Security Analyst – Risk Management Expert (ISSO) Onsite - Columbia, SC (may relocate) #8799

Must agree to work on our W2 directly.

Citizenship : USC or GC (no sponsored candidates at this time)

This job focuses on being an expert at Risk Management .

Security Analyst Risk Management Expert (ISSO)

Location : Columbia, SC (Fully Onsite 5 days / week)

Type : Contract

Duration : 12 months (possibility for extension)

Interview Process : 2 rounds (Virtual & In-Person)

Candidate Location Requirement : Must be a South Carolina resident or willing to relocate prior to start (at own expense)

About the Role

The Senior Information System Security Officer (ISSO) will lead Security, Risk, and Compliance activities supporting ongoing cybersecurity efforts. This role ensures compliance with Federal, State, and agency regulations (FISMA, NIST, CMS MARS-E, HIPAA).

This is a new role created to strengthen risk management and compliance oversight. Candidates who thrive in complex, change-oriented environments and can work independently with minimal supervision will find this position highly rewarding.

Key Responsibilities

Lead establishment, implementation, and enhancement of security / compliance programs.

Develop and maintain RMF / A&A artifacts (SSPs, PIAs, ISAs, CMAs).

Perform architectural reviews and risk analysis (network design, firewall rules, vulnerability management).

Audit and assess internal systems and vendor controls.

Serve as primary contact for third-party audits and assessments.

Review contracts, BAAs, and data-sharing agreements for compliance.

Collaborate with leadership, vendors, and stakeholders to recommend risk mitigation strategies.

Document and report findings using tools such as Archer eGRC, Microsoft Office, Atlassian, Bizagi, and ticketing systems.

Required Skills & Experience

5+ years IT experience auditing / working with IBM System 390 / zSeries, Windows, Linux, databases (relational & non-relational), networking infrastructure, and web applications.

Prior experience in a FISMA-compliant program.

Experience with eGRC systems.

Prior Health Information Technology experience.

Strong knowledge of FISMA, NIST, CMS MARS-E, HIPAA Security & Privacy.

Information Security certification required : ISC(2), ISACA, SANS GIAC, or equivalent.

Ability to work independently and collaboratively across multiple teams / vendors.

Strong communication skills for diverse technical and non-technical audiences.

Intermediate to advanced proficiency in Microsoft Office (Word, Excel, PowerPoint, Visio).

Keen attention to detail with ability to see the big picture.

Preferred Skills & Experience

Bachelor's degree in Computer Science or related field, OR 10+ years of equivalent experience.

Prior ITIL experience in Information Security Management.

Experience with cloud security and vendor management.

Familiarity with technologies such as Archer (eGRC), NoSQL databases, IBM System 390 / zSeries, SIEM solutions, IAM solutions, firewalls, IPS, and routing infrastructure.

Shubham Singh- Sr. Technical Recruiter

Email- shubham@stellentit.com

STELLENT A Nationally Recognized Minority Certified Enterprise

"Happiness can be found, even in the darkest of times, if one only remembers to turn on the light."

• JK Rowling