SUMMARY

The Cybersecurity Administrator is critical in safeguarding information system assets, including digital, physical, or intellectual information, for the organization. The Cybersecurity Administrator is responsible for all aspects of our security posture, including proper controls for all data, devices, systems and networks. This role manages and supports the organization’s information security systems, policies, and procedures, while helping to align security practices with business and compliance objectives.

ESSENTIAL DUTIES AND RESPONSIBILITIES

Architecture and Strategy

• Collaborates with IT and business teams to ensure organization’s information assurance policies meet customer, regulatory, and/or industry requirements.
• Collaborate with IT leadership to design and improve security architecture.
• Stays current with industry trends and emerging technologies to recommend and implement best practices.
• Recommends and implements security tools and technologies aligned with business objectives.
• Evaluates third-party vendors and cloud services for security compliance.
• Supports secure Development (Dev), Security (Sec), and Operations (Ops) practices and integration of security controls into CI/CD pipelines.

Technical Support

• Manages and maintains information security management systems and processes, ensuring they are up-to-date, secure, and operating efficiently.
• Verifies the confidentiality, integrity, and availability of data and technology through assessments and control frameworks.
• Monitors security policies and procedures for applications, operating systems, email, endpoint devices, and physical access.
• Creates and maintains documentation for security systems, configurations, processes, and procedures.

Incident Response and Management

• Leads investigations into security breaches, coordinating response teams, and documenting incident reports.
• Develops and updates incident response plans and conducts simulations.

Compliance and Governance

• Ensures compliance with industry standards and regulations (e.g., NIST, CISA, EPA, AWA, PCI).
• Maintains and updates information security policies, standards, and procedures.
• Conducts regular audits to ensure compliance with organizational policies and standards.
• Supports internal and external audits, including risk assessments and remediation planning.
• Provides guidance on interpreting regulatory changes and adapting internal controls accordingly.

Training and Mentorship

• Provides mentorship and guidance to entry and mid-level IT administrators, fostering their growth through training and development opportunities.
• Serves as an escalation point for technical issues, resolving high-priority incidents while transferring knowledge and providing training to staff during the escalation process.
• Fosters a collaborative and knowledge-sharing culture within the IT support teams.
• Assists in workload management and delegation of support tickets.
• Provides guidance and training to IT teams on security best practices.
• Leads security awareness programs for employees company wide.
• Performs other duties as assigned.

KNOWLEDGE/SKILLS/ABILITIES

• Strong communication and interpersonal skills.
• Excellent troubleshooting and problem-solving skills.
• Expert knowledge of Artic Wolf, Avamar, CrowdStrike, Darktrace, or equivalent platforms.
• Advanced knowledge of Microsoft Azure and Microsoft 365 suite.
• Advanced knowledge of application and endpoint policy, compliance standards, and regulatory frameworks (NIST, CISA, EPA, AWA, etc.).
• Able to demonstrate a mastery of Windows and mobile operating systems.
• Able to demonstrate a mastery of infrastructure related system configurations, protocols, and best practices.
• Familiarity with Information Technology Infrastructure Library (ITIL) practices and methodologies preferred.
• Able to work independently and as part of a team.

EDUCATION AND CERTIFICATIONS

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related field required.
• Minimum of 5 years of experience in IT administration, with a focus on information security and cybersecurity required. An equivalent combination of relevant experience can be used in lieu of the degree requirement.

Registrations and Licenses:

• Certifications such as CISSP, CISM, CEH, or GIAC preferred.

EXPERIENCE AND SPECIAL REQUIREMENTS

• Expert-level experience with managed detection and response (MDR), endpoint detection and response (EDR), intrusion detection systems (IDS), and data loss and prevention (DLP), Security Information and Event Management (SIEM) platforms and methodologies required.
• Expert-level experience with network and cellular protocols, firewalls, switches, and routers required.
• Expert-level experience with web and email filtering required.
• In-depth experience with enterprise application platforms such as Microsoft 365, Google Workspace, and other SaaS solutions required.
• Experience with DevSecOps and CI/CD pipeline security.
• Experience with scripting and automation tools such as PowerShell, Linux, Bash preferred.

PHYSICAL DEMANDS

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Prolonged periods of sitting at a desk and working on a computer. Manual dexterity associated with computer data entry required.

WORK ENVIORNMENT

Office environment may require occasional evening or weekend work for critical updates or incident response. Occasional work in closed spaces, like server rooms, required.