IT - SCDHHS - Security Analyst - Consultant at SUNSHINE ENTERPRISE USA LLC

Job DescriptionJob DescriptionPosition: Security AnalystLocation: Columbia, SCYears of Exp: 10+YearsContract Type: C2C/W2Duration: 12+ MonthsCandidate MUST be a SC resident or willing to relocate to SC prior to starting the role at their own expense.SummaryWe are seeking an experienced Security Analyst / Senior ISSO to oversee and actively participate in the day-to-day security and compliance operations of complex information systems. The ideal candidate will lead the establishment, implementation, and enhancement of Information Systems Security and Compliance efforts based on State/Agency Policy, Standards, and Regulatory Guidance such as FISMA, NIST, CMS MARS-E, HIPAA, and other applicable frameworks.Key Responsibilities· Serve as a senior cybersecurity consultant to leadership, business units, partners, and vendors.· Lead and manage security and compliance programs, including CMS MARS-E, ARC-AMPE, or other FISMA RMF-compliant programs.· Develop and maintain System Security Plans (SSPs), Privacy Impact Assessments (PIAs), Interconnection Security Agreements (ISAs), Computer Matching Agreements (CMAs), and related audit/assessment activities.· Integrate RMF/A&A tasks into the System Development Life Cycle (SDLC).· Perform architectural reviews, risk analysis, and security assessments for network design, information flow, system access, firewall rules, baseline configuration, and vulnerability management.· Audit internal systems and third-party/vendor systems for compliance and security controls.· Review and provide security input on contracts, data usage agreements, and related documentation.· Act as a primary point of contact for external audits and assessments.· Utilize tools such as Microsoft Office Suite, ticketing systems, eGRC platforms (e.g., Archer), Bizagi, Atlassian, and other relevant tools for documentation and reporting.· Collaborate with stakeholders to recommend and implement security and compliance risk mitigation measures.Required Skills· Strong knowledge of FISMA, NIST, CMS MARS-E, and HIPAA Security and Privacy requirements.· 5+ years of experience working with or auditing Windows, Linux, Databases (Relational and Non-Relational), Networking Infrastructure, and Web-based Applications.· Experience in FISMA-compliant programs.· Hands-on experience with eGRC systems.· Health IT experience preferred.· Relevant Information Security certifications required (ISC², ISACA, SANS GIAC, or equivalent).· Strong communication and collaboration skills with both technical and non-technical stakeholders.· Ability to multitask, prioritize, and work effectively in a results-oriented environment.· Proficiency in Microsoft Office (Word, Excel, PowerPoint, Visio) with attention to detail and consistency in documentation. Preferred Skills· BS degree in Computer Science or a related discipline, or 10+ years of relevant experience.· Prior ITIL experience in Information Security Management.· Experience with Cloud security and vendor management.