Information Security Administrator

POSITION SUMMARY

Responsible for a broad range of tasks, including the day-to-day administration of information security tools, maintaining Everence DLP (data loss protection) tools, data retention, audit participation, and significant responsibilities for the security administration of various applications across the enterprise. Work with others on the security team to ensure the availability and integrity of Everence's customer data in a multi-site environment.

RESPONSIBILITIES AND DUTIES

1. Develop and enforce security policies, procedures, and protocols to label, inventory, archive, and protect sensitive data.
2. Conduct security risk assessments and threat modeling to identify and mitigate vulnerabilities.
3. Evaluate and recommend security products, services, and solutions to enhance the security posture.
4. Collaborate with IT and development teams to integrate security best practices into system design and deployment.
5. Ensure security architectures comply with industry standards and regulations (e.g., GDPR, HIPAA).
6. Prepare systems documentation. 
7. Work with storage and security administrators to maintain the availability and reliability of Everence data.
8. Develop and maintain documentation for security systems and procedures.
9. Research, recommend, evaluate, and implement information security solutions that identify and protect against potential threats and respond to security violations.
10. Perform standard and exceptional processing of user access and change requests.
11. Investigate and troubleshoot infrastructure issues.  
12. Perform other security-related projects and duties as assigned.

QUALIFICATIONS

Education: 

Bachelor’s degree in Computer Science, MIS, Information Technology, or related area

Experience: 

Five years of IT administration experience, including working with Windows file servers, O365, Sharepoint, and OneDrive

Skills and Abilities:

1. Knowledge of information security principles, including risk assessment and management, threat and vulnerability management, incident response, and identity and access management
2. Experience with Microsoft data management technologies, including Microsoft Purview
3. Experience planning, testing, implementing, and documenting new hardware and software systems
4. Understanding GLBA and HIPAA requirements related to data security and privacy is preferred
5. Experience with Varonis domain management or similar applications preferred
6. Experience with database programming and scripting languages
7. Strong written and verbal communication skills, including the ability to articulate and communicate with all levels within the corporate organization professionally and courteously
8. Ability to meet strict deadlines as needed
9. Ability to multi-task, be detail-oriented, and be well-organized with high accuracy
10. Maintain strict confidence in company and client information
11. Continually update skills and company product and service knowledge for professional growth
12. Audit, compliance, or governance experience preferred
13. Availability to work periodic nights and weekends may be required

SUPERVISORY RESPONSIBILITIES:  None

SCHEDULE:   Full-time