Senior Information Security Analyst

Our client in Columbia, SC is looking to hire a Senior Information Security Analyst for their organization.

Location: 100% on-site in Columbia, SC

Salary: Targeting $100K - $120K

• Our client is not able to provide sponsorship now or in the future
• This role is not open to 3rd party candidate

Position Overview

This role is responsible for strengthening and maintaining the organization’s security posture across endpoint, cloud, application, and infrastructure environments. The position requires a hands-on practitioner who can implement, monitor, and continuously improve security controls while partnering with cross-functional teams to manage risk and protect sensitive data.

Key Responsibilities

• Proactively identify, remediate, and validate security vulnerabilities across endpoints, cloud platforms, applications, and infrastructure.
• Configure, manage, and optimize security technologies such as:
• Endpoint Detection & Response (EDR)
• Security Information & Event Management (SIEM)
• Vulnerability management platforms
• Email security solutions
• Multi-Factor Authentication (MFA)
• Data Loss Prevention (DLP)
• Monitor security alerts and logs; investigate suspicious activity and participate in incident response efforts, including containment and recovery.
• Implement and enforce security controls, system hardening standards, and least-privilege access principles.
• Perform risk assessments and collaborate with stakeholders to develop and execute remediation plans.
• Conduct user access reviews and support Identity & Access Management (IAM) processes, including provisioning and deprovisioning.
• Validate patch management activities and ensure timely remediation of identified issues.
• Partner with data and AI teams to support the secure design and deployment of AI solutions, including safeguarding sensitive data.
• Evaluate AI tools and integrations for privacy, data leakage, and compliance risks; recommend and implement appropriate safeguards.
• Develop, document, and enforce security policies, standards, and procedures.
• Support audit and compliance activities by gathering evidence and participating in security reviews.
• Assist with vendor and third-party security risk assessments.
• Promote security awareness and best practices across the organization.
• Translate technical security requirements into practical, business-aligned solutions that balance risk reduction with operational needs.

Required Qualifications

• 5 years of experience in Information Security, IT Security, or a related field.
• Demonstrated hands-on experience implementing (not just reviewing) security controls.
• Strong experience with endpoint security tools and endpoint hardening.
• Working knowledge of Identity & Access Management (IAM) principles and processes.
• Hands-on experience with cloud security (e.g., Azure, AWS, Microsoft 365, or similar platforms).
• Experience managing the full vulnerability lifecycle, including scanning, prioritization (based on SLAs), and remediation.
• Experience working with SIEM tools (e.g., Splunk, Microsoft Sentinel, or equivalent), including alert triage and investigation.
• Familiarity with vulnerability management tools and processes.
• Solid understanding of networking and system administration fundamentals.
• Experience responding to security incidents, including containment and recovery.
• Ability to convert security requirements into actionable solutions, standard operating procedures (SOPs), and business continuity considerations.

Preferred Qualifications

• Experience implementing controls to mitigate AI/ML data leakage and privacy risks.
• Knowledge of data protection technologies, including DLP solutions (e.g., Microsoft Purview or similar tools).
• Experience with scripting and automation (e.g., PowerShell, Python, Bash).
• Understanding of Zero Trust principles and their application across cloud and hybrid environments (including Linux systems).
• Experience supporting AI, data, or analytics platforms.
• Familiarity with data privacy regulations and third-party risk management processes.
• Relevant security certifications such as Security , SSCP, CySA , GSEC, or equivalent.
• Working knowledge of enterprise application security (e.g., ERP systems), including user provisioning, role management, and segregation of duties.