IT Security Manager (1995)

GOODWILL SOUTH FLORIDA•Miami, FL

About The Position

The IT Security Manager serves as the enterprise's security leader, responsible for both daily operational oversight and long term security strategy. This includes managing the SOC team, directing the operation of all security solutions, and defining the organization's security posture through policy, architecture, and training. The role also includes selecting appropriate security technologies, supervising vulnerability assessments and audits, and managing the organizations third party SOC vendor to ensure consistent high quality monitoring and incident response. As a hands on technical and operational manager, the IT Security Manager is accountable for implementing and optimizing the Microsoft security ecosystem including Azure AD Entra, Microsoft Defender XDR, Intune, Sentinel, and Microsoft 365 compliance tools to safeguard systems and maintain regulatory and audit compliance. The manager collaborates closely with Systems and Network teams as well as business unit leaders to promote the corporate security vision and foster shared responsibility for strengthening enterprise security.

Requirements

College diploma or university degree in the field of computer science (preferred).
Microsoft Certified Systems Engineer: Security+ Other industry certifications such as CISSP, CISM, CySa+
CASP+
7+ years in cybersecurity operations, incident response, or system security engineering.
Extensive experience in enterprise security architecture design.
Extensive experience in enterprise security document creation.
Experience in designing and delivering employee security awareness training.
Experience in developing Business Continuity Plans and Disaster Recovery Plans.
Experience in Microsoft Sentinel, Intune, Entra ID, and Defender XDR
Working technical knowledge of Microsoft Purview.
Strong understanding of IP, TCP/IP, and other network administration protocols.
Analytical - Synthesizes complex or diverse information; Collects and researches data; Uses intuition and experience to complement data; Designs workflows and procedures.
Problem-Solving - Identifies and resolves problems promptly; Gathers and analyzes information skillfully; Develops alternative solutions; Works well in group problem-solving situations; Uses reason even when dealing with emotional topics.
Interpersonal Skills - Focusing on solving conflict, not blaming, confidentiality, listening to others without interruption, controlling emotions, remaining open to others' ideas, and trying new things.
Oral Communication - Speaks clearly and persuasively in positive or negative situations; Listens and gets clarification; Responds well to questions; demonstrates group presentation skills; Participates in meetings.
Personal Characteristics - Dress in appropriate business attire. Conducts in a professional manner. Take initiative. Be dependable and accurate, and take pride in their work
Written Communication - Writes clearly and informatively; edits work for spelling and grammar; presents numerical data effectively; and reads and interprets written information.
Teamwork - Balances team and individual responsibilities; exhibits objectivity and openness to others' views; gives and welcomes feedback; contributes to building a positive team spirit; puts team success above own interests; able to build morale and group commitments to goals and objectives; supports everyone's efforts to succeed.
Quality Management - Looks for ways to improve and promote quality; Demonstrates accuracy and thoroughness.
Planning/Organizing - Prioritize work activities, use time efficiently, and develop realistic action plans.
Diversity—Demonstrates knowledge of EEO policy; shows respect and sensitivity for cultural differences; educates others on the value of diversity; promotes a harassment-free environment; builds a diverse workforce.
Leadership – Exhibits confidence in self and others; Inspires and motivates others to perform well; Effectively influences actions and opinions of others; Accepts feedback from others; Gives appropriate recognition to others.
Must be highly reliable and able to carry out tasks autonomously and collaboratively.
Ethics - Treats people with respect; Keeps commitments; Inspires the trust of others; Works with integrity and ethics; Upholds organizational values.
Organizational Support - Follows policies and procedures; completes administrative tasks correctly and on time; supports the organization's goals and values; supports affirmative action and respects diversity.
Strategic Thinking - Understanding the organization's strengths & weaknesses; analyzing market and competition; Identifying external threats and opportunities; adapting strategy to changing conditions.
Motivation - Sets and achieves challenging goals; Demonstrates persistence and overcomes obstacles; Measures self against standard of excellence; Takes calculated risks to accomplish goals.
Professionalism - Tactfully approaches others; Reacts well under pressure; Treats others with respect and consideration regardless of their status or position; Accepts responsibility for own actions; Follows through on commitments.
Quality - Demonstrates accuracy and thoroughness; Looks for ways to improve and promote quality; Applies feedback to improve performance; Monitors own work to ensure quality.
Safety and Security: Observe safety and security procedures; determine appropriate action beyond guidelines; report potentially unsafe conditions; use equipment and materials properly.
Attendance/Punctuality - Is consistently at work and on time; Ensures work responsibilities are covered when absent; Arrives at meetings and appointments on time.
Initiative - Volunteers readily; Undertakes self-development activities; Asks for and offers help when needed.
Physical-Demands - The physical demands described here represent those that an employee must meet to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform those functions. While performing the duties of this Job, the employee is regularly required to stand, walk, and talk or hear. The employee is required to use hands to finger, handle, or feel, and reach with hands and arms. The employee is occasionally required to sit and stoop, kneel, crouch, or crawl. The employee must frequently lift and move up to 25 pounds and occasionally lift and move up to 50 pounds. Specific vision abilities required by this job include close vision, distance vision, color vision, peripheral vision, depth perception, and the ability to adjust focus.

Responsibilities

Strategy and Planning Create and maintain the enterprises security architecture design.
Create and maintain the enterprises security awareness training program.
Maintain the enterprises security documents policies, standards, baselines, guidelines, and procedures.
Create and maintain the enterprises Business Continuity Plan and Disaster Recovery Plan where appropriate.
Acquisition and Deployment Maintain up to date knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors.
Select and acquire additional security solutions or enhancements to existing security solutions to improve overall enterprise security as per the enterprises existing procurement processes.
Oversee the deployment integration and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprises security documents specifically.
Operational Management Manage daily operation of core security technologies SIEM IDS IPS EDR MFA MDM vulnerability scanners.
Ensure the confidentiality integrity and availability of the data residing on or transmitted to from through enterprise workstations servers and other systems and in databases and other data repositories.
Perform regular security awareness training for all employees to ensure consistently high levels of compliance with enterprise security documents.
Microsoft Sentinel SIEM and Log Analytics Owns and administers Microsoft Entra ID identity protections Conditional Access policies MFA enforcement least privilege access and privileged role governance.
Performs hands on reviews of access logs sign in risks and user lifecycle workflows.
Leads enterprise wide access reviews mandated by audit and compliance frameworks.
Cloud Security and Compliance Microsoft 365 and Azure Implements and maintains Microsoft Secure Score and Compliance Score improvements.
Oversees Microsoft Purview Data Loss Prevention DLP Information Protection Sensitivity Labels Insider Risk Management and retention policies.
Ensures secure cloud configurations align to CMMC ISO and internal audit expectations.
Microsoft Sentinel SIEM and Log Analytics Designs maintains and tunes Sentinel analytic rules automation playbooks data connectors and workbooks.
Performs deep dive KQL log analysis for incidents anomalies and threat hunts.
Leads the correlation of Microsoft telemetry Entra Defender XDR M365 Azure into actionable alerts.
Vulnerability Patch and Secure Configuration Management Uses Microsoft Defender Vulnerability Management to identify prioritize and remediate system weaknesses.
Coordinates with Infrastructure and Desktop teams to enforce secure baselines and patch compliance across Windows Azure workloads and cloud applications.
Incident Response Microsoft Centric Serves as the primary responder for Microsoft originated alerts Defender XDR Sentinel Purview IRM events.
Executes automated and manual remediation actions isolate device revoke tokens kill processes block hashes etc.
Other duties as assigned.