and compliance reviews of contracts, Business Associate Agreements, Data Usage/Sharing Agreements, and other documentation.

  • Serve as primary contact for third-party audits and assessments of agency and business partner systems.

  • Collaborate with leadership, business partners, and stakeholders to provide security risk mitigation recommendations.

  • Champion the ongoing maturation of SCDHHS security and compliance efforts.

Required Skills & Qualifications:

  • 5+ years of IT experience with auditing/working on IBM System 390/zSeries, Windows, Linux, relational and non-relational databases, networking infrastructure, and web-based applications.

  • Prior experience working within a FISMA-compliant program.

  • Experience with eGRC systems (e.g., Archer).

  • Health Information Technology experience.

  • Strong working knowledge of FISMA, NIST, CMS MARS-E, and HIPAA Security and Privacy requirements.

  • ISC(2), ISACA, SANS GIAC, or equivalent Information Security Certification.

  • Ability to work independently and in teams, collaborate across multiple teams and vendors, multitask, and prioritize effectively.

  • Intermediate to advanced Microsoft Office skills (Word, Excel, PowerPoint, Visio).

  • Strong analytical, problem-solving, and communication skills with attention to detail.

Preferred Skills & Qualifications:

  • Bachelor s degree in Computer Science, Information Systems, or related field (or 10+ years of relevant experience).

  • Prior ITIL experience in Information Security Management.

  • Hands-on experience with cloud services and vendor security management.

  • Knowledge of Security Information and Event Management (SIEM) solutions, Identity and Access Management (IAM), network firewalls, IPS, and switching/routing infrastructure.

Technical Knowledge / Tools (Desirable):

  • Archer (eGRC)

  • Enterprise NoSQL databases

  • IBM System 390/zSeries

  • Linux and Windows servers

  • Network firewalls, IPS, switching/routing

  • SIEM solutions

  • IAM solutions

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

About Refulgent Technologies Inc.