Information Security Analyst

We are seeking an Information Security Analyst to join our Information Technology group in Columbia, SC. This role will support our comprehensive information security program, focusing on Governance, Risk, and Compliance (GRC) activities. You will oversee risk management processes, implement governance frameworks, and ensure ongoing regulatory compliance while assisting with general security administration, monitoring, and incident response.

Responsibilities

• Implement and maintain security policies, procedures, and controls in line with industry best practices and regulatory requirements (ISO 27001, SOC II, HIPAA).
• Conduct risk assessments to identify security risks within business processes and technologies, providing recommendations for mitigation strategies.
• Assist with audit preparation, evidence gathering, and compliance assessments for frameworks such as NIST 800-53 and others.
• Manage security tools (firewalls, encryption, antivirus, DLP) and identify/respond to security incidents while maintaining incident response documentation.
• Evaluate the security posture of third-party vendors, ensuring compliance with contractual obligations.
• Continuously assess and recommend improvements to security controls, policies, and governance structures to align with evolving regulations and best practices.
• Support security awareness training programs and initiatives.
• Drive automation of security workflows and collaborate with the IT department on special projects, providing technical support for security-related issues as needed.

Qualifications

• Over two years of experience in IT or security administration, with a focus on Governance, Risk, and Compliance (GRC).
• Strong knowledge of GRC frameworks, including ISO 27001, SOC II, NIST 800-53, and HIPAA.
• Familiarity with technologies such as Active Directory, Microsoft Entra, Office 365, and Microsoft Defender.
• Experience with email security, DLP, network security, and encryption best practices.
• Proficiency in scripting languages (PowerShell/Python preferred) and experience with workflow automation tools (ServiceNow, IntApp, MS Flow).
• Strong analytical, problem-solving, and communication skills, particularly in governance and compliance reporting.

Why Join Us?

Be part of a dynamic IT team dedicated to serving the Firm’s nationwide platform, where your contributions will directly influence our security posture and compliance effectiveness.