Job Description

Title: Security Analyst Consultant Location: Columbia, SC Duration: 12 Months Interview Process: 2 Rounds (Virtual & In-Person) Project Overview The Security Analyst Consultant will support the organization s Information Security and Compliance program. This role functions as a Senior Information System Security Officer (ISSO), responsible for leading and participating in day-to-day security and compliance activities across complex information system environments. The consultant will ensure alignment with State/Agency security policies and federal regulatory frameworks such as FISMA , NIST , CMS MARS-E , and HIPAA .

Daily Duties & Responsibilities Report to the ISSO Team Lead and operate as an experienced cybersecurity consultant for leadership, business units, partners, and vendors. Support and enhance the organization s Security and Compliance Program across multiple platforms and environments.

Security Program Responsibilities Lead and contribute to RMF-compliant security program activities, especially for CMS MARS-E or similar frameworks. Develop and maintain System Security Plans (SSPs) , Privacy Impact Assessments (PIAs) , Interconnection Security Agreements (ISAs) , Computer Matching Agreements (CMAs) , and related RMF artifacts. Support audit and assessment activities by conducting interviews, collecting evidence, and validating controls. Integrate RMF activities into the System Development Life Cycle (SDLC). Provide guidance on cloud security practices and vendor management.

Technical Knowledge (Desired) Hands-on experience with any of the following is highly beneficial: Archer (eGRC) Enterprise NoSQL Databases IBM System 390/zSeries Linux and Windows servers Network Firewalls, IPS, Switching, Routing SIEM platforms Identity and Access Management (IAM) solutions

General Responsibilities Conduct architectural security reviews and risk assessments, including: Network design & data flow Access models Firewall rule evaluations Configuration deviation requests Vulnerability management

Lead and support the development and improvement of security and compliance programs. Conduct audits and assessments of internal systems and partner environments. Use tools such as Microsoft Office, ticketing systems, eGRC platforms, Bizagi, and Atlassian for documentation and reporting. Review and provide input on contracts, Business Associate Agreements, data sharing agreements, and related artifacts. Serve as a primary contact for third-party audits or assessments. Provide recommendations to leadership and business partners for security and compliance improvements.

Required Knowledge & Skills Strong working knowledge of FISMA , NIST , CMS MARS-E , and HIPAA security and privacy requirements. 5+ years IT experience working with and/or auditing: IBM System 390/zSeries Windows & Linux Relational and NoSQL databases Network infrastructure Web applications

Prior experience in FISMA/NIST-compliant environments. Experience with eGRC systems. Prior experience in Health IT environments. One or more required security certifications: ISC(2), ISACA, SANS GIAC , or equivalent. Strong collaboration and communication skills with technical and non-technical audiences. Ability to manage multiple priorities, meet deadlines, and work both independently and in a team environment. Proficiency in Microsoft Office (Word, Excel, PowerPoint, Visio). High attention to detail and ability to understand complex processes. Ability to adapt to feedback and work effectively with diverse stakeholder groups.

Preferred Qualifications Bachelor s degree in Computer Science or related field, or 10+ years of relevant experience. 3 5+ years of risk management experience. Prior ITIL experience in Information Security Management.

Job Tags

Similar Jobs