Security Architect

Scope of the project:
This position will serve as a Security Engineer within the Division of Information Security and will assist full-time security architects and engineering staff with the implementation, integration and operationalization of enterprise security technologies and programs.

The contractor will provide hands-on technical support across multiple security disciplines, including but not limited to SIEM, XDR, Vulnerability Management, Data Loss Prevention (DLP), Security Awareness, endpoint and Linux sensor deployment, and security automation initiatives. The role requires experience in information security architecture and solution design to support the strategic planning, design, implementation and continuous improvement of secure systems and services.

Daily Duties / Responsibilities

• Assist in the planning, design, deployment and operational support of enterprise security platforms, including:
  • Security Information and Event Management (SIEM)
  • Extended Detection and Response (XDR)
  • Vulnerability Management platforms and processes
  • Data Loss Prevention (DLP) solutions
  • Security Awareness and training platforms
• Support the development and maturation of the enterprise Vulnerability Management Program, including scanning, reporting, remediation tracking and metrics.
• Build, deploy, configure, and maintain Linux-based security sensors and related endpoint monitoring tools.
• Assist in the integration and automation of disparate security and enterprise IT tools using scripting and orchestration technologies.
• Collaborate with security architects to design and implement enterprise security solutions that align with LEADERSHIP’s business goals, regulatory requirements and organizational risk tolerance.
• Design, deploy and manage countermeasures to address known security threats and contribute mitigation strategies for emerging threats to enterprise data, systems and services.
• Ensure consistent application of security controls across enterprise infrastructure and applications; validate control effectiveness and recommend improvements.
• Support incident detection and response activities through monitoring, log analysis and reporting.
• Develop technical documentation, implementation guides and standard operating procedures as needed.
• Perform other duties as assigned in support of the Department of Administration’s Division of Information Security.

Required Skills:

• 5+ years of experience in supporting large IT environments and/or system deployments
• 5+ years of experience implementing and supporting enterprise security tools (SIEM, Cribl, XDR, vulnerability management, DLP, endpoint security).
• 5+ years of experience developing automation and integrations using scripting languages such as python and bash.

Preferred Skills (rank in order of Importance):

• Hands-on SIEM administration, analysis, and reporting experience.
• Experience building and deploying Linux-based security sensors.
• Familiarity with security frameworks and compliance standards such as NIST CSF, CJIS, IRS 1075, and CMS MARS-E.
• Resource is local to Columbia, SC or a surrounding city in South Carolina

Preferred Education/Certifications:

• CISSP
• Security+
• Bachelor's degree in an Information technology or Information security related field or 8 years of relevant work experience may be substituted in lieu of education.

ADDITIONAL DUTIES & SKILLS:

• Strong understanding of enterprise security architecture and engineering principles.
• Knowledge of cybersecurity best practices, threat detection, and defensive security strategies.
• Experience with Linux and Windows operating systems, including system hardening and security configuration.