SunPlus Data Group, Inc.
THIS POSITION IS 100% ON-SITE.
The South Carolina Department of Health and Environmental Control is dedicated to helping people live healthy lives in healthy communities. With more than 3,400 employees in 70 offices across the state, S.C. DHEC has a diverse team of employees who are leaders in their fields and share a passion for making a difference.
As the state agency charged with promoting and protecting South Carolina’s public health and environment, S.C. DHEC has a legacy of attracting and retaining talented individuals who want to build rewarding and successful careers doing work that touches people’s lives every day.
Candidates should be self-motivated, team-oriented, work under limited supervision, and respond to priority tasks as needed. Candidates must also be able to form productive working relationships with individuals from diverse backgrounds and at all organizational levels.
Scope of the project:
DHEC actively strives to conduct routine, special, and investigative audits to assist the Board and DHEC Management in assessing and improving agency programs and operations. The Security Analyst – Project Lead under limited supervision will plan, manage, and conduct Information Technology audits and activities for the Office of Internal Audits. This position will plan and analyze IT systems leveraging COBIT, COSO, ISO, ITIL, NIST, and other relevant frameworks, regulations, and guidelines.
The applicant selected for this opening will be required to travel and conduct routine, special, and/or investigative audits at agency sites located throughout the entire state of South Carolina
The applicant selected will work primarily under the general guidance of the Office of Internal Audits but will also be required to work closely with other teams and Agency staff at all levels.
Applicant should be self-motivated, team-oriented, work under limited supervision, and respond to priority tasks as needed.
Daily Duties / Responsibilities:
The Security Analyst – Project Lead will be responsible for planning and conducting Information Technology (IT) audits and activities of the agency for the Office of Internal Audits.
Responsibilities include:
- Identifies risks and evaluates internal controls in information system environments.
- Assist the Internal Audit Director in developing and managing IT Continuous Auditing Programs
· Plans and analyzes IT systems leveraging COBIT, COSO, ISO, ITIL, NIST, and other relevant frameworks, regulations, and guidelines.
· Performs test of design and operating effectiveness over IT general controls.
· Reviews the selection and implementation of IT technical controls.
· Validates baseline security configuration for operating systems, application, networking and telecommunications equipment.
· Prepares working papers and reports to support recommendations and conclusions with related IT standards.
· Develops, builds, and implements tools to analyze data to improve audit efficiency and effectiveness, including risk assessments.
· Provides analytics to be used to incorporate best practices in continuous auditing.
· Performs risk assessments (e.g., data security, IT Governance, Disaster Recovery)
· Provides IT input to Internal Audit Director in development of the Annual Five Year Audit Plan to improve IT compliance and effectiveness of DHEC’s information systems environment.
· Follows up on recommendations made by external auditors or outsourced firms on IT external audit reports; as well as recommendations made from IT internal audit reports.
· Utilizes data analytics software to assist OIA with auditing, consulting, and special reviews.
· Performs data extractions, analytical testing and security reviews utilizing Audit Command Language (ACL) and other analytical tools.
· Provides IT technical support for the Office of Internal Audits (e.g., hardware, software, ACL, etc.).
The position will be utilized for 40 hours per week for the duration of this project. The selected candidate should be able to work flexible hours where it may be necessary for work to be completed outside traditional business hours.
The applicant will work closely with the Internal Audits team to identify, prioritize, and schedule audits to maintain compliance. The applicant will work closely with customer and subject matter experts for the system design, migration to the new framework, and testing.
This will also include compliance to DHEC internal audits policies and procedures, as well maintaining strict confidentiality of audit results and remediations.
Required Skills
1. Experience in projects involving PCI/NIST security implementations and/or audits.
2. Accounting, Audit Experience.
3. Experience working with risk management, ITIL.
Knowledge of Information Technology Field, best practices, organization, and operations.
5. Verbal Communication Skills, written communication skills, organizational skills.
Flexible and easily adapts to changing priorities.
Required Education: Bachelor’s degree in a related area and 1-3 years of experience in the field or in a related area.
Job Type: Contract
Pay: Up to $65.00 per hour
Benefits:
- Dental insurance
- Health insurance
- Vision insurance
Schedule:
- Monday to Friday
Experience:
- PROJECTS INVOLVING PCI/NIST SECURITY IMPLEMENTATIONS: 5 years (Required)
- ACCOUNTING/ AUDIT: 5 years (Required)
- RISK MANAGEMENT,ITIL.: 5 years (Required)
Work Location: One location
Quick Apply
To help us track our recruitment effort, please indicate in your cover/motivation letter where (jobsinteelecom.net) you saw this job posting.
