Senior Security Administrator

Position Summary

The Security Administrator is a key member of FFF Enterprises Information Security team responsible for strengthening and maintaining the companys overall security posture. This role oversees the evaluation testing and documentation of security controls while designing and implementing strategies to protect the organizations digital and physical assets against unauthorized access data breaches disruption or other threats.

Partnering closely with Information Security leadership IT teams and business stakeholders the Security Administrator ensures security principles are embedded across all technology systems and processes. This position provides expert guidance on risk mitigation and regulatory compliance supporting FFFs mission to protect sensitive data enable operational resilience and maintain trust with patients partners and the healthcare community.

Essential Functions and Duties

Information Security & Access Management:

• Develop implement and enforce policies to govern access to company resources including the Office 365 environment for both human and machine identities.
• Ensure the security integrity and compliance of Active Directory Entra ID Okta and other cloud-based identity providers (IDPs).
• Configure and manage Microsoft Purview tools such as Data Loss Prevention (DLP) sensitivity labels and retention policies to protect sensitive data and ensure regulatory compliance.
• Oversee and integrate advanced identity technologies including Privileged Access Management (PAM) Identity Governance & Administration (IGA) User and Entity Behavior Analytics (UEBA) Cloud Infrastructure Entitlement Management (CIEM) Customer Identity and Access Management (CIAM) and Network Host Integration (NHI).
• Manage centralized user security and entitlement reviews including recurring certifications and related audit processes to ensure access is appropriate and compliant.
• Assess and mitigate organizational risks associated with user access data access and identity governance providing recommendations for improved security posture.
• Establish document and maintain standards policies and procedures related to identity management and infrastructure.
• Provide guidance education and training to IT staff and business users on identity and access management (IAM) policies tools and best practices to promote consistent and secure practices across the organization.

Security Control Assessment:

• Conduct comprehensive security audits and risk assessments of systems infrastructure and identity environments to identify vulnerabilities and compliance gaps.
• Develop and deliver detailed reports that clearly outline audit findings highlighting areas of strength potential risks and opportunities for process improvement.
• Provide strategic consultative guidance to cybersecurity governance and infrastructure teams to enable informed decision-making and effective prioritization of resources.
• Facilitate the implementation of appropriate control measures aligned with the organizations risk appetite to proactively monitor mitigate and manage cybersecurity threats.
• Ensure identified risks are remediated in a timely manner and that all residual risks are accurately documented tracked and reported to leadership for ongoing oversight.

Security Event & Incident Response:

• Continuously monitor system logs SIEM tools network traffic user activity and endpoint behavior to identify unusual or suspicious activity that may indicate potential threats.
• Collaborate with internal teams and external partners to manage contain and report security incidents ensuring clear communication and rapid response.
• Participate in incident response activities during non-standard work hours when required to mitigate urgent threats and maintain business continuity.
• Evaluate the performance and effectiveness of Managed Detection and Response (MDR) solutions recommending enhancements to improve threat detection response speed and overall cybersecurity resilience.

General Responsibilities:

• Adheres specifically to all company policies and procedures Federal and State regulations and laws.

• Display dedication to position responsibilities and achieve assigned goals and objectives.
• Always represent the Company in a professional manner and appearance.
• Understand and internalize the Companys purpose.
• Display loyalty to the Company and its organizational values.
• Display enthusiasm and dedication to learning how to be more effective on the job and share knowledge with others.
• Work effectively with co-workers internal and external customers and others by sharing ideas in a constructive and positive manner; listen to and objectively consider ideas and suggestions from others; keep commitments; keep others informed of work progress timetables and issues; address problems and issues constructively to find mutually acceptable and practical business solutions; address others by name title or other respectful identifier and respect the diversity of our work force in actions words and deeds.
• Comply with the policies and procedures stated in the Injury and Illness Prevention Program by always working in a safe manner and immediately reporting any injury safety hazard or program violation.

• Ensure conduct is consistent with all Compliance Program Policies and procedures when engaging in any activity on behalf of the company. Immediately report any concerns or violations.
• Other duties as assigned.

Education Knowledge Skills and Experience

Required Education:

• Bachelors degree in Management Information Systems Computer Science Information Technology or a related field or an equivalent combination of education and directly related professional experience that provides the knowledge skills and abilities necessary to perform the role effectively.

Preferred Education:

• Advanced degree (Masters) in Information Security Cybersecurity Information Technology or a related discipline.
• Industry-recognized security certifications such as CISSP CISM CISA CompTIA Security or Microsoft Certified: Cybersecurity Architect Expert.
• Specialized training or coursework in cloud security identity governance or compliance frameworks (e.g. HITRUST HIPAA GDPR).

