Job Description

Position Summary

Accountable for administering, maintaining, monitoring, expanding and troubleshooting Lighthouse’s security technology stack. Works across all areas of the organization to drive requirements to plans to ensure security measures are implemented in accordance with Industry Standards. Responsible for designing and implementing the technologies to evolve our organizational security posture. Tracks, monitors, and identifies risks throughout the company. Responsible for developing policies and strategies, and testing for vulnerabilities, implementing protections, monitoring for breaches, and addressing any attempt of an attack. Effectively works across teams to help educate the workforce on the benefits of security enhancements that keep the organization healthy.

Primary Responsibilities

Provide technical leadership in the design, implementation and management of our global security strategy.
Work closely with business owners to ensure that systems and services meet all of our standards for security measures.
Communicate clearly with peers as well as management and provide technical leadership.
Perform hands-on analysis of the production systems, document deficiencies, provide run books for mitigation, and deliver root cause analysis for critical issues.
Analyze and resolve security issues, and report to the business and Law Enforcement as appropriate.
Proactively monitor the systems to ensure our security posture is current and evolving.
Maintain operational, configuration and other procedures and documentation.
Participate in after-hours on-call support when required.
Upgrade and configure system software that supports secure global infrastructure and applications per project or operational needs. Track OS patches and upgrades on a regular basis and upgrade administrative tools and utilities. Configure and add new services as necessary.
Manage and escalate cases to vendors for problem resolution.
Implement upgrades to tools, and applications.
Perform periodic performance reporting to support planning.
Perform ongoing performance tuning, and resource optimization as required.
Build tools to automate processes and operate production security systems.
Interact daily and develop and sustain productive relationships with internal and client resources at multiple levels through collaborative, consultative service.
Collaborate with all functional areas of the business to identify, analyze, prioritize, mitigate and communicate project risks.
Attain relevant technical and professional knowledge of applications, the discovery process, and related topics through training, vendor meetings, seminars, vendor materials and documentation, self-study, user group meetings inside and outside the firm, industry networking and professional journals.
Learn Lighthouse’s Product and Services offerings.
Implement ITIL and other process frameworks.
Management of the SIEM Deployment and the collection of all logs for event correlation.
Management of the Identity and Access systems such as Active Directory, ADFS and Multi-Factor Authentication.
Management and Monitoring of security for Infrastructure to ensure all systems in the environment are monitored.
Management of Azure components such as Active Directory, Office 365, etc..
Work with the Privacy manager to conduct security reviews and audits as required.
Expert technical leadership in the design, implementation and management of our Microsoft Windows/VMware/Hyper-V based environment.
Perform other related duties as assigned.

Knowledge, Skills, and Behaviors

Extensive experience operating highly-available, high-volume environments, ideally in a SaaS or commodity website environment using primarily Microsoft based solutions.
Working knowledge of security principles as related to infrastructure management.
Microsoft PowerShell or similar scripting languages.
Expert level understanding of Microsoft Active Directory principles and design.
Expert level understanding of Single Sign-On Systems such as ADFS.
Expert level understanding of Microsoft Certificate Services or other PKI systems.
Expert level understanding of Virus and Malware incident response and threat mitigation.
Experience with Vulnerability Management platforms such as Rapid 7.
Experience with SIEM platforms such as AlienVault USM.
Experience securing systems in a client data/need to know environment.
Experience managing corporate patching infrastructure.
Experience working with networking to manage Intrusion Detection and Prevention.
Experience with system (Desktop/Server) hardening standards (CIS/NIST/FIPS/Etc.).
Preferred:
Served in a leadership or key influencer role.
MSCE or other industry certifications.
Experience with Configuration Management systems.
Experience working with both Microsoft and Linux (such as Ubuntu server).
Working knowledge of Microsoft SQL.
Strong understanding of data center design and principles - hosting experience a plus.
Ability to plan, scope and estimate work effort to produce high quality deliverables on time/on budget.
Exceptional interpersonal skills; ability to speak clearly and with authority.
Able to work with diverse teams (national and international) in a collaborative manner.
Intellectual curiosity and the ability to learn new concepts quickly and efficiently.
Highly solution focused; strong sense of urgency with a passion for 100% availability.
Tenacious problem solver under pressure.
Act and work both independently and in a team environment.

Qualifications

Bachelor Degree in Computer Science, related field or comparable job experience.
10+ years of progressive experience with large scale technical infrastructure including on premise, public cloud and/or private cloud.

Work Environment and Physical Demands

Duties are performed in a typical office environment while sitting at a desk or computer table. Duties require the ability to use a computer, communicate over the telephone, and read printed material.
Duties require being on call periodically and working outside normal working hours (evenings and weekends).
Job may be required at a customer facility.
Duties may require the ability to lift up to 40 lbs.

Valid through: 4/2/2021