Security Analyst – Risk Management Expert (ISSO) #8799

Security Analyst – Risk Management Expert (ISSO) #8799

Location: Columbia, SC (Fully Onsite – 5 days/week)
Type: Contract

Duration: 12 months (possibility for extension)
Interview Process: 2 rounds (Virtual & In-Person)
Candidate Location Requirement: Must be a South Carolina resident or willing to relocate prior to start (at own expense)

About the Role

The Senior Information System Security Officer (ISSO) will lead Security, Risk , and Compliance activities supporting ongoing cybersecurity efforts. This role ensures compliance with Federal, State, and agency regulations (FISMA, NIST, CMS MARS-E, HIPAA).

This is a new role created to strengthen risk management and compliance oversight . Candidates who thrive in complex, change-oriented environments and can work independently with minimal supervision will find this position highly rewarding.

Key Responsibilities

• Lead establishment, implementation, and enhancement of security/compliance programs.
• Develop and maintain RMF/A&A artifacts (SSPs, PIAs, ISAs, CMAs).
• Perform architectural reviews and risk analysis (network design, firewall rules, vulnerability management).
• Audit and assess internal systems and vendor controls.
• Serve as primary contact for third-party audits and assessments.
• Review contracts, BAAs, and data-sharing agreements for compliance.
• Collaborate with leadership, vendors, and stakeholders to recommend risk mitigation strategies.
• Document and report findings using tools such as Archer eGRC, Microsoft Office, Atlassian, Bizagi, and ticketing systems .

Required Skills & Experience

• 5+ years IT experience auditing/working with IBM System 390/zSeries, Windows, Linux, databases (relational & non-relational), networking infrastructure, and web applications.
• Prior experience in a FISMA-compliant program .
• Experience with eGRC systems .
• Prior Health Information Technology experience.
• Strong knowledge of FISMA, NIST, CMS MARS-E, HIPAA Security & Privacy .
• Information Security certification required: ISC(2), ISACA, SANS GIAC, or equivalent .
• Ability to work independently and collaboratively across multiple teams/vendors.
• Strong communication skills for diverse technical and non-technical audiences.
• Intermediate to advanced proficiency in Microsoft Office (Word, Excel, PowerPoint, Visio) .
• Keen attention to detail with ability to see the big picture.

Preferred Skills & Experience

• Bachelor’s degree in Computer Science or related field, OR 10+ years of equivalent experience.
• Prior ITIL experience in Information Security Management.
• Experience with cloud security and vendor management.
• Familiarity with technologies such as Archer (eGRC), NoSQL databases, IBM System 390/zSeries, SIEM solutions, IAM solutions, firewalls, IPS, and routing infrastructure .