Information Security Analyst - Platinum Resource Group

Information Security Analyst

Location; Columbia, SC

JOB DESCRIPTION

Our client is seeking an Information Security Analyst to join its Information Technology group in Columbia, SC. In this role, you will support the firm's comprehensive information security program, with a primary focus on Governance, Risk, and Compliance (GRC) activities. The role will involve overseeing risk management processes, implementing governance frameworks, and ensuring ongoing regulatory compliance. The Analyst will also assist in general security administration, monitoring, and incident response as needed to support the diverse needs of the security team.

As an Information Security Analyst, you will be part of a dynamic IT team dedicated to serving the Firm's nationwide platform. The responsibilities include implementing and maintaining security policies, procedures, and controls in line with industry best practices and regulatory requirements such as ISO 27001, SOC II, and HIPAA.

• Conduct risk assessments, identify security risks in business processes and technologies, and recommend appropriate mitigation strategies.
• Assist with audit preparation, evidence gathering, and compliance assessments for various regulatory frameworks like NIST 800-53, ISO 27001, SOC II, and HIPAA.
• Manage security tools such as firewalls, encryption, antivirus, and DL.
• Identify and respond to security incidents and maintain incident response documentation.
• Evaluate the security posture of third-party vendors and software, identifying potential risks, and ensuring compliance with contractual obligations are also critical.
• Continuously assess and recommend improvements to the firm's security controls, policies, and governance structure to meet evolving regulatory requirements and industry best practices.
• Participation in cross-functional security projects, providing GRC insights and support, is expected.
• Support security awareness training programs and initiatives, driving the automation of security workflows and processes, and collaborate with the IT department on special projects, offering technical support for security-related issues when needed.

QUALIFICATIONS

• 2+ years of experience in IT or security administration, with a particular focus on GRC (Governance, Risk, and Compliance) activities.
• Strong knowledge of GRC frameworks, including ISO 27001, SOC II, NIST 800-53, and HIPAA.
• Familiarity with technologies such as Active Directory, Microsoft Entra, Office 365, and Microsoft Defender is also essential.
• Experience with email security, DLP, network security, and encryption best practices.
• Scripting skills (PowerShell / Python preferred) and experience in workflow automation tools (ServiceNow, IntApp, MS Flow).
• Strong analytical, problem-solving, and communication skills, with an emphasis on governance and compliance reporting.

Platinum Resource Group is a professional level consulting firm, providing resources to Fortune 1000 client companies in the areas of technology, human resources, accounting, finance, business systems and supply chain, on a contract and interim basis. PRG has operations in Orange County, San Diego, Los Angeles, and San Francisco. As a W-2 employer we offer our consultants direct deposit bi-weekly payroll, health, dental, vision benefits, paid holidays, and referral bonuses.