Position Overview

The Security Administrator supports CRA's information security and compliance objectives by administering and monitoring identity and access controls, privileged access, security configuration standards, and recurring security tasks. This role partners closely with Infrastructure, Service Delivery, Enterprise Applications, and Information Security to ensure that access is provisioned appropriately, administrative privileges are controlled, security baselines are maintained, and evidence is available for audits and compliance reviews. The Security Administrator also helps reduce operational risk by improving repeatability (documentation, runbooks, automation where feasible) and by supporting incident response and remediation activities. Key Responsibilities include:

• Identity & Access Administration (AD/Entra and core access controls): Administer and support identity and access controls across core platforms (e.g., Active Directory and cloud identity services), including account lifecycle activities, group management, and delegated administrative models.
• Privileged Access & Administrative Account Controls: Support the administration and enforcement of privileged access standards, including separate admin accounts, least privilege, and controls around membership in privileged groups (e.g., Domain Admins, Enterprise Admins, Schema Admins, Administrators, SQL Admins, workstation/desktop support admin groups).
• Access Reviews & Evidence Collection (Audit Readiness): Execute recurring access reviews and produce audit-ready evidence (e.g., administrator account reviews, privileged group membership exports/screenshots with timestamps, approval tracking), coordinating required approvals and retaining records per process.
• Security Configuration Standards & Hardening: Implement and maintain security configuration standards for Windows/identity-related services, including baseline security settings, policy alignment, and ongoing verification activities.
• Vulnerability & Remediation Coordination:Partner with infrastructure and endpoint teams to support vulnerability management workflows (triage, prioritization, tracking, and validation of remediation), with focus on identity/security-related findings and configuration weaknesses.
• Server Patching Support (off-hours/weekends): Participate in off-hours and weekend server patching processes as required, including change coordination, access enablement, validation, and post-maintenance checks.
• Ticketing / Service Operations Support: Handle and triage security administration requests through the ticketing system (e.g., access changes, group/permissions adjustments, privileged access requests), ensuring proper approvals and adherence to standard processes.
• Security Monitoring Support (as assigned): Support investigation and response activities by gathering logs, access history, and system context when security events require identity/permissions analysis; coordinate escalation to Information Security / SOC as needed.
• Documentation & Process Improvement: Maintain and improve documentation (runbooks, procedures, approval flows) for security administration tasks; identify opportunities to streamline repetitive access tasks through standardization and automation.
• Cross-Team Collaboration: Work closely with Infrastructure, Service Delivery, Enterprise Applications, and Information Security stakeholders to ensure security administration work is prioritized effectively and executed consistently; communicate clearly with technical and non-technical audiences.
• Server Vulnerability and Update Patching Support: Ability to support off-hours maintenance windows (evenings/weekends) as required, including clear communication, careful execution, and post-change validation.

Relevant Skills & Experience

• Bachelor's degree in a relevant discipline, Master's desirable;
• Demonstrated hands-on experience administering identity and access controls in Microsoft-centric environments (e.g., Active Directory and cloud identity platforms);
• Familiarity with Windows Server administration concepts;
• Working knowledge of privileged access concepts and controls (least privilege, separation of duties, delegated administration, privileged group governance);
• Experience producing audit evidence and supporting compliance workflows (access reviews, approval capture, evidence retention);
• Familiarity with common security operations processes (incident, change, problem), and comfort working in a ticket-driven operating model;
• Scripting/automation exposure (PowerShell preferred) to reduce manual administrative overhead is a plus;
• Familiarity with vulnerability management and remediation coordination processes/tools is a plus.
• Ability to follow and improve documented procedures, with strong attention to detail and consistency;
• Strong communication and collaboration skills; able to coordinate with multiple IT teams and stakeholders.

Career Growth and Benefits

• CRA's robust skills development programs, including a commitment to offering 100 hours of training annually through formal and informal programs, encourage you to thrive as an individual and team member. Beginning with research and analysis skill building, training continues with technical training, presentation skills, internal seminars, and career mentoring and performance coaching from an assigned senior colleague. Additional leadership and collaboration opportunities exist through internal firm development activities.
• We offer a comprehensive total rewards program including a superior benefits package, wellness programming to support physical, mental, emotional and financial well-being, and in-house immigration support for foreign nationals and international business travelers.

Work Location Flexibility

CRA creates a work environment that enables our colleagues to benefit from being together in the office to best deliver on our promise of career growth, mentorship and inclusivity. At the same time, we recognize that individuals realize a range of benefits when working from home periodically. We currently expect that individuals spend at least 3 to 4 days a week working in the office (which may include traveling to another CRA office or to client meetings), with specific days determined in coordination with your practice or team.

Salary and other compensation

A good-faith estimate of the annual base salary range for this position is $125,000 - $140,000. Stating pay within this range may vary based on factors such as education level, experience, skills, geographic location, market conditions, and other qualifications of the successful candidate. This position may be eligible for additional bonus incentive compensation. CRA offers a comprehensive benefits package, subject to eligibility requirements, which may include: medical, dental, and vision insurance; 401(k) retirement plan with employer match; life and disability insurance; paid time off (vacation, sick leave, holidays); paid parental leave; wellness programs and employee assistance resources; and commuter benefits.