Compu-Vision Consulting, Inc.
Security Analyst Consultant (Information System Security Officer ISSO) – SA 25-3
Compu-Vision Consulting, Inc., Columbia, South Carolina, us, 29228
Job Title:
Security Analyst Consultant (Information System Security Officer ISSO) Location:
Columbia, SC (Fully Onsite 5 days per week) Duration:
12 Months Note:
Candidates must be
SC residents
or willing to relocate at their own expense. Remote work is not available. Position Overview
The
Senior Information System Security Officer (ISSO)
will lead security, risk, and compliance activities in support of cybersecurity initiatives for a Medicaid-related agency. The ISSO will direct the establishment, implementation, and/or enhancement of information systems security and compliance programs based on federal, state, and agency policies and regulatory guidance, including
FISMA, NIST, CMS MARS-E, HIPAA , and others. This role requires strong
oral and written communication skills , the ability to interact with multiple stakeholders and vendors, and a results-oriented professional capable of operating with minimal supervision. Scope of the Role
Oversee day-to-day
security and compliance requirements
of complex information systems.
Lead the development and implementation of
information security and compliance programs
in alignment with organizational policies and regulatory guidance.
Act as a consultant to leadership, business units, business partners, and vendors on security matters.
Daily Duties / Responsibilities
Conduct
detailed architectural reviews and risk analyses
for security-related requests, including:
Network design and information flow
System and data access models
Firewall rule requests
Configuration management deviations
Vulnerability management
Lead the design, development, and ongoing maturation of agency security and compliance programs.
Audit and assess internal systems and vendor/business partner information system security controls.
Utilize tools such as
Microsoft Office, Service Desk/Ticketing Systems, eGRC solutions (e.g., Archer), Bizagi, and Atlassian
for documentation and reporting.
Perform security and compliance reviews of contracts, business associate agreements, and data sharing agreements.
Serve as a primary point of contact for third-party audits or assessments.
Collaborate with leadership and stakeholders to provide
recommendations for risk mitigation .
Engage diverse audiences to align technical requirements with business objectives.
Maintain keen attention to detail while keeping a big-picture perspective.
Adapt to changes and feedback while working effectively with multiple teams and vendors.
Required Knowledge / Skills
Strong working knowledge of
FISMA, NIST, CMS MARS-E, HIPAA Security and Privacy .
5+ years of IT experience working with or auditing
IBM System 390/zSeries, Windows, Linux, relational and non-relational databases, networking infrastructure, and web applications .
Prior experience within a
FISMA-compliant program .
Experience with
eGRC systems .
Health IT experience.
Ability to work independently and collaboratively.
Excellent multitasking and prioritization skills.
Ability to engage diverse technical and non-technical audiences.
Proficiency with
Microsoft Office Suite
(Word, Excel, PowerPoint, Visio).
Strong attention to detail and ability to absorb, retain, and communicate complex processes.
Required Education / Certifications
ISC(2), ISACA, SANS GIAC , or other recognized information security certification. Preferred Skills / Qualifications
Bachelor s degree in Computer Science, Information Security, or related discipline, or 10+ years of relevant experience.
Prior experience with
ITIL in Information Security Management .
Leadership experience with CMS MARS-E, ARC-AMPE, or other
FISMA RMF-compliant programs .
Hands-on experience with
security for cloud services and vendor management .
Familiarity with
Archer (eGRC), enterprise NoSQL databases, Linux and Windows servers, network firewalls, IPS, SIEM, IAM, and IBM System 390/zSeries .
#J-18808-Ljbffr
Security Analyst Consultant (Information System Security Officer ISSO) Location:
Columbia, SC (Fully Onsite 5 days per week) Duration:
12 Months Note:
Candidates must be
SC residents
or willing to relocate at their own expense. Remote work is not available. Position Overview
The
Senior Information System Security Officer (ISSO)
will lead security, risk, and compliance activities in support of cybersecurity initiatives for a Medicaid-related agency. The ISSO will direct the establishment, implementation, and/or enhancement of information systems security and compliance programs based on federal, state, and agency policies and regulatory guidance, including
FISMA, NIST, CMS MARS-E, HIPAA , and others. This role requires strong
oral and written communication skills , the ability to interact with multiple stakeholders and vendors, and a results-oriented professional capable of operating with minimal supervision. Scope of the Role
Oversee day-to-day
security and compliance requirements
of complex information systems.
Lead the development and implementation of
information security and compliance programs
in alignment with organizational policies and regulatory guidance.
Act as a consultant to leadership, business units, business partners, and vendors on security matters.
Daily Duties / Responsibilities
Conduct
detailed architectural reviews and risk analyses
for security-related requests, including:
Network design and information flow
System and data access models
Firewall rule requests
Configuration management deviations
Vulnerability management
Lead the design, development, and ongoing maturation of agency security and compliance programs.
Audit and assess internal systems and vendor/business partner information system security controls.
Utilize tools such as
Microsoft Office, Service Desk/Ticketing Systems, eGRC solutions (e.g., Archer), Bizagi, and Atlassian
for documentation and reporting.
Perform security and compliance reviews of contracts, business associate agreements, and data sharing agreements.
Serve as a primary point of contact for third-party audits or assessments.
Collaborate with leadership and stakeholders to provide
recommendations for risk mitigation .
Engage diverse audiences to align technical requirements with business objectives.
Maintain keen attention to detail while keeping a big-picture perspective.
Adapt to changes and feedback while working effectively with multiple teams and vendors.
Required Knowledge / Skills
Strong working knowledge of
FISMA, NIST, CMS MARS-E, HIPAA Security and Privacy .
5+ years of IT experience working with or auditing
IBM System 390/zSeries, Windows, Linux, relational and non-relational databases, networking infrastructure, and web applications .
Prior experience within a
FISMA-compliant program .
Experience with
eGRC systems .
Health IT experience.
Ability to work independently and collaboratively.
Excellent multitasking and prioritization skills.
Ability to engage diverse technical and non-technical audiences.
Proficiency with
Microsoft Office Suite
(Word, Excel, PowerPoint, Visio).
Strong attention to detail and ability to absorb, retain, and communicate complex processes.
Required Education / Certifications
ISC(2), ISACA, SANS GIAC , or other recognized information security certification. Preferred Skills / Qualifications
Bachelor s degree in Computer Science, Information Security, or related discipline, or 10+ years of relevant experience.
Prior experience with
ITIL in Information Security Management .
Leadership experience with CMS MARS-E, ARC-AMPE, or other
FISMA RMF-compliant programs .
Hands-on experience with
security for cloud services and vendor management .
Familiarity with
Archer (eGRC), enterprise NoSQL databases, Linux and Windows servers, network firewalls, IPS, SIEM, IAM, and IBM System 390/zSeries .
#J-18808-Ljbffr