IT – SCDHHS – Security Analyst – Consultant

SUNSHINE ENTERPRISE USA LLC Logo
SUNSHINE ENTERPRISE USA LLC
Columbia, COLUMBIA, United States
  • Services
  • FullTime
  • Applications have closed

Position: Security Analyst

Location: Columbia, SC

Years of Exp: 10 Years

Contract Type: C2C/W2

Duration: 12 Months

Candidate MUST be a SC resident or willing to relocate to SC prior to starting the role at their own expense.

Summary

We are seeking an experienced Security Analyst / Senior ISSO to oversee and actively participate in the day-to-day security and compliance operations of complex information systems. The ideal candidate will lead the establishment, implementation, and enhancement of Information Systems Security and Compliance efforts based on State/Agency Policy, Standards, and Regulatory Guidance such as FISMA, NIST, CMS MARS-E, HIPAA, and other applicable frameworks.

Key Responsibilities

· Serve as a senior cybersecurity consultant to leadership, business units, partners, and vendors.

· Lead and manage security and compliance programs, including CMS MARS-E, ARC-AMPE, or other FISMA RMF-compliant programs.

· Develop and maintain System Security Plans (SSPs), Privacy Impact Assessments (PIAs), Interconnection Security Agreements (ISAs), Computer Matching Agreements (CMAs), and related audit/assessment activities.

· Integrate RMF/A&A tasks into the System Development Life Cycle (SDLC).

· Perform architectural reviews, risk analysis, and security assessments for network design, information flow, system access, firewall rules, baseline configuration, and vulnerability management.

· Audit internal systems and third-party/vendor systems for compliance and security controls.

· Review and provide security input on contracts, data usage agreements, and related documentation.

· Act as a primary point of contact for external audits and assessments.

· Utilize tools such as Microsoft Office Suite, ticketing systems, eGRC platforms (e.g., Archer), Bizagi, Atlassian, and other relevant tools for documentation and reporting.

· Collaborate with stakeholders to recommend and implement security and compliance risk mitigation measures.

Required Skills

· Strong knowledge of FISMA, NIST, CMS MARS-E, and HIPAA Security and Privacy requirements.

· 5 years of experience working with or auditing Windows, Linux, Databases (Relational and Non-Relational), Networking Infrastructure, and Web-based Applications.

· Experience in FISMA-compliant programs.

· Hands-on experience with eGRC systems.

· Health IT experience preferred.

· Relevant Information Security certifications required (ISC², ISACA, SANS GIAC, or equivalent).

· Strong communication and collaboration skills with both technical and non-technical stakeholders.

· Ability to multitask, prioritize, and work effectively in a results-oriented environment.

· Proficiency in Microsoft Office (Word, Excel, PowerPoint, Visio) with attention to detail and consistency in documentation.

Preferred Skills

· BS degree in Computer Science or a related discipline, or 10 years of relevant experience.

· Prior ITIL experience in Information Security Management.

· Experience with Cloud security and vendor management.

Apply for job