IT Security Administrator - Northern Colorado

Description

Join Our Team as It Security Administrator!

We are seeking an IT Security Administrator to join our team. This is an exciting opportunity for individuals who are eager to learn, passionate about technology, and seek growth in the cybersecurity field.

About The Role

As an IT Security Administrator, you'll play a crucial role in protecting our organization's technology environment through effective security operations, system hardening, and enforcement of cybersecurity policies. This hands-on role supports both day-to-day systems administration and the proactive management of cyber risks, with direct ownership of tools and controls that enforce compliance with industry regulations and other relevant regulatory frameworks. You will play a key role in the security posture of critical business systems, ensuring technical alignment with agency policy and industry best practices. If you're seeking a role that offers both challenges and a supportive environment, we want to hear from you.

What You’ll Do

• Monitor, Triage, and Respond to Security Alerts: Handle security alerts from EDR, firewalls, email protection, and cloud security tools, ensuring timely and effective responses to potential threats.
• Administer and Improve Identity and Access Controls: Enhance identity and access management through MFA, conditional access, and role-based provisioning, contributing to a secure and compliant environment.
• Conduct Periodic Access Reviews and Risk Assessments: Perform regular reviews and assessments to identify and prioritize remediation items, maintaining compliance with policies and minimizing risk exposure.
• Oversee Vulnerability Scanning and Coordinate Remediation: Lead efforts in vulnerability scanning and remediation, working closely with the IT Manager to reduce risk and enhance system security.
• Harden Systems Through Secure Configuration and Patch Management: Implement secure configurations and manage patches to ensure systems are resilient against threats.
• Manage and Maintain Secure Configurations: Maintain secure configurations of Windows servers, Entra ID/Azure AD, firewalls, and VPN infrastructure, supporting the overall security posture.
• Lead Technical Administration of Security Integrations: Oversee security integrations, user permissions, and data protection settings, ensuring comprehensive security coverage.
• Implement and Manage Data Backup, Logging, and Monitoring Strategies: Develop strategies that support business continuity and incident response, ensuring data integrity and availability.
• Support and Execute Internal and External Audits: Assist in audits through evidence collection, remediation tracking, and documentation, ensuring compliance with regulatory requirements.
• Participate in Incident Response Activities: Engage in incident response and root cause analysis for security events, contributing to the resolution and prevention of future incidents.
• Collaborate with External Security Vendors and Partners: Work with external vendors and partners to ensure comprehensive security coverage and effective solutions.
• Develop and Conduct Security Awareness Training Programs: Educate employees about cybersecurity best practices and policies, fostering a culture of security awareness.
• Maintain Documentation: Keep accurate and detailed technical documentation for systems and security procedures.
• Stay Updated: Continuously improve internal defenses by staying current on evolving cybersecurity threats.
• Report Incidents: Establish and maintain procedures for reporting security incidents.
• Assist with Support Tasks: Help with Tier 1 and Tier 2 support tasks as needed.
  
  

What You Bring

• Education and Work Experience: 4 years of experience in cybersecurity and systems administration. Previous experience with Microsoft 365 security tools, Intune, firewalls, and endpoint hardening preferred. Familiarity with HIPAA, 23NYCRR500, or other relevant regulatory frameworks is advantageous. Prior experience supporting internal or external audits is preferred.
• Certificates, Licenses, Registrations
• Requires a valid Colorado driver’s license and an acceptable MVR.
• Cybersecurity Expertise: Knowledge of cybersecurity, including certifications like CISSP, CISM, or CEH. Experience with security tools such as EDR, firewalls, and cloud security solutions.
• Systems Administration: Experience managing Windows servers, Entra ID/Azure AD, and VPNs. Familiarity with secure configurations and patch management.
• Risk Assessment: Ability to conduct risk assessments, access reviews, and policy compliance checks. Understanding of regulatory frameworks like HIPAA and 23NYCRR500.
• Communication Skills: Strong communication skills and experience working with teams and external vendors. Ability to mentor colleagues and explain complex security concepts clearly.
  

Why Join Us?

• Growth Opportunities: Access to professional development and certifications
• Supportive Culture: Be part of a team that values collaboration, integrity, and continuous learning.
• Flexible Work Options: Upon completion of training enjoy a customizable schedule that can include up to one day remote, alternating 5-day & 4.5-day work weeks, and flexibility in start and end times.
• Comprehensive Benefits:
• Salary Range - Starting pay for this exempt position is $80,000 - $92,000 annually. Pay may exceed this range for well-qualified candidates, commensurate with experience. In addition to regular pay, this position is eligible to participate in our annual performance incentive program.
• Benefits - At Flood and Peterson all full-time employees are eligible for benefits, including Medical, Dental, Vision, and Life insurance, paid time off, paid holidays, and paid Volunteer Time Off. Full time employees are also eligible to participate in our 401k program, which includes both safe harbor and discretionary matching. We also offer several other voluntary insurance programs including expanded Life, Disability, Accident, Critical Illness/Event, and legal services.
• Flood and Peterson Values: Flood and Peterson is deeply committed to our Employees, Clients, Communities, and Strategic Partners. To perform the job successfully, an individual should demonstrate the following values.
• Integrity – We conduct our business as one company with the highest standards and are committed to honesty, trust, and the courage to do the right thing. By adhering to our principles, we can look back at each day’s work with pride.
• Gratitude – Our practice of gratitude allows us to show kindness and respect for everyone. We are thankful for each other, appreciate serving our clients, and humble in our community engagements.
• Knowledge – We are thought leaders who actively share our knowledge with others. We gain wisdom through seeking and embracing our diverse experiences. We are committed to learning, and we educate our employees, clients, and strategic partners.
• Commitment – We take responsibility for our actions, and we are devoted to the success of others. We put the team before the individual. We dedicate our time and energy in order to deliver the F&P promise.
• Impact – We are a results-driven company, and we understand growth will determine our future. We are inspired by our opportunity to build a legacy for our employees, clients, communities, and strategic partners for the next generation. We lead by positively influencing and serving others.