This position is 100% on-site in Columbia, SC; The Consultant must be located in Columbia, SC, during this contract.

Our direct client has an opening for a Security Analyst -11109-1 This position is 12 months, with the option of extension, and is in the following locations in Columbia, SC

CCNA Security or equivalent (network security-centric) certification is required

SCOPE OF THE PROJECT: The Office of Cybersecurity is tasked with ensuring the confidentiality, integrity and availability of SCDHHS systems and services. A strong candidate for this position should possess HANDS-ON experience in the following: • Data network design and engineering best practices • Strong understanding of routing and switching protocols • Network security best practices • On-premise and cloud networking experience

DAILY DUTIES / RESPONSIBILITIES: This is a HANDS-ON Role

The Network Security Analyst will report to the Office of Cybersecurity SOC Lead and operate as an experienced consultant to SCDHHS leadership, business units, business partners and vendors.

Security Program Experience: Experience with CMS MARS-E, HIPAA or other FISMA Risk Management Framework (RMF) compliant programs is strongly desired and will be given the highest weight. Experience must include well documented success in the performance of security focused processes and procedures supportive of a secure, compliant enterprise architecture.

Experience in security as related to multi-tenant, cloud services and vendor interface management would be considered desirable for this position.

Technical Experience: HANDS-ON experience with any or all of the following would be considered a desirable for this position:

1. Secure Network Design –All Layers
2. Windows and Mac end-User Operating systems & Linux
3. Switching and Routing
4. Network Firewalls
5. Network auditing
6. Intrusion Detection/Prevention Systems (IDPS)
7. Network Security Monitoring expertise
8. Security Information and Event Management (SIEM) experience such QRadar, Splunk, etc. (**Plus )
9. Vulnerability Assessment tools such as Nessus, Qualys, etc.
10. Cloud Infrastructure Security (**Plus)

Essential Responsibilities:

1. Assist (and often lead) in the design, development, implementation and/or ongoing maturation of SCDHHS network security and compliance solutions

2. This position focuses on leading network security assessments against proposed firewall and network infrastructure

3. Provide technical analysis in network security planning, engineering, and design

4. Review and assess connectivity and firewall rule requests to ensure they do not present an elevated risk to the Agency, full reviews performed, proper due diligence performed, and proper mitigating controls are put in place

5. Perform continuous analysis of on-premise and cloud security networks to identify potential threats to the agency

6. Perform daily analysis and response of alerts generated from network centric platforms

7. Develop, review, and analyze network traffic reports that violate the agency’s approved standards governing Ports, Protocols and Services.

8. Awareness of new threat vectors and make recommendations for improved security countermeasures

9. Collaborate with other areas of the agency to implement countermeasures to detect and prevent adversarial attacks

10. Assist in developing and designing solutions for enhancements/projects needing network changes in both on-premise and cloud environments

11. Monitor security systems and reports to maintain compliance with multiple regulations such as MARS-E, SCDIS-200, and HIPAA

12. Create and assist with managing KPI reports that can be used to identify trends and establish metrics

13. Perform network security configurations and rules recertification to ensure that the firewall configurations and rulesets meet the business and compliance requirements

14. Provide direction to infrastructure teams, end-user support, application teams, and business units on best security practices

15. Other duties may be assigned within the Security Operations

REQUIRED SKILLS (RANK IN ORDER OF IMPORTANCE):

1. 5+ years of HANDS-ON experience in network design, implementation and support
2. Must have hands-on or educational background in IT Security or System Administration
3. Deep technical knowledge of secure network design principles, security architecture, network and system compliance tools, data protection schemes and access models.
4. Must have intermediate skills in Microsoft Office products (Word, Excel, PowerPoint, Visio) to include working with templates and style guidelines for branding consistency.

PREFERRED SKILLS (RANK IN ORDER OF IMPORTANCE):

1. Prior experience in working in regulatory environment
2. Prior Health Information Technology experience.
3. Strong working knowledge of FISMA, NIST, CMS MARS-E and HIPAA Security and Privacy.

REQUIRED EDUCATION/CERTIFICATIONS:

1. BS degree in Computer Science, or equivalent number of years’ experience may be substituted for lack of a degree
2. CCNA Security or equivalent (network security-centric) certification is required

Verbal Communication Skills Yes 4 Written Communication Skills Yes 4 Bachelor of Science Degree Yes 2 Technical Certifications Yes 1 Demonstrated knowledge/skills of the IT industry which includes: multi-tiered architectures, enterprise applications, evaluation of emerging technologies, networks, data management systems and hardware systems. Yes 1 IT Security Yes 1 Security Security Information Architecture Yes 3 Federal Information Security Management Act (FISMA) No 1 HIPAA Security No 6 MARS-E No 6 Network Administration Yes 1 Network security Yes 2 Microsoft Office Suite Yes 5 Medicaid or healthcare experience No 5

Additional Skills: REQUIRED EDUCATION/CERTIFICATIONS:

1. BS degree in Computer Science, or equivalent number of years’ experience may be substituted for lack of a degree
2. CCNA Security or equivalent (network security-centric) certification is required

Criminal Record - 7 Year History Candidate Confirmation E-Verify Candidate Confirmation Credit Report - 7 Year History Candidate Confirmation DHHS - Confidentiality Agreement Candidate Confirmation