It Security Analyst / Engineer

SunPlus Data Group is looking for an IT Security Analyst / Engineer to work for the State of South Carolina in Columbia, SC.

• Project is estimated to be for 12 months to start and is likely to extend
• This is M-F, 40 hrs a week excluding holidays
• Pay will be $82/hr W2 hourly

**Position is 100% on-site in Columbia, SC (NON NEGOTIABLE)

*Candidates must work on a W2 basis, no C2C. Candidates can transfer US Work Visa to SunPlus.

SCOPE OF THE PROJECT:

The Office of Cybersecurity is tasked with ensuring the confidentiality, integrity and availability of SCDHHS systems and services. A strong candidate for this position should possess HANDS-ON experience in the following:

• Data network design and engineering best practices
• Strong understanding of routing and switching protocols
• Network security best practices
• On-premise and cloud networking experience
DAILY DUTIES / RESPONSIBILITIES:
This is a HANDS-ON Role
The Network Security Analyst will report to the Office of Cybersecurity SOC Lead and operate as an experienced consultant to SCDHHS leadership, business units, business partners and vendors.
Security Program Experience:

Experience with CMS MARS-E, HIPAA or other FISMA Risk Management Framework (RMF) compliant programs is strongly desired and will be given the highest weight. Experience must include well documented success in the performance of security focused processes and procedures supportive of a secure, compliant enterprise architecture.
Experience in security as related to multi-tenant, cloud services and vendor interface management would be considered desirable for this position.
Technical Experience:

HANDS-ON experience with any or all of the following would be considered a desirable for this position:

1. Secure Network Design –All Layers
2. Windows and Mac end-User Operating systems & Linux
3. Switching and Routing
4. Network Firewalls
5. Network auditing
6. Intrusion Detection/Prevention Systems (IDPS)
7. Network Security Monitoring expertise
8. Security Information and Event Management (SIEM) experience such QRadar, Splunk, etc. (**Plus )
9. Vulnerability Assessment tools such as Nessus, Qualys, etc.
10. Cloud Infrastructure Security (**Plus)
Essential Responsibilities:

1. Assist (and often lead) in the design, development, implementation and/or ongoing maturation of SCDHHS network security and compliance solutions
2. This position focuses on leading network security assessments against proposed firewall and network infrastructure
3. Provide technical analysis in network security planning, engineering, and design
4. Review and assess connectivity and firewall rule requests to ensure they do not present an elevated risk to the Agency, full reviews performed, proper due diligence performed, and proper mitigating controls are put in place
5. Perform continuous analysis of on-premise and cloud security networks to identify potential threats to the agency
6. Perform daily analysis and response of alerts generated from network centric platforms
7. Develop, review, and analyze network traffic reports that violate the agency’s approved standards governing Ports, Protocols and Services.
8. Awareness of new threat vectors and make recommendations for improved security countermeasures
9. Collaborate with other areas of the agency to implement countermeasures to detect and prevent adversarial attacks
10. Assist in developing and designing solutions for enhancements/projects needing network changes in both on-premise and cloud environments
11. Monitor security systems and reports to maintain compliance with multiple regulations such as MARS-E, SCDIS-200, and HIPAA
12. Create and assist with managing KPI reports that can be used to identify trends and establish metrics
13. Perform network security configurations and rules recertification to ensure that the firewall configurations and rulesets meet the business and compliance requirements
14. Provide direction to infrastructure teams, end-user support, application teams, and business units on best security practices
15. Other duties may be assigned within the Security Operations
REQUIRED SKILLS:

1. 5+ years of HANDS-ON experience in network design, implementation and support
2. Must have hands-on or educational background in IT Security or System Administration
3. Deep technical knowledge of secure network design principles, security architecture, network and system compliance tools, data protection schemes and access models.
4. Must have intermediate skills in Microsoft Office products (Word, Excel, PowerPoint, Visio) to include working with templates and style guidelines for branding consistency.
PREFERRED SKILLS:

1. Prior experience in working in regulatory environment
2. Prior Health Information Technology experience.
3. Strong working knowledge of FISMA, NIST, CMS MARS-E and HIPAA Security and Privacy.
REQUIRED EDUCATION/CERTIFICATIONS:

1. BS degree in Computer Science, or equivalent number of years’ experience may be substituted for lack of a degree
2. CCNA Security or equivalent (network security-centric) certification is required
PREFERRED EDUCATION/CERTIFICATIONS:

1. ISC(2), ISACA, SANS GIAC and/or other Information Security Certification.
Additional Sills: REQUIRED EDUCATION/CERTIFICATIONS:1. BS degree in Computer Science, or equivalent number of years’ experience may be substituted for lack of a degree2. CCNA Security or equivalent (network security-centric) certification is required