Previous Job
Previous
Security Analyst
Ref No.: 14-00539
Location: Columbia, South Carolina
Department of Revenue
Columbia, SC
1 year


SCOPE OF THE PROJECT:
DEVELOPMENT OF INFORMATION SECURITY PROGRAM

DAILY DUTIES / RESPONSIBILITIES:
Assists in the development and implementation of security policies and procedures (e.g., user log-on and authentication rules, security breach escalation procedures, security auditing procedures and use of firewalls and encryption routines).
Prepares status reports on security matters to develop security risk analysis scenarios and response procedures.
Responsible for the tracking and monitoring of security incidents. Enforces security policies and procedures by administering and monitoring security profiles, reviews security violation reports and investigates possible security exceptions, updates, and maintains and documents security controls.
Involved in the evaluation of products and/or procedures to enhance security.
Provides direct support to the business and IT staff for security related issues. Educates IT and the business about security policies and consults on security issues regarding user built/managed systems.
Represents the security needs of the organization by providing expertise and assistance in all IT projects with regard to security issues.
Must have extensive knowledge in networking, databases, systems and/or Web operations.
Producing detailed documentation on all existing security policies, practices, and technical configurations.
Document recommendations on improvements along with high level estimates on associated work effort.
This individual will need to work with various application groups, infrastructure groups, and management to understand security needs for each area of the organization.
Design documentation will need to be produced documenting final deployment details along with support procedures as needed.
Architectural technical and documentation skills are equally important for this position.
Develop workaround solutions as appropriate.
Monitor and assess current systems and recommend security enhancements.
Act as technical resource for other IT analysts and business units by resolving complex computer equipment and systems problems.

REQUIRED SKILLS (RANK IN ORDER OF IMPORTANCE):
Hands on experience documenting, deploying, and managing all aspects of security within an enterprise organization, including but not limited to:
Active directory
Publically accessible assets
User access policies
Anti-Virus management
Security compliance for third party and/or in house developed applications
Virtualization and Storage area networking security
Experience Preparing and submitting a Security Program evaluation and compliance report
Conducting continual surveys of all offices, departments and functions to determine the need for additional security services, and making appropriate recommendations.
Highly-developed and proven oral and written communication skills
Experience supervising and directing personnel from other departments when conducting investigations.
Proven experience developing, implementing and administering all aspects of a successful Security Program, including physical, technical, personnel, procedural and electronic security.
Providing continual consultation and written reports to senior management and to the board of directors concerning security issues
Experience defining processes to maintain security equipment, test intrusions, and the ensure alerting of threats.
Developing and maintaining company security practices and processes on investigating and documenting suspicious incidents and policy violations.
Creating documentation library and reporting processes for all investigations and Security Program operations.
Working with other department leaders, designing security components for operations and other strategic processes, and supervising the development and implementation of required security reporting devices and processes at all levels.

PREFERRED SKILLS (RANK IN ORDER OF IMPORTANCE):
Experience and working knowledge of backup products and methodologies.
Ability to craft proactive and automated scripts and tools
Knowledge of Virtual Machine operation, strengths, and weaknesses.
Experience with VMware ESX administration
Support of web-based applications for internal (intranet) sites and external (Internet) sites.
Knowledge of software development lifecycles and migrations from different environments, such as development, production, etc...
Expert on Windows Server 2008, Sharepoint 2010, Project 2010, SCCM 2012
Expert with Active Directory administration
Hands-on technical knowledge of network and server operating systems
Working technical knowledge of current network hardware, protocols, and Internet standards, including TCP/IP, and DNS, DHCP.
Experience in developing and maintaining documentation for policies, procedures, and best practices.
Extensive working knowledge of Internet protocols, tools and techniques including but not limited to:
o Internet Information Server,
o Server operating systems installation and configuration,
o Internet security,
o Virtual Private Networking (VPN),
o TCP/IP, Local Area Networks (LAN), Wide Area Networks (WAN),
Skills:
Category
Name
Required
Importance
Level
Last Used
Experience
Database Platforms MS SQL Server 2008 R2 Yes 1 Advanced Currently Using 4 - 6 Years
Miscellaneous Configuration management Yes 1 Advanced Currently Using 4 - 6 Years
Miscellaneous Publically accessible assets Yes 1 Advanced Currently Using 4 - 6 Years
Networking & Directories Active Directory Yes 1 Advanced Currently Using 4 - 6 Years
Networking & Directories Anti-Virus management Yes 1 Advanced Currently Using 4 - 6 Years
Networking & Directories User access policies Yes 1 Advanced Currently Using 4 - 6 Years
Networking & Directories Virtualization Yes 1 Advanced Currently Using 4 - 6 Years
Operating Systems/APIs storage area network (SAN) Yes 1 Advanced Currently Using 4 - 6 Years
Operating Systems/APIs Windows 2003/2008 Server Yes 1 Advanced Currently Using 4 - 6 Years
Additional Skills: