Job ID: SC-10790 (91259030)
Remote/Local Security Analyst (CISSP/Security+) with LINUX, Windows, Network, NISY/CSF/CJIS, IRS 1075, SIEM, CRIBL and CMS experience
Location: Columbia, SC (SCDOT)
Duration: 12 Months
Work Location: Fully Remote
ADDITIONAL DUTIES & SKILLS:
• STRONG UNDERSTANDING OF ENTERPRISE SECURITY ARCHITECTURE AND ENGINEERING PRINCIPLES.
• KNOWLEDGE OF CYBERSECURITY BEST PRACTICES, THREAT DETECTION, AND DEFENSIVE SECURITY STRATEGIES.
• EXPERIENCE WITH LINUX AND WINDOWS OPERATING SYSTEMS, INCLUDING SYSTEM HARDENING AND SECURITY CONFIGURATION.
• UNDERSTANDING OF NETWORKING CONCEPTS, SECURITY PROTOCOLS, AND SECURE SYSTEM DESIGN.
PREFERRED SKILLS (RANK IN ORDER OF IMPORTANCE):
• HANDS-ON SIEM ADMINISTRATION, ANALYSIS, AND REPORTING EXPERIENCE.
• EXPERIENCE BUILDING AND DEPLOYING LINUX-BASED SECURITY SENSORS.
• FAMILIARITY WITH SECURITY FRAMEWORKS AND COMPLIANCE STANDARDS SUCH AS NIST CSF, CJIS, IRS 1075, AND CMS MARS-E.
• RESOURCES LOCAL TO COLUMBIA, SC OR A SURROUNDING CITY IN SOUTH CAROLINA .
REQUIRED EDUCATION/CERTIFICATIONS:
• BACHELOR’S DEGREE IN AN
INFORMATION TECHNOLOGY OR
INFORMATION SECURITY RELATED
FIELD
• EIGHT YEARS OF RELEVANT WORK
EXPERIENCE MAY BE SUBSTITUTED IN LIEU OF EDUCATION
• FIVE YEARS OF EXPERIENCE IN SUPPORTING LARGE IT ENVIRONMENTS AND/OR SYSTEM DEPLOYMENTS
• 5+ YEARS OF EXPERIENCE IMPLEMENTING AND SUPPORTING ENTERPRISE SECURITY TOOLS (SIEM, CRIBL, XDR, VULNERABILITY MANAGEMENT, DLP, ENDPOINT SECURITY).
• 5+ YEARS OF EXPERIENCE DEVELOPING AUTOMATION AND INTEGRATIONS USING SCRIPTING LANGUAGES SUCH AS PYTHON AND BASH.
PREFERRED EDUCATION/CERTIFICATIONS:
• CISSP
• Security+
DAILY DUTIES / RESPONSIBILITIES:
PREFERENCE WILL BE GIVEN TO A CANDIDATE WHO CAN WORK ONSITE OVER HYBRID AND OVER FULL-TIME REMOTE (ON-SITE AS NEEDED).
• ASSIST IN THE PLANNING, DESIGN, DEPLOYMENT AND OPERATIONAL SUPPORT OF ENTERPRISE SECURITY PLATFORMS, INCLUDING:
SECURITY INFORMATION AND EVENT MANAGEMENT (SIEM)
EXTENDED DETECTION AND RESPONSE (XDR)
VULNERABILITY MANAGEMENT PLATFORMS AND PROCESSES
DATA LOSS PREVENTION (DLP) SOLUTIONS
SECURITY AWARENESS AND TRAINING PLATFORMS
• SUPPORT THE DEVELOPMENT AND MATURATION OF THE ENTERPRISE VULNERABILITY MANAGEMENT PROGRAM, INCLUDING SCANNING, REPORTING, REMEDIATION TRACKING AND METRICS.
• BUILD, DEPLOY, CONFIGURE, AND MAINTAIN LINUX-BASED SECURITY SENSORS AND RELATED ENDPOINT MONITORING TOOLS.
• ASSIST IN THE INTEGRATION AND AUTOMATION OF DISPARATE SECURITY AND ENTERPRISE IT TOOLS USING SCRIPTING AND ORCHESTRATION TECHNOLOGIES.
• COLLABORATE WITH SECURITY ARCHITECTS TO DESIGN AND IMPLEMENT ENTERPRISE SECURITY SOLUTIONS THAT ALIGN WITH LEADERSHIP’S BUSINESS GOALS, REGULATORY REQUIREMENTS AND ORGANIZATIONAL RISK TOLERANCE.
• DESIGN, DEPLOY AND MANAGE COUNTERMEASURES TO ADDRESS KNOWN SECURITY THREATS AND CONTRIBUTE TO MITIGATION STRATEGIES FOR EMERGING THREATS TO ENTERPRISE DATA, SYSTEMS AND SERVICES.
• ENSURE CONSISTENT APPLICATION OF SECURITY CONTROLS ACROSS ENTERPRISE INFRASTRUCTURE AND APPLICATIONS; VALIDATE CONTROL EFFECTIVENESS AND RECOMMEND IMPROVEMENTS.
• SUPPORT INCIDENT DETECTION AND RESPONSE ACTIVITIES THROUGH MONITORING, LOG ANALYSIS AND REPORTING.
• DEVELOP TECHNICAL DOCUMENTATION, IMPLEMENTATION GUIDES AND STANDARD OPERATING PROCEDURES AS NEEDED.
• PERFORM OTHER DUTIES AS ASSIGNED IN SUPPORT OF THE DEPART OF ADMINISTRATION’S DIVISION OF INFORMATION SECURITY.
SCMSP_Candidate_Cover_Sheet_Updated-6.docx