Job ID: SC-7882 (910090901)
Hybrid/Local Security Analyst/Officer (CISSP/CISM/ISO) with NIST/CIS, policy/compliance/risk management experience
Location: Columbia, SC (SCDOI)
Duration: 12 Months
Position: 1
Work Location: Hybrid – the first month will be fully onsite (5 days/week) and then move to 3 days in office/2 remote after the first month.
Candidate Location: Candidate MUST be a SC resident or willing to relocate to SC prior to starting the role at their own expense.
Qualifications
• A Bachelor’s Degree in information technology, computer science, related technical field, or an Associate’s Degree in information technology, computer science or related field and two years of relevant work experience, or a High School Diploma with five years of relevant work experience.
• 3+ years of experience in information security, policy development, or compliance.
• 3+ years of experience with security frameworks (e.g., NIST, ISO 27001, CIS Controls).
• Excellent writing and communication skills.
• Certifications such as CISSP, CISM, or ISO 27001 Lead Implementer are a plus.
Overview
We’re seeking a proactive and detail-oriented Information Security Officer to lead the implementation of security policies and procedures across our organization. This role is critical in shaping our security posture, ensuring compliance with industry standards, and fostering a culture of security awareness.
Key Responsibilities
• Review and implement new information security policies that have been developed for South Carolina State Agencies.
• Collaborate with stakeholders to ensure policies are practical, enforceable, and tailored to organizational needs.
• Maintain a comprehensive policy repository and ensure timely updates.
• Translate high-level policies into actionable procedures and guidelines for technical and non-technical teams.
• Develop clear, concise documentation that supports training, audits, and operational consistency.
• Ensure procedures are accessible and understandable across departments.
• Compliance & Risk Management
• Monitor compliance with internal policies and external regulations
• Conduct risk assessments and recommend mitigation strategies.
• Support internal and external audits by providing documentation and evidence of compliance.
• Assist in developing security awareness programs and training materials.
• Provide guidance and support to teams on policy interpretation and implementation.
• Stay current with emerging threats, technologies, and best practices.
• Recommend enhancements to existing policies and procedures based on evolving risks and feedback.
SCMSP_Candidate_Cover_Sheet_Updated.docx