Information Security and Compliance Specialist

CORE Health Networks, the recognized leader in Integrated Occupational Medicine Services, provides integrated solutions to occupational healthcare needs. Our programs are designed to align with each clients’ missions, goals, and values to achieve desired outcomes and exceed expectations. As we continue to grow, we are expanding our team of talented professionals. We are currently seeking a full-time Information Security and Compliance Specialist to join our team.

We offer a highly competitive total compensation package which includes Health, Dental, Vision, Life, 401(k), Six Paid Holidays, Vacation and Sick Leave, long-term disability and short-term disability benefits, and much more.

To learn more about this exciting opportunity, review the job specifications below:

Position Summary

We are seeking a dedicated IT Security and Compliance Specialist to join our team. This role is pivotal in ensuring the organization’s IT security posture aligns with compliance frameworks, particularly SOC 2. The ideal candidate will manage security operations, oversee the Microsoft Entra platform, and maintain the integrity of security groups, while also ensuring data accuracy and accessibility for compliance audits.

Key Responsibilities

• SOC 2 Compliance Management:
  • Collect, organize, and manage data required for SOC 2 audits.
  • Monitor and document internal controls, addressing compliance gaps as needed.
  • Collaborate with external auditors and internal stakeholders to ensure timely completion of audits.
• Security Operations:
  • Administer and manage security groups across the organization.
  • Oversee role-based access control (RBAC) policies to ensure appropriate access levels.
  • Conduct periodic reviews of user permissions and security group memberships.
• Microsoft Entra Platform Management:
  • Administer and optimize Microsoft Entra (Azure AD) configurations.
  • Implement and maintain identity and access management (IAM) policies.
  • Monitor platform health, ensure compliance with organizational standards, and troubleshoot issues.
• Incident Response and Risk Management:
  • Support the investigation and resolution of security incidents.
  • Conduct risk assessments and recommend mitigations to strengthen security.
• Policy Development and Training:
  • Assist in the development of IT security policies and procedures.
  • Provide training and guidance to employees on security best practices and compliance requirements.

Qualifications

Education:

• Bachelor’s degree in Information Technology, Cybersecurity, or a related field.

Experience:

• 2-4 years of experience in IT security, compliance, or a related role.
• Hands-on experience with Microsoft Entra (Azure AD) and security group management.
• Familiarity with SOC 2 compliance frameworks and audit processes.

Certifications (Preferred):

• CompTIA Security , Microsoft Certified: Azure Administrator Associate, or equivalent.

Skills

• Strong understanding of identity and access management (IAM) principles.
• Knowledge of security frameworks, including SOC 2, ISO 27001, or NIST CSF.
• Ability to work collaboratively across teams and communicate technical concepts to non-technical stakeholders.
• Proficiency in scripting (e.g., PowerShell) for automation and reporting is a plus.

Work Environment

• Hybrid work setup with flexibility for remote work. May require occasional after-hours support for critical security or compliance activities.

Benefits

• Competitive salary and benefits package.
• Opportunities for professional development and certifications.
• Collaborative and inclusive workplace culture.

CORE, CHN, and our subsidiaries are Equal Opportunity Employers. EOE/ADAAA/AA.

Applicants have rights under Federal Employment Laws. Please review the linked posters for more information:

http://www.dol.gov/whd/regs/compliance/posters/fmla.htm

https://www.eeoc.gov/employers/eeo-law-poster

http://www.dol.gov/whd/regs/compliance/posters/eppa.htm