IT - SCDHHS - Security Analyst - Consultant

SCOPE OF THE PROJECT:
The Office of Cybersecurity ensures the confidentiality, integrity and availability
of SCDHH's systems and services. Strong candidate must have hands-on
experience with:
" Data network design best practices
" Routing and switching protocols
" Network security best practices
" On-premise and/or cloud networking environments
"
" This role requires someone who can contribute independently on technical tasks
and support more senior analysts on complex initiatives.

DAILY DUTIES / RESPONSIBILITIES:
This is a hands-on technical role reporting to the Office of Cybersecurity SOC
lead
The analyst will support SCDHHS leadership, business units, partners, and
vendors in day-to-day cybersecurity operations.
Security Program Experience:
Strongly desired experience includes:
" CMS ARC-AMPE, HIPAA, NIST or other FISMA RMF frameworks
" Performing repeatable security processes supporting compliant enterprise
architectures
" Supporting security considerations for multi-tenant cloud environments
and vendor integrations
Technical Experience:
Candidates should have hands-on experience with:
1. Secure network design principles
2. Windows, macOS, and Linux operating systems
3. Switching and Routing
4. Enterprise Firewalls
5. Network auditing
6. IDS/IPS platforms
7. Network security monitoring
8. SIEM platforms such as QRadar, Splunk (Preferred)
9. Vulnerability scanning tools (Nessus, Qualys, etc.)
10. Cloud Infrastructure Security (Preferred)
Essential Responsibilities:
1. Assist in maturing network security and compliance solutions
2. Investigate and respond to daily network alerts
3. Perform network security assessments for proposed firewall and infrastructure
changes

4. Conduct technical analysis for network security planning and engineering
5. Review and assessment of connectivity, website block and firewall rule requests
to ensure they do not present an elevated risk to the agency
6. Analyze on-premise and cloud networks for potential threats
7. Develop, review, and analyze network traffic reports that violate the agency's
approved standards governing Ports, Protocols and Services.
8. Monitor emerging threat vectors and recommend countermeasures
9. Collaborate with other areas of the agency to implement security controls
10. Support cloud and on-premise network changes and enhancement projects
11. Ensure compliance with ARC-AMPE, HIPAA and SCDIS-200
12. Assist with KPI creation and trend report monitoring
13. Participate in firewall configuration reviews and ruleset recertification
14. Provide guidance on best practices to technical teams
15. Perform additional SOC duties as assigned

REQUIRED SKILLS (RANK IN ORDER OF
IMPORTANCE):
1. Approximately 3-5 years of
hands-on experience in network
design, implementation, or
support
2. Hand-on experience in IT security
or system administration
3. Working knowledge of secure network design, security
architecture, compliance tools, data
protection, and access models
4. Ability to analyze logs, alerts, and
network telemetry.
5. Proficiency with Microsoft Office
tools

PREFERRED SKILLS (RANK IN ORDER OF
IMPORTANCE):
1. Experience working in regulatory
environments
2. Experience supporting health IT or
state government.
3. Familiarity with FISMA, NIST,
CMS ARC-AMPE, and HIPAA
security and privacy standards
4. Cloud network security controls (Azure or AWS)

REQUIRED EDUCATION/CERTIFICATIONS:
1. BS degree in Computer Science,
information systems,
Cybersecurity, or related field;
or equivalent experience
2. A network security centric
certification such as PCNSE or
CCNA