Security Analyst
(Columbia, SC, 29205) | 04/24/26
Job Description
IT - ADMIN - Security Analyst - Project Lead
10792
05/25/2026
12 Months
4430 Broad River Road Columbia, SC
The State of South Carolina is looking for a Security Analyst - Project Lead
Why is this position open: New role supporting statewide security incident response.
Interview Process: 1 Round of Virtual/Online Interviews - potential for second round of in-person interviews
Duration of the Contract: 12 Months
Possibility for Extension: Yes
Work Location: Role is 100% Remote
Candidate location: No SC residency required. Open to nationwide candidates.
Additional Information: Preference will be given to candidates that are local to SC and are able to come onsite for project needs.
Full job description attached and required and preferred skills are listed below.
Daily Duties / Responsibilities:
PREFERENCE WILL BE GIVEN TO A CANDIDATE WHO CAN WORK ONSITE OVER HYBRID AND
OVER FULL-TIME REMOTE (ON-SITE AS NEEDED).
Continuously review and correlate security event data across SIEM, EDR, IDS/IPS, and
threat intelligence sources to identify complex attack patterns, emerging threats, and
security incidents.
Perform deep-dive analysis of suspicious activity, validate incidents, determine root
cause and impact, and escalate critical incidents with detailed context to Tier 3 as
required.
Create detailed incident reports, timelines, and post-incident summaries; contribute
to lessons-learned documentation and recommendations for remediation and
preventative measures.
Investigate user-reported phishing, malware infections, and potential policy
violations; advise users and internal/external teams on containment and recovery
actions.
Recommend updates to SOC playbooks and workflows based on real-world
INVESTIGATIONS, fine-tune detection rules. Alert thresholds, and correlation logic to
reduce false positives and improve threat coverage.
Collaborate with engineering teams to ensure monitoring tools are properly
configured and tuned. Integrate new threat intelligence feeds into workflows and
proactively hunt for threats using up-to date tactics, techniques, and procedures
(TTPs)
Serve as a customer-facing SME, selling the value of DIS services by demonstrating
capabilities and resolving issues.
Document processes, runbooks, and troubleshooting steps related to SOC operations.
Coordinate with engineering, SOC, and agency staff as needed to meet goals.
Other duties as needed
Required Skills (rank in order of Importance):
2+ Years of Experience with Security Monitoring and Incident Response.
2+ Years of Experience with MITRE ATT&CK framework.
2+ Years of Experience with dashboard creation and reporting
Required Education/Certifications:
Associate's degree in an information technology or information security related field
Four years of relevant work experience may be substituted in lieu of education
Two years of experience in supporting large soc operations
Preferred Skills (rank in order of Importance):
Experience with the Palo Alto Cortex
XSIAM/XDR platform.
Knowledge of Linux, network
administration and network design.
Experience in administration of
firewalls, VPN technology, Active
Directory, Intrusion
Detection/Prevention systems.
Candidate is local to Columbia, SC or
surrounding city in South Carolina
Preferred Education/Certifications:
CISSP, CISA, CISO or equivalent
advanced security certification.
Additional relevant certifications
(e.g., CEH, OSCP, GPEN).
Vendor certifications related to
information security
Security Analyst1SIEM, EDR, MITRE ATT&CK, IDS/IPS W2United States
(Columbia, SC, 29205) | 04/24/26
Job Description
IT - ADMIN - Security Analyst - Project Lead
10792
05/25/2026
12 Months
4430 Broad River Road Columbia, SC
The State of South Carolina is looking for a Security Analyst - Project Lead
Why is this position open: New role supporting statewide security incident response.
Interview Process: 1 Round of Virtual/Online Interviews - potential for second round of in-person interviews
Duration of the Contract: 12 Months
Possibility for Extension: Yes
Work Location: Role is 100% Remote
Candidate location: No SC residency required. Open to nationwide candidates.
Additional Information: Preference will be given to candidates that are local to SC and are able to come onsite for project needs.
Full job description attached and required and preferred skills are listed below.
Daily Duties / Responsibilities:
PREFERENCE WILL BE GIVEN TO A CANDIDATE WHO CAN WORK ONSITE OVER HYBRID AND
OVER FULL-TIME REMOTE (ON-SITE AS NEEDED).
Continuously review and correlate security event data across SIEM, EDR, IDS/IPS, and
threat intelligence sources to identify complex attack patterns, emerging threats, and
security incidents.
Perform deep-dive analysis of suspicious activity, validate incidents, determine root
cause and impact, and escalate critical incidents with detailed context to Tier 3 as
required.
Create detailed incident reports, timelines, and post-incident summaries; contribute
to lessons-learned documentation and recommendations for remediation and
preventative measures.
Investigate user-reported phishing, malware infections, and potential policy
violations; advise users and internal/external teams on containment and recovery
actions.
Recommend updates to SOC playbooks and workflows based on real-world
INVESTIGATIONS, fine-tune detection rules. Alert thresholds, and correlation logic to
reduce false positives and improve threat coverage.
Collaborate with engineering teams to ensure monitoring tools are properly
configured and tuned. Integrate new threat intelligence feeds into workflows and
proactively hunt for threats using up-to date tactics, techniques, and procedures
(TTPs)
Serve as a customer-facing SME, selling the value of DIS services by demonstrating
capabilities and resolving issues.
Document processes, runbooks, and troubleshooting steps related to SOC operations.
Coordinate with engineering, SOC, and agency staff as needed to meet goals.
Other duties as needed
Required Skills (rank in order of Importance):
2+ Years of Experience with Security Monitoring and Incident Response.
2+ Years of Experience with MITRE ATT&CK framework.
2+ Years of Experience with dashboard creation and reporting
Required Education/Certifications:
Associate's degree in an information technology or information security related field
Four years of relevant work experience may be substituted in lieu of education
Two years of experience in supporting large soc operations
Preferred Skills (rank in order of Importance):
Experience with the Palo Alto Cortex
XSIAM/XDR platform.
Knowledge of Linux, network
administration and network design.
Experience in administration of
firewalls, VPN technology, Active
Directory, Intrusion
Detection/Prevention systems.
Candidate is local to Columbia, SC or
surrounding city in South Carolina
Preferred Education/Certifications:
CISSP, CISA, CISO or equivalent
advanced security certification.
Additional relevant certifications
(e.g., CEH, OSCP, GPEN).
Vendor certifications related to
information security
Security Analyst1SIEM, EDR, MITRE ATT&CK, IDS/IPS W2United States
Job ID: 518660075
Originally Posted on: 4/24/2026
Want to find more Technology opportunities?
Check out the 165,505 verified Technology jobs on iHireTechnology
Similar Jobs
Sign Up for Job Alerts
