IT Security Analyst II

About The Position

Requirements

• Requires degree with a focus in Information Technology or Cybersecurity, or
• Requires 2+ years relevant experience in cybersecurity and 4+ years relevant experience in a Windows Server, Active Directory, and LAN/WAN environment.
• Experience implementing and maintaining controls for compliance frameworks such as HIPAA, CMMC, SOC 2, NIST 800-171, NIST CSF, and CIS.
• Experience with physical security systems such as access control, alarm monitoring, and video surveillance.
• Familiar with standard concepts, practices, and procedures of Systems and Network Administration
• Excellent communication skills, including the ability to communicate technical concepts in a simple and straightforward manner.
• Ability to prioritize and manage multiple responsibilities that are time sensitive.
• Adjustments to requirements may be made for those with comparative experience.

Nice To Haves

• Requires Security+ certification, or equivalent security certification.
• Experience with automation tools and Microsoft Power Platform (Power Apps, Power BI, Power Automate)
• Ability to work in a fast-paced environment.
• Ability to work independently.
• Can effectively utilize productivity software, presentation software, various hardware & network diagnostic tools.
• Experience in a manufacturing or healthcare environment

Responsibilities

• Act as a project lead on new security projects
• Assist with physical security controls, including key management, badge/fob administration, and oversight of intrusion alarm and camera systems.
• Support compliance initiatives, audits, and implementation of controls for frameworks such as HIPAA, CMMC, SOC 2, NIST 800-171, NIST CSF, and CIS.
• Assist with developing and maintaining security standards and best practices.
• Manage identity lifecycle processes, including provisioning, deprovisioning, access reviews, and administration of remote access solutions for internal and third-party users.
• Oversee secure sanitization and destruction of storage media in accordance with company policy and compliance requirements.
• Administer and support Mobile Device Management (MDM) solutions to enforce security policies on mobile endpoints.
• Administer and support Multi-Factor Authentication (MFA) systems for all applicable platforms.
• Deploy, configure, and monitor Intrusion Prevention/Detection Systems (IPS/IDS) to protect network infrastructure.
• Implement and manage Data Loss Prevention (DLP) solutions for endpoints, email, and cloud applications (CASB).
• Administer email security controls, including DMARC, SPF, and DKIM, to protect against phishing and spoofing.
• Collaborate with security vendors, resolve technical issues, and maintain vendor management documentation.
• Manage the company’s SIEM solution and coordinate vulnerability scanning, assessment, and remediation activities across IT assets.
• Provides technical and professional guidance to members of the team.
• Acts as point of escalation for complex issues
• Maintain intimate knowledge of IT security trends and events.
• Performing risk assessments and assisting with developing remediation strategies.
• Design and deliver security awareness campaigns, including phishing simulations and user training on new security products and procedures.
• Assists with penetration testing to determine the likelihood of vulnerability exploitation.
• Monitor networks for security breaches and investigate violations when they occur.
• Draft, maintain, and update security policies, procedures, incident reports, asset inventories, vendor management documentation, and breach reports.
• Support deployment and administration of emergency mass notification systems.
• Administer security for cloud-based services such as Microsoft 365.
• Assist with the development of DRP/BCP plans.
• Track renewals and compliance status for security tools and services.
• Ensure security of network services (SCCM, Intune, DNS, DHCP, Entra, Active Directory, NPS, etc.)
• Assist with maintaining the security of switches, routers, wireless access points and firewalls.
• Interact with laptops, workstations & servers in a Windows environment.
• Ensure devices interconnect securely with diverse systems including authentication servers, file servers, email servers, application servers and administrative systems.
• Manage Endpoint Protection and EDR tools.
• Research solutions to enhance or replace existing hardware and software.
• Perform other tasks and work with other departments as directed by supervisor.

Benefits

• Generous time off policy that allows you to put your family first
• Opportunity to work on the cutting edge of pharmacy automation in a high growth tech company
• Competitive benefits, salary, and talent development opportunities
• Commitment to professional development and working for a company where your voice is heard