Information Security Administrator

About The Position

Requirements

• Bachelor’s degree with 3+ years of experience in information security administration. Or, 6+ years of experience in information security administration without Bachelor’s degree.
• Hands-on experience administering email security platforms (Barracuda preferred).
• Strong knowledge of identity and access management, including Microsoft Entra (Azure AD), DUO, and preferably CrowdStrike Identity Threat Protection.
• Proficiency with Microsoft Azure and O365/M365 administration and security configurations.
• Solid understanding of authentication protocols, MFA, SSO, and conditional access policies.
• Experience responding to security incidents and managing platform alerts.
• Excellent communication and documentation skills.
• Ability to work independently in a fully remote environment.
• Must be legally eligible to work in the United States now and in the future (no visa sponsorship available).

Nice To Haves

• Security certifications such as Microsoft Security (SC-200, SC-300), Azure Security Engineer Associate, or similar.
• Experience with endpoint and network security platforms.
• Familiarity with regulatory frameworks (PCI DSS, GDPR, ISO 27001, etc.).

Responsibilities

• Email Security Administration: Administer and optimize the Barracuda Email Defense platform, including configuration, monitoring, and tuning to protect against phishing, spam, and malicious content.
• Identity Security Management: Configure, maintain, and monitor Microsoft Entra ID, DUO, and CrowdStrike Identity Threat Protection platforms to ensure secure authentication and access management.
• Cloud & SaaS Security: Manage security features and controls within Microsoft Azure and O365/M365, applying best practices for access control, identity governance, and compliance.
• Threat Mitigation & Response: Investigate and remediate email and identity-related threats, working in collaboration with the broader security team.
• Access & Policy Enforcement: Implement and enforce identity and access policies, including MFA, conditional access, and privileged account management.
• DNS Management: Administer and monitor public and private DNS configurations, with a focus on maintaining and updating critical records such as SPF, DKIM, and DMARC to support secure and reliable email delivery
• Continuous Improvement: Recommend and implement platform improvements to enhance security effectiveness and efficiency.
• Compliance Support: Assist with audits and reporting for security and compliance requirements (e.g., PCI, GDPR).