Security Analyst Consultant

Daily Duties / Responsibilities:

This is a hands-on technical role reporting to the Office of Cybersecurity SOC lead.

The analyst will support SCDHHS leadership business units partners and vendors in day-to-day cybersecurity operations.

Security Program Experience:

Strongly desired experience includes:

• CMS ARC-AMPE HIPAA NIST or other FISMA RMF frameworks
  
• Performing repeatable security processes supporting compliant enterprise architectures
  
• Supporting security considerations for multi tenant cloud environments and vendor integrations

Technical Experience:

Candidates should have hands-on experience with:

1. Secure network design principles
2. Windows macOS and Linux operating systems
3. Switching and Routing
4. Enterprise Firewalls
5. Network auditing
6. IDS/IPS platforms
7. Network security monitoring
8. SIEM platforms such as QRadar Splunk (Preferred)
9. Vulnerability scanning tools (Nessus Qualys etc.)
10. Cloud Infrastructure Security (Preferred)

Essential Responsibilities:

1. Assist in maturing network security and compliance solutions

1. Investigate and respond to daily network alerts

1. Perform network security assessments for proposed firewall and infrastructure changes

1. Conduct technical analysis for network security planning and engineering

1. Review and assessment of connectivity website block and firewall rule requests to ensure they do not present an elevated risk to the agency

1. Analyze on-premise and cloud networks for potential threats

1. Develop review and analyze network traffic reports that violate the agencys approved standards governing Ports Protocols and Services.

1. Monitor emerging threat vectors and recommend countermeasures

1. Collaborate with other areas of the agency to implement security controls

1. Support cloud and on-premise network changes and enhancement projects

1. Ensure compliance with ARC-AMPE HIPAA and SCDIS-200

1. Assist with KPI creation and trend report monitoring

1. Participate in firewall configuration reviews and ruleset recertification

1. Provide guidance on best practices to technical teams

1. Perform additional SOC duties as assigned

Required Skills (rank in order of Importance):

1. Approximately 3-5 years of hands-on experience in network design implementation or support
2. Hand-on experience in IT security or system administration
3. Working knowledge of secure network design security architecture compliance tools data protection and access models
4. Ability to analyze logs alerts and network telemetry.
5. Proficiency with Microsoft Office tools

Preferred Skills (rank in order of Importance):

1. Experience working in regulatory environments
2. Experience supporting health IT or state government.
3. Familiarity with FISMA NIST CMS ARC-AMPE and HIPAA security and privacy standards
4. Cloud network security controls (Azure or AWS).

Preferred Skills (rank in order of Importance):

1. Experience working in regulatory environments
2. Experience supporting health IT or state government.
3. Familiarity with FISMA NIST CMS ARC-AMPE and HIPAA security and privacy standards
4. Cloud network security controls (Azure or AWS).

Preferred Education/Certifications:

1. CISSP or Security