Security Analyst

Providing security and continuous monitoring in a complex network environment across the state of South Carolina.
Network includes on-prem and cloud technology supporting 50+ mission critical applications and sites. Daily
administration of modern tools including Tenable products, PAN Cortex XDR, Office 365 Security, and MS Defender.
A small security team means every member gets the opportunity to work in different security functions including
incident detection and response, vulnerability management, identity and access management, and physical security.
Must possess excellent written and verbal communication skills as these are employed often with interdepartmental and
external communications in problem solving.
WHY IS THIS POSITION OPEN?
Rebid - 36-Month tenure reached.
WHAT TYPES OF STAFFING CHALLENGES OR HEADACHES HAVE YOU EXPERIENCED IN THE
PAST? QUALITY OF RESUME?
During the interviews, often we're finding that the candidates don't have the skills or experience that they have outlined
on their resumes, resulting in a waste of time for all parties. We need better vetting from the vendors.
SCOPE OF THE PROJECT:
The Office of the CISO is responsible for securing and monitoring the agency's critical applications and network for the
Department of Social Services. The Department seeks a highly motivated individual who has the skills and experience
needed to support this Office's mission in protecting the Agency's digital environment.
DAILY DUTIES / RESPONSIBILITIES:
Position Description – Security Analyst – Project Lead

• Candidate should be an expert security administration and security continuous monitoring.

• Candidate should be an expert in performing log analysis, risk analysis, incident response processes, and
investigation procedures. This includes experience working in a security operations center and working with
security tools including SIEM, EDR/XDR, IPS/IDS. Candidate should have experience with data blending and
report generation.
Job Duties:

• Planning, implementing, upgrading, and monitoring security measures for the protection of computer network
security and information – both LAN and cloud based.

• Develop and implement security policies, procedures, and standards to protect the organization's data and
assets.

• Monitoring and reporting on SIEM and EDR event data.

• Maintaining records of security events investigated and incident response activities.

• Serve as a Tier III security support on the agency's security team.

• Conduct security assessments of systems, networks, and applications to identify vulnerabilities and risks.

• Work with and provide mentorship to other information security team members on security strategies,
processes, response, and technologies.

• Respond to security incidents and breaches, and work to mitigate the impact and prevent future incidents.

• Provides incident response support, threat assessment, and computer forensic investigations.

• Coordinate and assist with other Information Technology functions/teams to accomplish agency security
objectives.

• Creating risk analysis documents when reviewing system functional specifications including use cases, activity,
sequence, data flow, collaboration, and diagrams.

• Create security report using complex SQL queries, API integrations, and Power BI.

• Knowledge of blue team tools such as SCAP workbench, vulnerability scanning, and hardening techniques.

• Knowledge of red team tools such as nmap, wireshark, Metasploit, and password crackers.
REQUIRED SKILLS:
(Rank in order of importance)

• 4+ years of experience with SIEM, EDR/XDR, and
IPS/IDS

• 4+ years of experience with security documentation

• 4+ years of experience with C/C++, Python, or
Powershell

• 4+ years of experience with Red/Blue Team

• 4+ years of experience with Office 365 Security
Administration
PREFERRED SKILLS:
(rank in order of Importance)

• Preference will be given to experienced Security
Operation Center (SOC) security analyst.

• SQL/Scripting (reports and automation)
experience.
REQUIRED EDUCATION/CERTIFICATIONS:
Bachelor's or higher degree in Computer Science or other
quantitative discipline or equivalent work experience.
PREFERRED EDUCATION/CERTIFICATIONS:
Any of the below.

• CISSP

• CCSP

• SSCP

• CEH

RequirementsRequired Skills
Skill Type
Skill Name
  Certification  Education  License  Other  Skill  4+ years of experience with SIEM, EDR/XDR, and IPS/IDS
  Certification  Education  License  Other  Skill  4+ years of experience with security documentation
  Certification  Education  License  Other  Skill  4+ years of experience with C/C++, Python, or Powershell
  Certification  Education  License  Other  Skill  4+ years of experience with Red/Blue Team
  Certification  Education  License  Other  Skill  4+ years of experience with Office 365 Security Administration
Preferred Skills
Skill Type
Skill Name
  Certification  Education  License  Other  Skill  Previous experience as a Security Operation Center (SOC) security analyst.
  Certification  Education  License  Other  Skill  SQL/Scripting (reports and automation) experience
  Certification  Education  License  Other  Skill  CISSP
  Certification  Education  License  Other  Skill  CSSP
  Certification  Education  License  Other  Skill  SSCP
  Certification  Education  License  Other  Skill  CEH

---