Security Analyst

• Responsible for elicitation, analysis, and documentation of business requirements.
• Research and exploration of user requirements, costs, and benefits in support of documentation required for the demand management process.
• Responsible for analyzing the business needs to identify new processes and process improvements that will meet those needs.
• Documents current business processes and models to define requirements and/or gaps.
• Analyze detailed system factors including input/output requirements, information and paper flow, hardware, and software needs.
• Analyze "soft" system factors including roles, responsibilities, policy, culture, etc.
• Evaluate the impact of potential software and process changes on the organization.
• Develop and facilitate groups as necessary in pursuit of eliciting and defining requirements.
• Assist in the creation of the business case documentation.
• Understanding of architectural consistency and usability standards.
• Defines and develops user test cases and validates test results during testing.
• Executes unit and functional test cases.
• May conduct system demonstrations and training sessions, as well as participate in design/review of training content.
• Plays a third level support role by helping to troubleshoot and resolve issues with production systems.
• Participates in associate meetings and communicates any concerns to management., Preference will be given to a candidate who can work onsite over hybrid and over full-time remote (on-site as needed).
• Continuously review and correlate security event data across SIEM, EDR, IDS/IPS, and threat intelligence sources to identify complex attack patterns, emerging threats, and security incidents.
• Perform deep-dive analysis of suspicious activity, validate incidents, determine root cause and impact, and escalate critical incidents with detailed context to Tier 3 as required.
• Create detailed incident reports, timelines, and post-incident summaries; contribute to lessons-learned documentation and recommendations for remediation and preventative measures.
• Investigate user-reported phishing, malware infections, and potential policy violations; advise users and internal/external teams on containment and recovery actions.
• Recommend updates to SOC playbooks and workflows based on real-world INVESTIGATIONS, fine-tune detection rules. Alert thresholds, and correlation logic to reduce false positives and improve threat coverage.
• Collaborate with engineering teams to ensure monitoring tools are properly configured and tuned. Integrate new threat intelligence feeds into workflows and proactively hunt for threats using up-to date tactics, techniques, and procedures (TTPs)
• Serve as a customer-facing SME, "selling" the value of DIS services by demonstrating capabilities and resolving issues.
• Document processes, runbooks, and troubleshooting steps related to SOC operations.
• Coordinate with engineering, SOC, and agency staff as needed to meet goals.
• Other duties as needed.

• Bachelor's degree in computer science, Information Systems, Business, or another related field or equivalent work experience.
• Proven experience leading data migration requirements from legacy systems into a new ERP (Sage X3) environment
• Strong hands-on expertise in requirements elicitation, documentation, and management, with emphasis on data mapping, transformation rules, and validation
• Deep understanding of data structures, data quality, and migration best practices, with the ability to identify gaps and risks early
• Self-driven and accountable professional with strong stakeholder management and communication skills, able to drive outcomes with minimal oversight
• Working knowledge of Confluence and JIRA.
• Experience in any of the following business areas is desired: Sales operations, order entry, accounting, finance, procurement, warehouse operations, order management, and order fulfillment.
• Minimum of 3-5 years' business analysis or systems analysis experience is preferred.
• Bonus: Sage X3 experience (ERP).

Associate is expected to operate at a proficient level across the following areas of technical knowledge and skill:

• Ability to organize and prioritize work.
• Detail oriented, proactive, creative, and efficient
• Intermediate level abilities in Excel, Outlook, PowerPoint, Visio, and Word
• Familiarity with application integration methods to include understanding of data mapping process.
• Ability to effectively work both independently and collaboratively in a team environment
• Ability to work on simultaneous and complex projects, with domain expertise in at least one business area.
• Expertise in ERP solution selection and implementation is a plus
• Ability to communicate effectively to both technical and non-technical audiences in written and non-written format
• Ability to work with all levels of associates
• Ability to work with minimal supervision in a very dynamic environment
• Ability to learn new systems and tools
• Knowledge of software development life cycle methodologies, processes, and procedures.
• Active listener
• Effective in a variety of formal/informal presentation settings: one-on-one, small, and large groups., * 2+ Years of Experience with Security Monitoring and Incident Response.
• 2+ Years of Experience with MITRE ATT&CK framework.
• 2+ Years of Experience with dashboard creation and reporting.

Preferred Skills (rank in order of Importance):

• Experience with the Palo Alto Cortex XSIAM/XDR platform.
• Knowledge of Linux, network administration and network design.
• Experience in administration of firewalls, VPN technology, Active Directory, Intrusion Detection/ Prevention systems.
• Candidate is local to Columbia, SC or surrounding city in South Carolina

Required Education/Certifications:

• Associate's degree in an information technology or information security related field
• Four years of relevant work experience may be substituted in lieu of education
• Two years of experience in supporting large soc operations.

Preferred Education/Certifications:

• CISSP, CISA, CISO or equivalent advanced security certification.
• Additional relevant certifications (e.g., CEH, OSCP, GPEN).
• Vendor certifications related to information security.