Security Analyst Job at Cynet systems Inc in Columbia

Overview

Pay Range: $71.08hr - $76.08hr

Responsibilities

• The Senior ISSO will serve as an experienced cybersecurity consultant, reporting to the ISSO Team Lead in OCS.
• This role supports SCDHHS leadership, business units, business partners, and vendors by ensuring compliance with federal security standards, risk management frameworks, and best practices in information security.
• The Senior ISSO will lead security program initiatives, perform audits, oversee risk assessments, and provide expert recommendations for system security and compliance.
• Operate as a cybersecurity advisor to leadership, business units, vendors, and partners.
• Lead the development and maintenance of System Security Plans (SSPs), Privacy Impact Assessments (PIAs), Interconnection Security Agreements (ISAs), and Computer Matching Agreements (CMAs).
• Support RMF/Assessment and Authorization (A&A) tasks across the SDLC.
• Perform architectural reviews and risk analyses of requests related to network design, system/data access, firewall rules, baseline configurations, and vulnerability management.
• Conduct security and compliance audits of internal systems and business partner/provider environments.
• Review and assess contracts, business associate agreements, and data sharing agreements for compliance.
• Act as the primary point of contact for third-party audits and assessments.
• Champion security design, development, and implementation efforts to ensure ongoing compliance maturity.
• Document findings and generate reports using Microsoft Office Suite, Archer eGRC, Bizagi, Atlassian, and related tools.
• Collaborate with leadership and cross-functional teams to recommend and implement security risk mitigations.
• Mentor stakeholders and ensure knowledge transfer on compliance and security requirements.

Required Knowledge And Skills

• Strong working knowledge of FISMA, NIST, CMS MARS-E, and HIPAA Security & Privacy.
• 5+ years of experience with IT auditing/administration of IBM System 390/zSeries, Windows, Linux, databases (relational and non-relational), networking infrastructure, and web applications.
• Prior experience working in a FISMA-compliant program.
• Hands-on experience with eGRC systems.
• Prior Health Information Technology experience.
• Information Security certification required (ISC2, ISACA, SANS GIAC, or equivalent).
• Strong collaboration, communication, and stakeholder engagement skills.
• Ability to multitask, prioritize, and deliver in deadline-driven environments.
• Intermediate to advanced Microsoft Office skills (Word, Excel, PowerPoint, Visio).
• Strong attention to detail and ability to align technical requirements with business objectives.

Preferred Knowledge And Skills

• Leadership experience with CMS MARS-E, ARC-AMPE, or other FISMA RMF-compliant programs.
• Experience in security as related to Cloud services and vendor management.
• Hands-on experience with:
• Archer (eGRC)
• Enterprise NoSQL Databases
• IBM System 390/zSeries
• Linux and Windows servers
• Firewalls, IPS, switching, and routing
• SIEM and IAM solutions
• Prior ITIL experience in Information Security Management.

Education And Certifications

• Required: ISC2, ISACA, SANS GIAC, or equivalent Information Security certification.
• Preferred: Bachelor’s degree in Computer Science or related discipline, OR 10+ years of equivalent experience.