Talent.com
1.20 Security Analyst

1.20 Security Analyst

Focused HR SolutionsColumbia, South Carolina, United States
30+ days ago
Job type
  • Full-time
  • Quick Apply
Job description

This job is 100% on-site in Columbia, SC

Our direct client has an opening for a Security Analyst 10965-1

This position is up to 12 months, with the option of extension, and is in Columbia, SC

Corp to Corps are NOT allowed for this client. W2 Only.

DAILY DUTIES / RESPONSIBILITIES :

  • The Security Analyst is primarily responsible for assessing and evaluating the organization’s information & cyber security solutions and processes, as well as providing technical advisory to influence the design and implementation of security information technology systems and networks.
  • The Security Analyst will guide junior analysts (Security Analyst I and II) to identify and address risks and lead the response to information security issues.
  • Candidates should be self-starters, creative problem solvers, and have an eagerness to implement tactics, techniques, and procedures that make the most effective use of Agency staff, resources, products, and technologies quickly.

Technical Knowledge :

  • Understanding of information technology and security concepts.
  • Experience or knowledge of operating systems (e.g., Android, iOS, Linux, Windows, MVS, VMWare), cloud computing, networks, hardware and software platforms, and protocols as they relate to information security.
  • Experience or knowledge in performing vulnerability assessments, including scanning, analysis of results, and manual validation.
  • Experience with secure networking technologies such as network firewalls and IDS / IPS technologies, Network Security Monitoring expertise, and Security Information and Event Management (SIEM) systems.
  • Experience in information security incident response and risk management.
  • Experience managing and responding to information security risks, threats, and incidents.
  • Threat and vulnerability management; awareness of current threats to confidentiality, integrity, and availability of data and controls to mitigate threats.
  • Strong working knowledge of applicable internal and / or external regulatory policies, standards, procedures, and controls (e.g., Centers for Medicaid and Medicare (CMS) MARS-E 2.0, National Institute of Standards and Technology (NIST), Control Objectives for Information and Related Technology (COBIT), and Federal Risk and Authorization Management Program (FedRAMP).
  • Experience or knowledge of the development and integration of RMF tasks and artifacts into the System Development Life Cycle (SDLC) is ideal.
  • Experience or knowledge in security as related to multi-tenant, cloud services, and vendor interface management would be considered desirable for this position.
  • Working knowledge of TCP / IP and the functioning of its component protocols, ability to read, and analyze, using various toolsets such as tcpdump, wireshark, etc; how they work and what information they produce will be beneficial in this role.
  • Understanding basic defense-in-depth principles such as and secure system configuration, network segmentation, and malicious code protection is a plus.

    • Information Systems’ Security Experience :

  • Experience working in a SOC environment is preferred.
  • Experience in operating and contributing to a security operations center responding to alerts and anomalies, creating and interpreting dashboards and triaging cross-functional teams is preferred.
  • Hands-on experience in the secure implementation, operation and on-going maintenance of computer systems, software, hardware and networks is preferred.

    • General Duties and Responsibilities :

  • Assist in the day-to-day duties of SOC monitoring activities, tools and processes
  • Provide hands-on support for OCS security tools
  • Conduct threat hunts (specialized searches) for evidence of compromise
  • Monitor security technologies for alerts
  • Investigating incidents, gathering evidence, and analyzing data
  • Analyze anomalous activity and potential threats to Agency connected resources
  • Collaborate with OCS Staff and other agency staff, leadership, business partners and other parties / stakeholders to support security and compliance risk mitigation efforts
  • Other duties as assigned

    • REQUIRED SKILLS (RANK IN ORDER OF IMPORTANCE) :

  • Experience with incident response procedures and practices
  • Must be willing to learn and take on new tasks
  • Willingness to work independently and as a member of a team
  • Willingness to collaborate and coordinate with multiple teams and vendors
  • Ability to multitask and prioritize tasks effectively in order to effectively report on the status of assigned work
  • Ability to multitask and prioritize tasks effectively in order to meet deadlines in a results-oriented environment
  • Must have intermediate skills in Microsoft Office products (Word, Excel, PowerPoint, Visio) to include working with templates and style guidelines for branding consistency
  • Strong understanding of enterprise operations & secure best practices
  • Ability to absorb, retain and communicate processes
  • Strong written and verbal communication skills.
  • Ability to accept changes and constructive criticism and remain flexible in dealing with leadership and teams of varying technical and business knowledge.

