Security Analyst

IT - SCDHHS - Security Analyst - Consultant 9891 03/14/2026 12 Months 1201 Main Street Suite 600 Columbia, SC Please ensure you attach the SC Cover Sheet (attached), a valid Right to Represent, and the candidate's resume with full legal first name, and last name. Withdrawn candidates will not be permitted to be replaced. If you would like to use a sub vendor, only 1 level deep, please submit the Sub Vendor usage form. The State of South Carolina is looking for a Security Analyst - Consultant Why is this position open: Rebid Interview Process: 1 round, Virtual/Online Duration of the Contract: 12 months Possibility for Extension: Yes Work Location: Fully Onsite Candidate Location: Candidate MUST be a SC resident. No relocation allowed. Full job description attached & required/preferred skills are stated below. Scope of the project: The Office of Cybersecurity is tasked with securing the Agency's cloud infrastructure and performing ongoing enterprise cybersecurity threat monitoring and incident response. A strong candidate for this position should possess experience in the following: Cyber Threat Response and Incident Handling Cloud platforms (Listed in order by preference) such as Microsoft Azure, Amazon Web Services (AWS), Google Cloud Platform (GCP) Cloud Security principles, capabilities and best practices Position Title: Security Analyst Consultant (Cloud Cybersecurity Analyst) DAILY DUTIES / RESPONSIBILITIES: The Cloud Cybersecurity Analyst will be performing monitor, detect and response capabilities in the agency cloud infrastructure. This role will work with the stakeholders to help architect, build and maintain a Secure Cloud Infrastructure by adhering to Agency policy and industry best practices. This position will report directly to the CISO to drive innovation and maturation of the Agency's Cloud Cyber threat detection and response capabilities. We are looking for candidates who are highly organized, can work independently in a fast-paced environment and produce multiple quality deliverables within defined deadlines. This role is involved in projects or issues of high complexity that requires an individual who can quickly think on their feet, challenge the status quo, and drive efficiencies through the process. Essential Responsibilities Perform threat identification and analysis of risks to the Agency Cloud environments Conduct penetration testing and vulnerability assessments on Azure cloud infrastructure and applications. Provide input and feedback on cloud/hybrid architectures related to Security Assist in the implementation and advancement of Continuous Monitoring and Incident Response processes and procedures Assist in investigation and remediation of Compliance policy violations, security incidents and related issues Investigate and remediate compliance policy violations, security incidents, and related issues. Serve as a Security Point of Contact for matters related to Securing Cloud Infrastructure Consult on, and provide requirements for critical projects and initiatives Create and maintain documentation for security processes and penetration testing results. Revise documents and artifacts as tactics and techniques evolve to address new and emergent threats and trends Work with stakeholders to advance security efforts of the Agency Cloud Environments Raise the awareness level of cloud security in the agency Conduct Security Assessments to identify areas of risk and ensure gaps are remediated Effectively communicate to management and business stakeholders the status of projects and issues as they relate to Cloud Security Perform security posture assessments using Azure-native tools (Microsoft Defender for Cloud, Azure Security Center, etc.) Required Skills (rank in order of Importance): 5+ years of Cyber Threat Monitoring, Detection, Response and Incident Handling Knowledge of OWASP Top 10 and cloud-specific attack vectors Experience with vulnerability management and remediation in cloud environments 5+ years of experience of I.T. working with Windows, Linux, Cloud technologies or Web-based applications Hands-on experience with penetration testing tools (Burp Suite, Metasploit, Nmap, Kali Linux) SOFT SKILLS Ability to communicate clearly, verbally and in writing; to interact effectively with internal and external vendors, project team members, management and agency departments; to build relationships and use facilitation skills with both technical and non-technical Preferred Skills (rank in order of Importance): 3+ years of experience with Cloud platforms (in order of preference) such as Microsoft Azure, Amazon Web Services (AWS) and/or GCP Experience with Prisma Cloud, Dome9 or similar Cloud Security capabilities Prior experience working with cloud security and governance tools, cloud access security brokers (CASBs), and Infrastructure as Code (IaC) Experience with designing and deploying an Inspection architecture in a Cloud Environment. Experience with full-stack deployment Preferred Education/Certifications: BS degree in computer science, information technology, engineering or similar discipline Microsoft Certified: Azure Security Engineer Associate) CompTia Cloud + Network security certifications CISSP Azure Security Engineer Associate

Created: 2026-03-10