Security Analyst

Job Description

Job Description

Company / Department culture (why do you enjoy working for the company –

selling points for potential candidates) :

The South Carolina Department of Motor Vehicles (SCDMV) prioritizes secure and

efficient IT systems to ensure the integrity of motor vehicle licensing and titling data.

We cultivate a security-focused culture, guided by our core values of competence,

commitment, and courtesy, where IT professionals play a vital role in protecting

sensitive information and upholding public trust.

Why is this position open (new role, increased workload, new dept, resignation,

promotion)? This is a ReBid.

What types of staffing challenges or headaches have you experienced in the past?

• Quality of Resume

Resume needs to be specific and describe, not just list, candidate’s experience

with the relevant technologies in a professional capacity. Non-professional

experience may be referenced but will not be highly regarded.

Candidate must demonstrate positive attitude and be able to work with a diverse

team of varying skill levels contributing Constructive ideas and criticism.

Excellent communication skills are required.

Scope of the project :

Enhance the security posture of the South Carolina Department of Motor Vehicles

(SCDMV) to protect sensitive citizen data and ensure the integrity of motor vehicle

licensing and titling systems.

Position :

Pre-employment Checks (drug, credit, criminal, motor vehicle)?

Drug, Credit, Criminal

Daily Duties / Responsibilities :

development expertise to design, implement, and maintain security tools and

automation. This includes building scripts to automate critical tasks like data

security checks, vulnerability scanning, and user access control, streamlining

security processes and improving overall efficiency.

security information and event management (SIEM) tools to identify potential

threats and suspicious activity. Along with determine security gaps in these

controls to improve overall security posture. This will also involve analyzing

logs, investigating alerts, and using your knowledge of security frameworks

(NIST, CIS, CISA) to assess risk.

ensure secure coding practices are followed throughout the Software

Development Lifecycle (SDLC). This might involve code reviews, threat

modeling, and providing guidance on secure development principles.

you'll be part of the incident response team, helping to identify the root cause,

mitigate damage, and implement recovery procedures.

concise documentation for security policies, procedures, and best practices.

This may involve creating training materials or user guides to ensure everyone

understands their role in maintaining security.

Required Skills (rank in order of

importance) :

interpersonal skills, with a proven

ability to deliver exceptional

customer service through training

and documentation.

with C#, Python, powershell, and

rust (is a plus)

principles.

automation principles, including the

use of AI, ML, and scripting, to

streamline security tasks.

Software Development Lifecycle

(SDLC) and DevSecOps principles

to integrate security considerations

throughout the application

development process.

security principles, including

Preferred Skills (rank in order of

importance) :

(Security Information and Event

Management) tools, including

configuration, tuning, threat

hunting, and alert creation.

security frameworks, including

NIST, CIS, and CISA, and their

application in a hybrid

environment.

response processes and

experience in implementing them

effectively.

security controls, including their

configuration and

implementation in hybrid

environments.

classification and DLP (Data

Loss Prevention) configuration to

safeguard sensitive information.

identity and access management,

data security, and compliance.

Required Education :

A bachelor's degree in information

technology systems, computer science,

cybersecurity, or a related field. Relevant

experience may be substituted for the

degree on a year-for-year basis

Preferred Certifications :

Not required, however we prioritize

applicants who have :

Certified Incident Handler (GCIH)

Certified Computer Security Incident

Handler (CSIH)

EC-Council Certified Incident Handler

(ECIH)

EC-Council Certified Network Defender

(CND)

GIAC Critical Infrastructure Protection

(GCIP)

GIAC Defensible Security Architecture

(GDSA)

Interview Process (who will conduct i / v,

phone or in-person, how many rounds of

i / v’s)?

Schedule Interview : How soon can

you schedule an interview (date /

times)?

Interviews will be scheduled 3-4 days

after posting closes.

Requirements

Key duties and Responsibilities

Required Skills

Education Requirement

Preferred Skills