• Assist in the development, implementation, maintenance, and documentation of information security policies, standards, procedures, controls, and baseline configurations aligned with industry best practices such as NIST and CIS. • Support security functions intended to protect the organization’s systems, applications, infrastructure, data, and operations. • Assist in securing modern infrastructure, including cloud platforms and containerized environments. • Learn and contribute to container security practices, including image scanning, runtime protections, and workload hardening. • Identify, analyze, document, and help address security risks, vulnerabilities, issues, findings, and control gaps across systems, applications, and infrastructure. • Collaborate with internal teams, senior analysts, and engineers to support remediation efforts, compensating controls, and the adoption of secure practices. • Assist with monitoring, testing, and maintaining security controls, related processes, and corporate systems in alignment with established policies and controls. • Support compliance, audit, and regulatory activities, including internal and external audit readiness, through documentation, evidence gathering, and control validation. • Contribute to security automation efforts, including scripting and tooling, primarily in Python, and support identity and access management processes such as SSO, IAM, and role based access controls. • Stay current on information security practices, technologies, certifications, and emerging threats, and perform other related duties as assigned.

• The IT Security Analyst is responsible for leading enterprise risk management, compliance, and security governance initiatives across Telecare’s technology environment. • This role ensures alignment with industry frameworks including NIST Cybersecurity Framework (CSF) and CIS Critical Security Controls, while driving continuous improvement of the organization’s security posture. • The IT Security Analyst partners closely with Security Engineering, IT, and business stakeholders to assess risk, guide remediation, and ensure security controls are effectively implemented across systems, applications, and third-party environments. • This role also plays a key part in identity governance, including assisting with the design and implementation of role-based access control (RBAC) within enterprise platforms such as Workday, ensuring least privilege and regulatory compliance. • The position serves as a bridge between technical security operations and business risk management, providing actionable insights to leadership and supporting audit, compliance, and regulatory requirements.

• Perform data gathering, synthesis, and develop solutions • Partner with teams to identify trends and resolve problems • Evaluate information and provide recommendations based on findings

Role Description This role will serve as a SOC Analyst (Consultant) within the Division of Information Security (DIS), supporting statewide security monitoring, threat detection, and incident response operations. The position focuses on day‑to‑day SOC activities, working closely with DIS security teams and state agencies to identify, investigate, and respond to security events. This position is needed to ensure the state can continuously detect, investigate, and respond to security threats in a timely manner, reducing operational and cybersecurity risk across state agencies while improving the effectiveness of centralized SOC monitoring and incident response capabilities. This is a contract role with an initial 12‑month term and the potential for extension. While remote work is supported, candidates who can provide onsite support in Columbia, South Carolina when needed will be preferred. On a daily basis, the SOC Analyst will perform continuous security monitoring and incident response activities, including: - Reviewing, correlating, and analyzing security alerts generated by centralized security platforms. - Validating alerts, investigating suspicious activity, determining scope and impact, and escalating confirmed incidents when required. - Applying the MITRE ATT&CK Framework to analyze adversary tactics and techniques, support detection logic, and improve understanding of attacker behavior during investigations. The SOC Analyst will also be responsible for creating and maintaining dashboards and security reports used by operational teams and leadership, including: - Translating security event data into clear metrics and visualizations that highlight trends, incident activity, and overall security posture. Qualifications - 3+ years of experience with security monitoring and incident response - 3+ years of experience using the MITRE ATT&CK Framework - 3+ years of experience with dashboard creation and security reporting - Experience with the Palo Alto Cortex XSIAM / XDR platform - Knowledge of Linux network administration and network design - Experience administering firewalls, VPN technologies, Active Directory, and intrusion detection/prevention systems (IDS/IPS) - Experience supporting large, complex enterprise environments - Comfort working across multiple agencies and stakeholders - Willingness to support onsite work when project needs arise Benefits - Medical, dental & vision - Critical Illness, Accident, and Hospital - 401(k) Retirement Plan – Pre-tax and Roth post-tax contributions available - Life Insurance (Voluntary Life & AD&D for the employee and dependents) - Short and long-term disability - Health Spending Account (HSA) - Transportation benefits - Employee Assistance Program - Time Off/Leave (PTO, Vacation or Sick Leave) Company Description