Local Jobs

  • IT Internal Auditor (60033587)

    Job Responsibilities

    Who We Are
    The South Carolina Department of Revenue (SCDOR) helps move South Carolina forward by collecting 95% of the state's General Fund. Committed to making compliance easy for taxpayers, and valuing excellence, collaboration, and professionalism, we work to be an innovative and trustworthy partner for taxpayers, businesses, and tax professionals. With excellent benefits and opportunities for training and advancement, we are dedicated to developing, retaining, and valuing a competent, productive, and diverse workforce.

    Purpose
    To establish and manage the SCDOR IT Internal Auditing Program.  

    Duties 

    • Establish an IT internal auditing plan.
      • Perform risk assessments in establishing the IT internal audit plan.
      • Design and perform internal audits across multiple disciplines.
      • Estimate resource needs and schedule assignments to meet completion dates.
    • Develop internal audit programs that examine processing controls, input and output data, system changes, operations documentation, program documentation, and test procedures and results to ensure the presence of adequate controls.
    • Ascertain the reliability of information systems examined and ensure that computer control standards and established SCDOR policies and procedures are followed on SCDOR computer platforms.
    • Review the adequacy, effectiveness, efficiency, compliance, and application of computer hardware, software, and network controls.
    • Evaluate and review proposed applications to provide input into the design of new systems regarding internal controls and adaptability.
    • Perform IRS Publication 1075 compliance reviews.
    • Write specialized/technical reports detailing findings and recommendations to yield desired results.

    Minimum and Additional Requirements

    • A bachelor's degree with multiple accounting and/or finance courses and six years of professional experience in accounting, auditing, IT auditing, finance, insurance, or tax preparation and/or analysis.  
    • Academic degrees must be from an accredited institution of higher learning.
    • This position deals with highly sensitive information and the ability to exhibit integrity and maintain confidentiality is required.  

    Preferred Qualifications

    • Any of the following certifications:  CISA, CIA, CISM, CISSP, CRISC, or other information system or security professional certification. 
    • Experience in performing audits related to IRS Publication 1075 or other guidelines based on NIST security controls. 
    • Knowledge of relevant federal/state laws and regulations. 
    • Working knowledge of infrastructure, access controls, identification/authentication controls, public key infrastructure, network security, application/database architecture, and enterprise security architecture.
    • Major coursework in computer science and information security.  

    Additional Comments

    • Background Check: SCDOR employees are required to comply with all SCDOR tax requirements and are subject to a National Criminal Background Check to include fingerprinting.  
    • EEO: It is the policy of the SCDOR to provide equal employment opportunities to all employees and applicants without regard to age, race, color, religion, sex, national origin, disability, and pregnancy, childbirth, or related medical conditions, including, but not limited to, lactation.  
  • Sr Info Cybersecurity Analyst - (21011698)

    JOB SUMMARY

     

    Responsible for analyzing security controls for information systems with increasing levels of complexity and breadth. Safeguards the network against unauthorized infiltration, modification, destruction, or disclosure. Researches, evaluates, tests, recommends, communicates, and implements new security software or devices. Enforces, communicates and develops security policies or plans for data, software applications, hardware, and telecommunications. As the senior-most analyst, this position will need to partner and collaborate across multiple teams and projects while being able to work through complex challenges within the Cybersecurity space.

     

    JOB RESPONSIBILITIES

     

    • Performs information security risk assessments, evaluates the design and effectiveness of security controls, manages risk, and provides advice for the implementation information security controls that addresses potential issues.
    • Performs operational assessment, prioritization, and remediation of enterprise vulnerabilities and exposures
    • Collects, assesses, and reports upon operational security metrics to measure the effectiveness of security controls and identify opportunities for improvement.
    • Participates in monitoring of data security profiles and reviews of information security violation reports and investigations of security exceptions.
    • Collects, assesses, and reports upon relevant Information Security threat intelligence / actionable security information and establishes operational requirements.  
    • Serves as an escalation point for incidents identified by the SOC, information Security Operations & Information Technology (IT).  Performs analysis and response to relevant alerts and events.
    • Assists with coordinating remediation for any gaps reported in audits or recommended process improvements that effect core information security services.
    • Evaluates processes used to document and log information security incidents, responses, plans, methods, and procedures.
    • Promotes and participates with development and update of security awareness training by working with Talent Development to provide orientation, educational programs, and on-going communication.
    • Works with a broad set of business and technical stake holders to research, assess, evaluate, and support the implementations of security related projects.
    • Provides insight and guidance to IT software and hardware upgrades and other projects to ensure production environments meet and exceed minimum security standards.  
    • Collaborates often with other Information Security Analysts and our Security Operations, Network Infrastructure, and IT groups.

