Security Risk Analyst III
Job in
Columbia, Lexington County, South Carolina, 29228, USA
Listed on 2026-06-19
Listing for:
BlueCross BlueShield Of South Carolina
Full Time
position Listed on 2026-06-19
Job specializations:
-
IT/Tech
Cybersecurity, Information Security, Data Security, IT Consultant
Job Description & How to Apply Below
Location: Columbia
Summary
Why should you join the Blue Cross Blue Shield of South Carolina family of companies?
Other companies come and go, but for more than seven decades we've been part of the national landscape, with our roots firmly embedded in the South Carolina community. We are the largest insurance company in South Carolina ... and much more. We are one of the nation's leading administrators of government contracts. We operate one of the most sophisticated data processing centers in the Southeast.
We also have a diverse family of subsidiary companies that allows us to build on a variety of business strengths. We deliver outstanding service to our customers. If you are dedicated to the same philosophy, consider joining our team!
Description
Position
Purpose:
Plan and perform compliance and risk assessment activities for information systems and related processes. Communicate and escalate compliance and risk issues to the appropriate department and/or level of management. Act as a change agent to influence the I/S and corporate compliance culture.
This position requires a security clearance which requires U.S. Citizenship to obtain.
Sponsorship :
This position is not eligible for sponsorship now or in the future.
What You Will Do:
- Independently monitor remediation of new and outstanding issues, including Information Security Risk Exception process, to ensure identification of areas of non-compliance. Utilize tools to track and report on compliance posture.
- Independently conduct formal risk analysis and self-assessments to determine effectiveness of controls and ensure creation of action plans to remediate identified risks.
- Facilitate development, implementation and documentation of Information Security policies, procedures, processes and programs to guide organization toward continuous compliance. Independently analyze and interpret security regulations and controls to advise on security compliance at a broad perspective across multiple business areas. Consult on organizational impacts of compliance and risk management decisions.
- Serve as an interface with external entities for governance and compliance reviews regarding information security risk across multiple business areas and controls.
- Independently investigate, document and resolve Information Security Incidents. Advise senior management of critical issues that may affect organization.
- Research emerging security topics, threats and capabilities to create/update policy and governance. Promote organizational security awareness by developing security training, Security Council bulletins, security policies, standards and best practices.
Education:
- Bachelor's in a job related field
- Or an additional 4 years job related work experience
- Or Associate's plus an additional 2 years job related work experience
Work Experience:
- 6 years of I/T experience including 4 years of IT security, risk assessment and/or compliance experience.
Successful completion of BCBSSC I/S Entry Level Training Program (ELTP) may be substituted for 2 years of I/T experience.
Skills and Abilities:
- Good understanding of Systems Development Life Cycle methodologies.
- Subject Matter Expert in government or private risk frameworks and control implementations.
- Good understanding of risk management, information system security and compliance standards.
- Excellent analytical and decision-making skills.
- Proven ability to interpret and apply knowledge of regulatory/accreditation requirements.
- Ability to independently solve problems often spanning multiple environments and business areas.
- Ability to effect change and bring security, risk and compliance knowledge to the organization through the use of positive influence.
- Understanding of infrastructure and networking architecture WANs, LANs, Internet, intranets and communication protocols.
- Strong communication skills in presenting results both verbally and in writing.
- Possess excellent collaboration skills with a wide variety of internal matrix and management staff.
Standard office equipment.
We Prefer That You Have:
- Experience with NIST, FISMA, HIPAA, or other regulatory requirements.
- Knowledge of technical security controls from NIST, DISA, USGCB, etc. compliance domains across multiple platforms.
- Deep understanding of security risk exposures and how vulnerabilities can be translated into business risk that leadership understands.
- Ability to analyze, trend and forecast from high volumes of compliance data.
- Experience with compliance programs within a government agency (i.e. Medicare, Tricare) is preferred.
- Direct experience with NIST 800-53 security frameworks.
- Experience with DoD, DIARMF or Fed Ramp program is a plus.
- ISACA Certified Information Security Manager (CISM)
- Comptia Security +
- ISC2 SSCP (System Security Certified Practitioner)
- CompTIA Cybersecurity Analyst+ (CySA+)
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×