Security Architect

Direct Client

Title: Security Architect

Location: Columbia, SC

Duration: 12 months

Description:
SCOPE OF THE PROJECT:

The SCDHHS Office of Information Assurance (OIA) is responsible the Security and Compliance of SCDHHS Information Systems and Data. OIA seeks an expert in Information Security Architecture and Solutions Design to assist with the establishment, implementation and/or enhancement of Information Systems Security and Compliance efforts based on State/Agency Policy/Standards and Regulatory Guidance such as FISMA, NIST, CMS MARS-E, HIPAA, etc.)

Role Summary/Purpose
Overview/Summary:

The Information Secuirty Architect will report to the Office of Information Assurance and operate as an experienced consultant to SCDHHS leadership, business units, business partners and vendors.

Security Program Experience:

Experience with CMS MARS-E or other FISMA Risk Management Framework (RMF) compliant programs is strongly desired and will be given the highest weight. Experience should include well documented success in the performance of security focused processes and procedures supportive of a secure, compliant enterprise architecture. 
Experience with development and integration of RMF tasks and artifacts into the System Development Life Cycle (SDLC) is ideal.
Experience in security as related to multi-tenant, cloud services and vendor interface management would be considered desirable for this position.

Technical Knowledge:

Hands on experience with any or all of the following technologies would be considered a desirable for this position:
• IBM System 390/zSeries• Linux and Windows servers• Network Firewalls, Intrusion Prevention Systems (IPS), Switching and Routing Infrastructure• Security Information and Event Management (SIEM) solutions• Identity and Access Management (IAM) solutions

General Duties and Responsibilities:

1. Assist in the design, development, implementation and/or ongoing maturation of SCDHHS security and compliance solutions

2. Provide hands-on support of SCDHHS Systems and Software

3. Participate in audit and assessment of internal agency systems as well as business partner/service provider information systems.

4. Utilize Microsoft Office software suite, eGRC system, Bizagi, Atlassian and other products to document and report on information gathered during Audit and Assessment activities or other OIA efforts.

5. Participate in third-party audits and/or assessments of agency and business partner systems

6. Collaborate with agency leadership, business partners and other parties/stakeholders to provide recommendations for security and compliance risk mitigation efforts.

REQUIRED CERTIFICATION:
ISC(2), ISACA, SANS GIAC, or other similar Information Security Certification is required.

EDUCATION PREFERRED:
Bachelor’s degree in computer science or similar discipline is preferred.

All your information will be kept confidential according to EEO guidelines.