Linux Network and Security Analyst (GRC & Linux)

Title: Linux Network and Security Analyst (GRC & Linux)

Location: Columbia, SC 29210

Duration: 12 months (estimated)

* Must be available to work onsite in Columbia, SC, Monday through Friday from 9 AM to 5 PM, with a minimum onsite presence of three days per week. )

Required Skills:

• Possess hands-on administrative experience with IT security technologies, including Snort Intrusion Detection System (IDS) sensors.
• Capable of orchestrating deployments of custom Rocky Linux/Red Hat 9/10 operating systems.
• Responsible for applying recommended OS patches and kernel upgrades to maintain up-to-date server operating systems.
• Able to automate recurring tasks using scripting languages, preferably Python or Ansible.
• Manage updates for security tools on Linux systems, configure and deploy both open-source and commercial security tools, and troubleshoot Linux servers and applications at an advanced level.
• Develop strategies to enhance operational workflows.
• Demonstrate foundational knowledge of routers, switches, network VLANs, and VPN configurations. Governance, Risk, and Compliance (GRC):
• Serve as the primary technical contact for internal and external audits, providing evidence of system controls and configurations.
• Conduct technical risk assessments on the Linux environment, identify vulnerabilities, and document remediation plans.
• Translate complex compliance requirements into technical standards for the engineering team.
• Perform vulnerability management by running scans (Nessus, OpenVAS) and prioritizing remediation based on technical severity and compliance impact.
• Assess risk and control design/operation, including process documentation, mapping controls to risks, and identifying gaps.
• Support compliance and audit activities by collecting evidence, tracking issues, managing audit requests, and facilitating walkthroughs and testing.
• Maintain the control library and policies, ensuring alignment with frameworks such as ISO 27001, NIST, SOX, and SOC 2, as applicable.
• Prepare reports and dashboards for leadership, manage metrics, and support governance forums.
• Coordinate with control owners, IT/security, business units, and internal audit teams.
• Automate tasks, notifications, attestations, and periodic assessments within the GRC-Archer tool.
• Manage customer expectations and participate in all required review and regulatory discussions related to assigned projects.
• Ability to lift physical appliances and perform rack and stack operations for servers in the datacenter.