Required Knowledge:

• Comprehensive expertise in data security access management and identity governance concepts tools and best practices.
• Strong proficiency in securing multiple computing platforms with a primary focus on Windows and Linux operating systems.
• Foundational understanding of network security principles including firewalls network segmentation and intrusion prevention.
• Knowledge of incident response processes including real-time system monitoring analysis and threat mitigation techniques.
• Ability to translate complex security risks into clear business impacts enabling informed decision-making by technical and non-technical stakeholders.

Preferred Knowledge:

• Understanding of risk management practices and security control audit methodologies including implementation and evaluation techniques.
• Familiarity with regulatory and compliance frameworks such as HITRUST PCI HIPAA SOX GDPR and CPRA with the ability to apply these standards to security operations.
• Knowledge of cloud platform security with a strong preference for experience working with Google Cloud Platform (GCP) or Microsoft Azure environments.
• Proficiency in managing advanced security tools including file integrity monitoring (FIM) systems Data Loss Prevention (DLP) solutions and Microsoft Active Directory group policies.
• Experience with emerging Microsoft technologies including Copilot Studio PowerApps Microsoft Graph API data connectors and associated integrations to optimize automation and identity management.

Required Experience:

• A minimum of five (5) yearsof experience in network and system administration or acombination of three (3) yearsof experience in network/system administrationand two (2) yearsof experience in cybersecurity or control audit/risk management.
• Demonstrated experience applyingchange managementandproject managementprinciples to IT and security initiatives.
• Hands-on expertisewith Microsoft 365 services including Entra ID SharePoint Teams Active Directory and Microsoft Purview.
• Proven ability toimplement manage and optimize data protection methods including encryption access controls and security monitoring tools.

Preferred Experience:

• Five (5) or more years of progressive experience in cybersecurity including control audits and risk management or a total of ten (10) or more years of combined experience across cybersecurity and network/system administration.
• Proven experience integrating emerging access control technologies such as Single Sign-On (SSO) Data Loss Prevention (DLP) and Role-Based Access Control (RBAC) within multi-operating system (multi-OS) environments.
• Experience leading or conducting control audits aligned with industry compliance standards and best practices.
• Demonstrated expertise in securing cloud-based data and identity resources with an emphasis on scalability and regulatory compliance.

Required Skills:

• Strong organizational and prioritization abilities with exceptional attention to detail and accuracy.
• Excellent verbal and written communication skills including the ability to convey complex technical concepts to both technical and non-technical audiences.
• Demonstrated ability to work independently while fostering collaboration within cross-functional teams.
• Proven decision-making and problem-solving skills with the capacity to analyze complex situations and determine effective solutions.
• Ability to balance strategic vision with tactical execution aligning day-to-day activities with long-term organizational goals.
• Resilience to remain calm and effective under pressure including high-stakes or time-sensitive situations.
• Commitment to integrity accountability and continuous improvement with a focus on advancing security practices and outcomes.
• Dedication to staying current with evolving cybersecurity threats and emerging technologies applying new knowledge to enhance the organizations security posture.

Preferred Skills:

• Advanced analytical and investigative abilities with experience leveraging data-driven insights to identify vulnerabilities and recommend targeted solutions.
• Proficiency with security automation tools and scripting languages (e.g. PowerShell Python) to streamline processes and improve operational efficiency.
• Experience mentoring or training team members fostering knowledge sharing and the adoption of best practices across technical teams.
• Strong presentation and executive communication skills with the ability to influence leadership decisions and drive alignment on security initiatives.
• Cross-functional leadership experience collaborating with business stakeholders IT teams and external partners to deliver enterprise-wide security improvements.
• Familiarity with threat intelligence platforms and advanced threat-hunting techniques for proactive risk detection and mitigation.
• Strategic project management capabilities including planning execution and evaluation of large-scale cybersecurity initiatives.

Physical requirements

Vision hearing speech movements requiring the use of wrists hands and/or fingers. Must have the ability to view a computer screen for prolonged periods and the ability to sit for extended periods. Must have the ability to work the hours and days required to complete the essential functions of the position as scheduled. Must have the ability to lift and maneuver items of at least 20 lbs. Must have the ability to travel occasionally. Working condition include normal office setting.

Mental Demands

Learning thinking concentration and the ability to work under pressure particularly during busy times. Must be able to pay close attention to detail and be able to work as a member of a team to ensure excellent customer service. Must have the ability to interact effectively with co-workers and customers and exercise self-control and diplomacy in customer and employee relations situations. Must have the ability to exercise discretion as well as appropriate judgments when necessary. Must be proactive in finding solutions.

Direct Reports

No

EEO Statement

FFF Enterprises and Nufactor are an equal opportunity employer and prohibits discrimination and harassment based on the following characteristics: race color religion national origin physical or mental disability gender age (40 years and over) qualified veteran and any other characteristic protected by state or federal anti-discrimination law covering employment. These categories are defined according to Government Code section 12920. The Company prohibits unlawful discrimination based on the perception that anyone has any of those characteristics or is associated with a person who has or is perceived as having any of those characteristics.