IT - SCDMV - Security Analyst - Consultant

Security Comments :

Position Description :

Please ensure you attach the SC Cover Sheet (attached), a valid Right to Represent, and the candidate's resume with full legal first name, and last name. Withdrawn candidates will not be permitted to be replaced. If you would like to use a sub vendor, only 1 level deep, please submit the Sub Vendor usage form. The State of South Carolina DMW is looking for a Security Analyst - Consultant Why is this position open : This is a Rebid. This position will work 15 hours per week. Max Bill Rate : - / hour Will close to submissions on 10 / 21 / 2025 5 : 00PM EST. Interview Process : Preference will be to perform the interviews virtually. Scheduling as soon as possible after the posting closes. Duration of the Contract : 12 Months Possibility for Extension : Yes Work Location : Hybrid On-site in 10311 Wilson Rd Blythewood, SC 29016, 4 days remote and 1 day on-site. This position will work 15 hours per week. Candidate Location : Must reside within SC. No relocation allowed Full job description is in the attached file. Key duties and Responsibilities Champion DevSecOps through Security Automation : Leverage your full-stack development expertise to design, implement, and maintain security tools and automation. This includes building scripts to automate critical tasks like data security checks, vulnerability scanning, and user access control, streamlining security processes and improving overall efficiency. Monitor and analyze security events : You'll be responsible for monitoring security information and event management (SIEM) tools to identify potential threats and suspicious activity. Along with determine security gaps in these controls to improve overall security posture. This will also involve analyzing logs, investigating alerts, and using your knowledge of security frameworks (NIST, CIS, CISA) to assess risk. Support secure application development : You'll collaborate with developers to ensure secure coding practices are followed throughout the Software Development Lifecycle (SDLC). This might involve code reviews, threat modeling, and providing guidance on secure development principles. Investigate and respond to security incidents : In the event of a security breach, you'll be part of the incident response team, helping to identify the root cause, mitigate damage, and implement recovery procedures. Document security procedures and best practices : You'll develop clear and concise documentation for security policies, procedures, and best practices. This may involve creating training materials or user guides to ensure everyone understands their role in maintaining security. Provide on-call support when needed and other related duties as required. Required Skills 5 years of Expert level experience with C#, Python, Powershell, or Rust 1 year of Understanding of automation principles, including the use of AI, ML, and scripting, to streamline security tasks 3 years of Understanding of the Software Development Lifecycle (SDLC) and DevSecOps principles to integrate security considerations throughout the application development process. 3 years of Proficiency in CLOUD SECURITY principles, including identity and access management, data security, and compliance. Education Requirement A bachelor's degree in information technology systems, computer science, cybersecurity, or a related field. Relevant experience may be substituted for the degree on a year-for-year basis Preferred Skills 1 Year of Experience with SIEM (Security Information and Event Management) tools, including configuration, tuning, threat hunting, and alert creation. 1 Year of In-depth knowledge of security frameworks, including NIST, CIS, and CISA, and their application in a hybrid environment. 1 Year of Expertise in data classification and DLP (Data Loss Prevention) configuration to safeguard sensitive information.