Senior Information Security GRC Analyst

11518 - Senior Information Security GRC Analyst

Location - Columbia SC

Duration - 12 Months

Start Date - 13 July 2026

Last Date of submission - 1 July 2026

The State of South Carolina is looking for a Senior Information Security GRC Analyst (Security Analyst - Consultant)

Why is this position open: New Position to assist DIS with the execution of its responsibilities under the statewide information security program.

Interview Process: 1-2 Rounds of Virtual Interviews. In person availability for interviews preferred.

Work Location: Role is 100% Remote. Preference will be given to local candidates who can come to the office as needed for client and departmental meetings, trainings, and other onsite activities.

Candidate location: No South Carolina residency required. Open to nationwide candidates. All travel-related costs for onsite work will be the responsibility of the resource no matter the frequency of onsite work.

Required skills

10+ Years of Experience in Information Security and Compliance.

2+ Years of Experience with security audits based on a standard control set as an auditor or responding information system security officer

Must Have a Strong Working Knowledge of NIST 800-53 (2 Years of Experience)

Prior Experience POA&M or CAP.

Strong Communication Experience.

Experience With Using A GRC Tool (Archer or Similar) (3 Years of Experience)

Education - Bachelor's Degree - field of study is open, but the degree must be complete and verifiable

Preferred skills

Have completed an information security plan or system security plan notebook.

Simultaneously, manage multiple infosec work efforts.

Knowledge of IRS 1075, HIPAA, CJIS, MARS-E and/or PCI-DSS.

Government sector experience

Certification - CISA, GSLC, or equivalent certification

Scope of the project:

This position with be perform duties as part of DIS execution of its responsibilities under the statewide information security program. DIS Responsibilities include:

• Supporting agencies during their development of the information security program with direct tactical implementation assistance.
• Developing and tracking agency information security implementation plans.
• Interview administrators, managers and third parties to aid in development of program artifacts.
• Ensuring high-level assessments of agencies infosec work to ensure progress is made.
• Providing high-level analysis of process and procedures work to ensure compliance with state standards

Daily Duties / Responsibilities:

Duties include, but are not limited to:

• Interviewing business and technical owners to determine policies and procedures used for each agency process.
• Developing and tracking infosec implementation plan progress.
• Documenting information gathered during both interviews and
• Document reviews to assist with developing formal process and procedures.
• Assessing agency documentation to ensure adequate approaches are used to comply with controls.