LUSecurity Analyst
4 weeks ago
This position is 100% on-site in Columbia, SC; The Consultant must be located in Columbia, SC, during this contract.
Our direct client has an opening for a Security Analyst -11109-1 This position is 12 months, with the option of extension, and is in the following locations in Columbia, SC
CCNA Security or equivalent (network security-centric) certification is required
SCOPE OF THE PROJECT: The Office of Cybersecurity is tasked with ensuring the confidentiality, integrity and availability of SCDHHS systems and services. A strong candidate for this position should possess HANDS-ON experience in the following: • Data network design and engineering best practices • Strong understanding of routing and switching protocols • Network security best practices • On-premise and cloud networking experience
DAILY DUTIES / RESPONSIBILITIES: This is a HANDS-ON Role
The Network Security Analyst will report to the Office of Cybersecurity SOC Lead and operate as an experienced consultant to SCDHHS leadership, business units, business partners and vendors.
Security Program Experience: Experience with CMS MARS-E, HIPAA or other FISMA Risk Management Framework (RMF) compliant programs is strongly desired and will be given the highest weight. Experience must include well documented success in the performance of security focused processes and procedures supportive of a secure, compliant enterprise architecture.
Experience in security as related to multi-tenant, cloud services and vendor interface management would be considered desirable for this position.
Technical Experience: HANDS-ON experience with any or all of the following would be considered a desirable for this position:
Secure Network Design –All Layers
Windows and Mac end-User Operating systems & Linux
Switching and Routing
Network Firewalls
Network auditing
Intrusion Detection/Prevention Systems (IDPS)
Network Security Monitoring expertise
Security Information and Event Management (SIEM) experience such QRadar, Splunk, etc. (**Plus )
Vulnerability Assessment tools such as Nessus, Qualys, etc.
Cloud Infrastructure Security (**Plus)
Essential Responsibilities:
Assist (and often lead) in the design, development, implementation and/or ongoing maturation of SCDHHS network security and compliance solutions
This position focuses on leading network security assessments against proposed firewall and network infrastructure
Provide technical analysis in network security planning, engineering, and design
Review and assess connectivity and firewall rule requests to ensure they do not present an elevated risk to the Agency, full reviews performed, proper due diligence performed, and proper mitigating controls are put in place
Perform continuous analysis of on-premise and cloud security networks to identify potential threats to the agency
Perform daily analysis and response of alerts generated from network centric platforms
Develop, review, and analyze network traffic reports that violate the agency’s approved standards governing Ports, Protocols and Services.
Awareness of new threat vectors and make recommendations for improved security countermeasures
Collaborate with other areas of the agency to implement countermeasures to detect and prevent adversarial attacks
Assist in developing and designing solutions for enhancements/projects needing network changes in both on-premise and cloud environments
Monitor security systems and reports to maintain compliance with multiple regulations such as MARS-E, SCDIS-200, and HIPAA
Create and assist with managing KPI reports that can be used to identify trends and establish metrics
Perform network security configurations and rules recertification to ensure that the firewall configurations and rulesets meet the business and compliance requirements
Provide direction to infrastructure teams, end-user support, application teams, and business units on best security practices
Other duties may be assigned within the Security Operations
REQUIRED SKILLS (RANK IN ORDER OF IMPORTANCE):
5+ years of HANDS-ON experience in network design, implementation and support
Must have hands-on or educational background in IT Security or System Administration
Deep technical knowledge of secure network design principles, security architecture, network and system compliance tools, data protection schemes and access models.
Must have intermediate skills in Microsoft Office products (Word, Excel, PowerPoint, Visio) to include working with templates and style guidelines for branding consistency.
PREFERRED SKILLS (RANK IN ORDER OF IMPORTANCE):
Prior experience in working in regulatory environment
Prior Health Information Technology experience.
Strong working knowledge of FISMA, NIST, CMS MARS-E and HIPAA Security and Privacy.
REQUIRED EDUCATION/CERTIFICATIONS:
BS degree in Computer Science, or equivalent number of years’ experience may be substituted for lack of a degree
CCNA Security or equivalent (network security-centric) certification is required
Verbal Communication Skills Yes 4 Written Communication Skills Yes 4 Bachelor of Science Degree Yes 2 Technical Certifications Yes 1 Demonstrated knowledge/skills of the IT industry which includes: multi-tiered architectures, enterprise applications, evaluation of emerging technologies, networks, data management systems and hardware systems. Yes 1 IT Security Yes 1 Security Security Information Architecture Yes 3 Federal Information Security Management Act (FISMA) No 1 HIPAA Security No 6 MARS-E No 6 Network Administration Yes 1 Network security Yes 2 Microsoft Office Suite Yes 5 Medicaid or healthcare experience No 5
Additional Skills: REQUIRED EDUCATION/CERTIFICATIONS:
BS degree in Computer Science, or equivalent number of years’ experience may be substituted for lack of a degree
CCNA Security or equivalent (network security-centric) certification is required
Criminal Record - 7 Year History Candidate Confirmation E-Verify Candidate Confirmation Credit Report - 7 Year History Candidate Confirmation DHHS - Confidentiality Agreement Candidate Confirmation
#J-18808-Ljbffr
