Responsibilities:
- Oversee and manage IT security operations.
- Detect vulnerabilities through scanning platforms.
- Collaborate with business and engineering teams to plan and implement remediation for identified vulnerabilities.
- Address vulnerabilities through multiple remediation methods
- Develop antivirus policies, generate reports, and remediate malicious files
- Plan and execute GPO policy upgrades to enhance security in Active Directory environments.
- Audit and remediate access permissions for NFS/NTFS systems, including shared folders.
- Implement best practices for securing applications and platforms, such as MFA and certificate management.
- Coordinate urgent remediation efforts for critical vulnerabilities with staff.
- Participate in both internal and external audits.
- Create and maintain policies, procedures, and other relevant documentation as needed.
- Identify and address security gaps within the infrastructure.
- Develop and document security practices.
- Lead and execute security-related projects
Knowledge, Skills, and Abilities:
- Familiarity with various Identity and Access Management systems is a plus.
- Preferred certifications: CISSP, CISM, CISA, CCSP, ITIL, Security+, or similar.
- Advanced understanding of infrastructure, including Active Directory, AWS, Windows desktop/server OS, VMware, storage systems, DNS, and firewalls.
- Advanced knowledge of protocols such as WMI, SNMP, TLS, SSL, SMB, etc.
- Expertise in securing systems and platforms through device/policy hardening.
- Understanding of SSL Certificates.
- Ability to clearly communicate technical information to end users, both verbally and in writing.
- Proficiency in MS Outlook, Word, Excel, Visio, and PowerPoint.
- Experience with PCI, ISO 27001, ISO 27002, URAC regulations, and familiarity with CMS, NIST, and other healthcare industry-related regulations.
- Availability to work nights and weekends during planned or unplanned outages and other special circumstances, with 24/7 accountability.
- Willingness to participate in an on-call rotation.
- Ability to lift up to 50 lbs.
Education, Training, and Experience:
- BS or MS in Computer Science or a related field, with relevant industry certifications.
- 4+ years of experience securing Cloud, Mobile, or Client/Server software, including embedded systems.
- 6+ years of experience in technology and cybersecurity.
The Phoenix Group Advisors is an equal opportunity employer. We are committed to creating a diverse and inclusive workplace and prohibit discrimination and harassment of any kind based on race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, or veteran status. We strive to attract talented individuals from all backgrounds and provide equal employment opportunities to all employees and applicants for employment.