• The IT Security Analyst is responsible for leading enterprise risk management, compliance, and security governance initiatives across Telecare’s technology environment. • This role ensures alignment with industry frameworks including NIST Cybersecurity Framework (CSF) and CIS Critical Security Controls, while driving continuous improvement of the organization’s security posture. • The IT Security Analyst partners closely with Security Engineering, IT, and business stakeholders to assess risk, guide remediation, and ensure security controls are effectively implemented across systems, applications, and third-party environments. • This role also plays a key part in identity governance, including assisting with the design and implementation of role-based access control (RBAC) within enterprise platforms such as Workday, ensuring least privilege and regulatory compliance. • The position serves as a bridge between technical security operations and business risk management, providing actionable insights to leadership and supporting audit, compliance, and regulatory requirements.

• Perform data gathering, synthesis, and develop solutions • Partner with teams to identify trends and resolve problems • Evaluate information and provide recommendations based on findings

Role Description This role will serve as a SOC Analyst (Consultant) within the Division of Information Security (DIS), supporting statewide security monitoring, threat detection, and incident response operations. The position focuses on day‑to‑day SOC activities, working closely with DIS security teams and state agencies to identify, investigate, and respond to security events. This position is needed to ensure the state can continuously detect, investigate, and respond to security threats in a timely manner, reducing operational and cybersecurity risk across state agencies while improving the effectiveness of centralized SOC monitoring and incident response capabilities. This is a contract role with an initial 12‑month term and the potential for extension. While remote work is supported, candidates who can provide onsite support in Columbia, South Carolina when needed will be preferred. On a daily basis, the SOC Analyst will perform continuous security monitoring and incident response activities, including: - Reviewing, correlating, and analyzing security alerts generated by centralized security platforms. - Validating alerts, investigating suspicious activity, determining scope and impact, and escalating confirmed incidents when required. - Applying the MITRE ATT&CK Framework to analyze adversary tactics and techniques, support detection logic, and improve understanding of attacker behavior during investigations. The SOC Analyst will also be responsible for creating and maintaining dashboards and security reports used by operational teams and leadership, including: - Translating security event data into clear metrics and visualizations that highlight trends, incident activity, and overall security posture. Qualifications - 3+ years of experience with security monitoring and incident response - 3+ years of experience using the MITRE ATT&CK Framework - 3+ years of experience with dashboard creation and security reporting - Experience with the Palo Alto Cortex XSIAM / XDR platform - Knowledge of Linux network administration and network design - Experience administering firewalls, VPN technologies, Active Directory, and intrusion detection/prevention systems (IDS/IPS) - Experience supporting large, complex enterprise environments - Comfort working across multiple agencies and stakeholders - Willingness to support onsite work when project needs arise Benefits - Medical, dental & vision - Critical Illness, Accident, and Hospital - 401(k) Retirement Plan – Pre-tax and Roth post-tax contributions available - Life Insurance (Voluntary Life & AD&D for the employee and dependents) - Short and long-term disability - Health Spending Account (HSA) - Transportation benefits - Employee Assistance Program - Time Off/Leave (PTO, Vacation or Sick Leave) Company Description

• Ensure compliance with DoD and VA cybersecurity requirements (e.g., RMF, NIST 800-53, FedRAMP where applicable) • Support Authority to Operate (ATO) processes, including documentation, control implementation, and continuous monitoring • Collaborate with product, engineering, IT, and compliance teams to integrate security controls into systems and services • Conduct risk assessments, control testing, and gap analyses aligned with NIST, HIPAA, and other regulatory frameworks • Maintain and update security policies, standards, and procedures to meet federal and enterprise requirements • Assist in audit readiness and support internal/external audits (DoD, VA, HIPAA, as applicable) • Monitor regulatory changes and assess impact on QuidelOrtho products and services • Support third-party/vendor risk management, especially for federal-facing solutions • Contribute to incident response, vulnerability management, and remediation tracking from a compliance perspective • Provide security awareness and guidance to cross-functional teams on federal compliance expectations • Perform other work-related duties as assigned.