Summary Scope of the project:
The position will work as a security architect within the division of information security and will assist with the implementation, integration, and operationalizing security technologies.
This position requires experience in information security architecture and solution design to assisting the strategic planning, designing, and implementation of new systems and changes in current systems in a secure manner.
The position is expected to be needed for 6-12 months with the possibility of extension.
CANDIDATE MUST BE ABLE TO BE ON-SITE INCOLUMBIA, SC LOCATION WITHIN TWO (2) HOURS OF BEING REQUESTED.
CANDIDATE MUST BE ABLE TO WORK TWO (2) DAYSON-SITE IN COLUMBIA, SC LOCATION EACH WEEK.
Roles & Responsibilities Daily Duties / Responsibilities:
CANDIDATE MUST BE ABLE TO BE ON-SITE INCOLUMBIA, SC LOCATION WITHIN TWO (2) HOURS OF BEING REQUESTED.
CANDIDATE MUST BE ABLE TO WORK TWO (2) DAYSON-SITE IN COLUMBIA, SC LOCATION EACH WEEK.
Responsible for planning, designing, development and implementation of enterprise security architecture solutions that align with business goals and risk tolerance. Leveraging state approved processes and technologies wherever possible.
Lead process definition, redesign and/or technology innovation of security architecture, to ensure DIS solutions support secure delivery of enterprise business architecture and services.
Design, deploy and manage countermeasures to known security threats and develop preventative mitigation strategies for new and emergent threats to enterprise data, networks and associated services.
Ensure, validate and measure the consistent application of protective measures throughout the enterprise business application and infrastructure support environments. Take appropriate action to protect state data and technology services.
Provide innovative technical leadership and expert guidance on the selection, procurement and best-value utilization of security capabilities supportive of:
Authentication, authorization and accounting of system access
Logging and event management
Vulnerability and configuration management
Compute, storage and network infrastructure
Cloud computing
New and emergent technologies
Establish, maintain and evolve a best practice methodology for Security Development Lifecycle (SDL) which assures deep integration of secure design and development practices are implemented at all stages of the System or Software Development Lifecycles (SDLCs).
Preferred Qualifications Preferred skills (rank in order of importance):
Network firewalls, intrusion prevention systems (IPS),switching and routing infrastructure
Identity and access management (IAM)
Privileged user management (PUM)
Security information event management (SIEM) systems
Security frameworks: NIST, CSF, CJIS, IRS 1075, CMS MARS-E
Vulnerability assessment (VA)
Application security (AppSec)
Preferred Education/Certifications:
CEH
CCNA
Minimum Qualifications Required Skills (Rank in Order of Importance):
Expert understanding of system design and the engineering process
Cyber security awareness and understanding
Expert understanding of information computer and network security. Its operation, engineering, and architecture
Experience with UNIX, windows, Linux, cisco/palo alto/fortinet firewalls, web apps, databased, strong authentication, network security protocols and procedures
Expert understanding of access control, logging and reporting systems
Required Education/Certifications:
Bachelor’s degree in an information technology or information security related field
6 years’ of relevant work experience may be substituted in lieu of education
Minimum 5 years of experience in supporting large IT environments and/or system deployments