    • PREFERRED SKILLS (RANK IN ORDER OF IMPORTANCE) :

  • Prior Health Information Technology experience
  • Centralized Log Management experience
  • Familiarity with security regulatory requirements and standards (such as NIST 800 series, MARS-E)
  • Experience performing or supporting information security compliance assessments and audits
  • Work and / or consulting experience in federal, state, city or local government.

    • REQUIRED EDUCATION / CERTIFICATIONS :

  • High school diploma with six years of relevant work experience

    • PREFERRED EDUCATION / CERTIFICATIONS :

  • Bachelor's degree in information technology, computer science, related technical field- with a minimum of 3 years relevant work exp.
  • Information Security certifications such as : CompTIA, ISC(2), SANS GIAC, CCNA Security, or similar
  • SERVER ADMINISTRATION No 4 Intermediate Within 5 Years 2 - 4 Years
  • Cloud cloud platforms / environments No 2 Advanced Within 5 Years 4 - 6 Years
  • High School Diploma Yes 1 Advanced Currently Using 2 - 4 Years
  • Bachelor's Degree No 3 Advanced Within 10 Years 2 - 4 Years
  • Technical Certifications No 3 Advanced Within 10 Years 2 - 4 Years
  • Knowledge of information technology field, best practices, organization and operations Yes 1 Expert Currently Using 4 - 6 Years
  • Consulting Experience No 1 Intermediate Within 10 Years 2 - 4 Years
  • Cybersecurity Yes 1
  • Expert Currently Using 4 - 6 Years
  • Experience in projects involving PCI / NIST security implementations and / or audits. No 1 Intermediate Within 10 Years 2 - 4 Years
  • Penetration Testing No 4 Intermediate Within 5 Years 1 - 2 Years
  • Network Security risk / vulnerability assessments No 4 Intermediate Within 5 Years 2 - 4 Years
  • Network Security Security Information Event Management (SIEM) systems development / configuration No 1 Advanced Within 5 Years 4 - 6 Years
  • INCIDENT MANAGEMENT Yes 1 Advanced Within 5 Years 4 - 6 Years
  • Information Security Yes 1 Expert Currently Using 4 - 6 Years
  • Network security No 1 Advanced Within 5 Years 4 - 6 Years
  • Linux Yes 1 Advanced Within 2 Years 4 - 6 Years
  • Windows Yes 1 Advanced Within 2 Years 4 - 6 Years
  • Microsoft Yes 2 Advanced Currently Using 4 - 6 Years
  • Experience working with risk management No 1 Advanced Within 5 Years 2 - 4 Years
  • Firewall No 1 Advanced Within 5 Years 2 - 4 Years
  • Software Framwork Software development life cycle (SDLC) No 5 Advanced Within 5 Years 4 - 6 Years
  • NIST Security Yes 1 Advanced Within 2 Years 4 - 6 Years
  • Medicaid or healthcare experience No 1 Intermediate Within 10 Years 4 - 6 Years
  • Additional Skills : Incident response - required
  • Strong understanding of enterprise operations & secure best practices- required
  • Strong understanding of information technology and security concepts - required
  • Cyber security operations - required
  • (SLED) Check via the website Candidate

    • By replying to this job advertisement, I agree I want to receive additional job advertisements from Focused HR Solutions, including email, phone and mail to the contact information I am submitting. I consent to Focused HR Solutions, its affiliates, third parties and partners processing my personal data for these purposes and as described in the Privacy Policy. I understand that I can withdraw my consent at anytime.

    FHR

    Create a job alert for this search

    Security Analyst • Columbia, South Carolina, United States