Job ID: SC-8404 (912591022)
Hybrid/Local Security Analyst/Architect (CISA/CISSP/CISO/CEH/OSCP/GPEN) with IAM (must)/SSO/MFA/AD, Python, Bash, Linux/Windows, networking, SIEM, NIST/CSF/CJIS/IRS 1075/CMS MARS-E, Application Security experience
Location: Columbia, SC (ADMIN)
Duration: 12 Months
25% Hybrid schedule to be determined by manager.
Candidate Location: Open to Nationwide US candidates, must be willing to relocate to SC prior to starting the role at their own expense
REQUIRED SKILLS (RANK IN ORDER OF IMPORTANCE):
• FIVE YEARS OF EXPERIENCE AND EXPERT UNDERSTANDING OF IDENTITY AND ACCESS CONTROL, LOGGING AND REPORTING SYSTEMS
• FIVE YEARS OF EXPERIENCE AND EXPERTISE IN AUTOMATION DEVELOPMENT USING TOOLS SUCH AS PYTHON AND BASH
• CYBER SECURITY AWARENESS AND UNDERSTANDING
• FIVE YEARS OF EXPERIENCE WITH LINUX, WINDOWS, NETWORK SECURITY PROTOCOLS AND PROCEDURES
• FIVE YEARS OF EXPERIENCE IN SUPPORTING LARGE IT ENVIRONMENTS AND/OR SYSTEM DEPLOYMENTS PREFERRED SKILLS (RANK IN ORDER OF IMPORTANCE):
• SIEM ANALYSIS AND REPORTING
• SECURITY FRAMEWORKS: NIST, CSF, CJIS, IRS 1075, CMS MARS-E
• APPLICATION SECURITY (APPSEC)
REQUIRED EDUCATION/CERTIFICATIONS:
• BACHELOR’S DEGREE IN AN
INFORMATION TECHNOLOGY OR
INFORMATION SECURITY RELATED
FIELD
• EIGHT YEARS OF RELEVANT WORK
EXPERIENCE MAY BE SUBSTITUTED IN LIEU OF EDUCATION
PREFERRED EDUCATION/CERTIFICATIONS:
• CISSP, CISA, CISO OR EQUIVALENT ADVANCED SECURITY CERTIFICATION.
• ADDITIONAL RELEVANT CERTIFICATIONS (E.G., CEH, OSCP, GPEN).
• VENDOR CERTIFICATIONS IN SIEM OR LOGGING TECHNOLOGIES.
Required Skills:
• 5+ YEARS OF EXPERIENCE AND EXPERT UNDERSTANDING OF IDENTITY AND ACCESS CONTROL, LOGGING AND REPORTING SYSTEMS
• 5+ YEARS OF EXPERIENCE AND EXPERTISE IN AUTOMATION DEVELOPMENT USING TOOLS SUCH AS PYTHON AND BASH
• 5+ YEARS OF EXPERIENCE WITH LINUX, WINDOWS, NETWORK SECURITY PROTOCOLS AND PROCEDURES
• 5+ YEARS OF EXPERIENCE IN SUPPORTING LARGE IT ENVIRONMENTS AND/OR SYSTEM DEPLOYMENTS
Preferred Skills:
• SIEM ANALYSIS AND REPORTING
• SECURITY FRAMEWORKS: NIST, CSF, CJIS, IRS 1075, CMS MARS-E
• APPLICATION SECURITY (APPSEC)
Education Requirement
BACHELOR’S DEGREE IN AN INFORMATION TECHNOLOGY OR INFORMATION SECURITY RELATED FIELD OR EIGHT YEARS OF RELEVANT WORK EXPERIENCE MAY BE SUBSTITUTED IN LIEU OF EDUCATION
Key duties and Responsibilities:
• PREFERENCE WILL BE GIVEN TO A CANDIDATE WHO CAN WORK ONSITE OVER HYBRID OVER FULL-TIME REMOTE (ON-SITE AS NEEDED).
• IDENTITY AND ACCESS MANAGEMENT – ENSURING THAT APPROPRIATE IDENTITY MANAGEMENT, SINGLE SIGN ON, MULTI-FACTOR AUTHENTICATION, ACTIVE DIRECTORY AND APPLICATIONS ARE PROPERLY IMPLEMENTED AND CONFIGURED TO SUPPORT IT AND SECURITY OPERATIONS
• RESPONSIBLE FOR AUTOMATION DEVELOPMENT AND IMPLEMENTATION OF DISPARATE SECURITY AND ENTERPRISE IT TOOLS
• RESPONSIBLE FOR PLANNING, DESIGNING, DEVELOPMENT AND IMPLEMENTATION OF ENTERPRISE SECURITY SOLUTIONS THAT ALIGN WITH BUSINESS GOALS AND RISK TOLERANCE.
• DESIGN, DEPLOY AND MANAGE COUNTERMEASURES TO KNOWN SECURITY THREATS AND DEVELOP PREVENTATIVE MITIGATION STRATEGIES FOR NEW AND EMERGENT THREATS TO ENTERPRISE DATA, NETWORKS AND ASSOCIATED SERVICES.
• ENSURE, VALIDATE AND MEASURE THE CONSISTENT APPLICATION OF PROTECTIVE MEASURES THROUGHOUT THE ENTERPRISE BUSINESS APPLICATION AND INFRASTRUCTURE SUPPORT ENVIRONMENTS. TAKE APPROPRIATE ACTION TO PROTECT STATE DATA AND TECHNOLOGY SERVICES.
DAILY DUTIES / RESPONSIBILITIES:
PREFERENCE WILL BE GIVEN TO A CANDIDATE WHO CAN WORK ONSITE OVER HYBRID OVER FULL-TIME REMOTE (ON-SITE AS NEEDED).
• IDENTITY AND ACCESS MANAGEMENT – ENSURING THAT APPROPRIATE IDENTITY MANAGEMENT, SINGLE SIGN ON, MULTI-FACTOR AUTHENTICATION, ACTIVE DIRECTORY AND APPLICATIONS ARE PROPERLY IMPLEMENTED AND CONFIGURED TO SUPPORT IT AND SECURITY OPERATIONS
• RESPONSIBLE FOR AUTOMATION DEVELOPMENT AND IMPLEMENTATION OF DISPARATE SECURITY AND ENTERPRISE IT TOOLS
• RESPONSIBLE FOR PLANNING, DESIGNING, DEVELOPMENT AND IMPLEMENTATION OF ENTERPRISE SECURITY SOLUTIONS THAT ALIGN WITH BUSINESS GOALS AND RISK TOLERANCE.
• DESIGN, DEPLOY AND MANAGE COUNTERMEASURES TO KNOWN SECURITY THREATS AND DEVELOP PREVENTATIVE MITIGATION STRATEGIES FOR NEW AND EMERGENT THREATS TO ENTERPRISE DATA, NETWORKS AND ASSOCIATED SERVICES.
• ENSURE, VALIDATE AND MEASURE THE CONSISTENT APPLICATION OF PROTECTIVE MEASURES THROUGHOUT THE ENTERPRISE BUSINESS APPLICATION AND INFRASTRUCTURE SUPPORT ENVIRONMENTS. TAKE APPROPRIATE ACTION TO PROTECT STATE DATA AND TECHNOLOGY SERVICES.
SCMSP_Candidate_Cover_Sheet_Updated_08.2025 (1).docx