     JOB RESPONSIBILITIES

     

    • Contributes to the achievement of established department goals and objectives and adheres to department policies, procedures, quality standards, and safety standards.
    • Performs other duties and responsibilities as assigned by information Security management, leadership and/or CISO.
  • Info Cybersecurity Analyst II - (21011697)

    JOB SUMMARY

     

    Responsible for analyzing security controls for information systems. Safeguards the network against unauthorized infiltration, modification, destruction, or disclosure. Researches, evaluates, tests, recommends, communicates, and implements new security software or devices. Enforces, communicates and develops security policies or plans for data, software applications, hardware, and telecommunications.  

     

    JOB RESPONSIBILITIES

     

    • Performs information security risk assessments, evaluates the design and effectiveness of security controls, manages risk, and provides advice for the implementation information security controls that addresses potential issues.
    • Performs operational assessment, prioritization, and remediation of enterprise vulnerabilities and exposures
    • Collects, assesses, and reports upon operational security metrics to measure the effectiveness of security controls and identify opportunities for improvement.
    • Participates in monitoring of data security profiles and reviews of information security violation reports and investigations of security exceptions.
    • Collects, assesses, and reports upon relevant Information Security threat intelligence / actionable security information and establishes operational requirements.  
    • Serves as an escalation point for incidents identified by the SOC, information Security Operations & Information Technology (IT).  Performs analysis and response to relevant alerts and events.
    • Assists with coordinating remediation for any gaps reported in audits or recommended process improvements that effect core information security services.
    • Promotes and participates with development and update of security awareness training by working with Talent Development to provide orientation, educational programs, and on-going communication.
    • Works with business and technical stake holders to research, assess, evaluate, and support the implementations of security related projects.
    • Provides insight and guidance to IT software and hardware upgrades and other projects to ensure production environments meet and exceed minimum security standards.  
    • Position will have a high level of collaboration with other information Security Analysts and extensive involvement with our Security Operations, Network Infrastructure, and IT groups.
    • Contributes to the achievement of established department goals and objectives and adheres to department policies, procedures, quality standards, and safety standards.
    • Performs other duties and responsibilities as assigned by information Security management, leadership and/or CISO.
     
    Qualifications
     

     

    QUALIFICATION REQUIREMENTS (please indicate if ‘preferred’)

     

    • Bachelor's degree in Information Systems, or a combination of equivalent technical experience and education.
    • Operation information security experience. Hands-on experience with the following: system hardening, vulnerability scanning/remediation, firewall, penetration testing, Incident Response, Incident Handling, and reporting. Hands-on experience in evaluating and applying technical security controls to applications, servers, or network infrastructure. Experience performing vendor security assessment. Experience with various security management tools (Vulnerability Management, Configuration Management, SIEM, etc.)
    • License/Certification/Registration: CISSP, SANS GSEC, CompTIA Security+, or CEH certification preferred.
  • Info Sec Anlyst II, Gov & Risk - (21010758)

    JOB SUMMARY

     

    The Analyst supports the development, education, monitoring, and implementation oversight of enterprise information security policies and standards.  The Analyst primary focus is to assist with the administration of information security governance and compliance processes and monitoring and reporting information security policy and program compliance.

     

    JOB RESPONSIBILITIES

     

    • Performs vendor security assessments and security reviews to assess the security posture and capabilities of Syneos Health vendors
    • Monitors Syneos Health vendors to ensure they are meeting Syneos Health vendor security requirements
    • Monitors, and reports on information security governance, risk and compliance key performance indicators
    • Assist with preparing and submitting mandatory information security program compliance reports to management, and clients
    • Assist with preparing responses to internal and external inquiries about information security program, compliance, and performance
    • Helps administer information security governance review and approval procedures
    • Collaborates with other security organization members on cross-business / cross-functional opportunities
    • Helps perform security data analysis and event tracking
    • Responds to reported security incidents and events through the Company’s ticketing system
    • Helps with writing documentation and reports
    • Evaluates new security technology in the Company environment
    • Other duties as assigned

     

     
    Qualifications
     

     

    • Experience with leading information security frameworks and policy concepts.
    • Bachelor’s Degree (or higher) preferred (or equivalent experience).
    • Industry certifications such as CISA, CRISC, CISSP or similar industry certification desirable.
    • Proficient with Microsoft Office Suite (Word, Excel, Power Point).
    • Professional with ability to properly handle confidential information.
    • Ability to work well independently and in a team environment. Ability to handle multiple tasks, prioritize and meet deadlines. Ability to work within a matrix organization.
    • Must have flexibility and willingness to participate in the work processes of an international organization, including conference calls scheduled to accommodate global time zones.
    • Understanding of security tools such as firewalls, anti-malware, Intrusion Detection/ Intrusion Prevention systems (IDS/IPS), Data Leak Prevention (DLP), Unified Threat Management (UTM). 
    • Familiarity with common information security standards such as ISO-27000 and NIST SP 800 series.
    • Ability to review reports and system activity logs to identify critical events, categorize according to priority, and escalate as appropriate