Description
Job Summary:
The Security Administrator is responsible for ensuring the confidentiality, integrity, and availability of the organization's IT infrastructure and data. This role plays a critical part in transitioning our hybrid Active Directory/Entra ID environment into a cloud-first model, implementing and maintaining robust security controls, and aligning our posture with NIST and CJIS standards. The Security Administrator will work closely with IT leadership, the Systems Administrator, and external partners to proactively identify, mitigate, and respond to cyber threats while supporting compliance and user awareness.
Essential Functions: (Essential functions require presence in the workplace on a regular basis. In order to accomplish this, regular attendance MUST be maintained. This information is intended to be descriptive of the key responsibilities of the position. The following examples do not identify all duties performed by any single incumbent. Incumbent is expected to perform other related duties, as assigned.)
Security Infrastructure Management
Configure, deploy, and maintain Fortinet security solutions, including FortiGate firewalls and FortiAP wireless infrastructure.
Manage user access controls in Active Directory and Entra ID, enforcing security policies for system and data access.
Configure and manage security tools including Microsoft Defender and CrowdStrike EDR/XDR.
Oversee SIEM monitoring (Arctic Wolf) and review threat intelligence alerts, providing actionable remediation guidance.
Coordinate and review Horizon3 penetration test results and ensure remediation of identified risks.
Evaluate and recommend security email protection configurations using Microsoft Defender and Abnormal Email Security.
Risk Assessment & Vulnerability Management
Conduct regular vulnerability scans, security audits, and configuration reviews to maintain compliance with NIST and CJIS.
Review patch reports provided by the systems administrator, assess potential risks, and recommend prioritization.
Track and report on vulnerability trends, remediation timelines, and overall risk posture.
Incident Response & Recovery
Lead incident detection, investigation, containment, eradication, and recovery processes.
Maintain and execute incident response playbooks, ensuring proper chain-of-custody for forensic evidence.
Conduct post-incident reviews and implement security improvements.
Coordinate with IT and leadership on disaster recovery and business continuity plans.
User Awareness & Training
Administer and optimize KnowBe4 phishing simulation and security awareness programs.
Create targeted training content based on phishing simulation results and security incidents.
Promote best practices in password hygiene, data handling, and threat reporting.
Collaboration & Reporting
Work closely with the Systems Administrator, Network Administrator, and external SOC for integrated security operations.
Provide regular security reports, risk assessments, and recommendations to senior leadership.
Collaborate with legal, HR, and compliance teams on policy enforcement and investigations.
Documentation & Compliance
Maintain detailed documentation of security configurations, incidents, and procedures.
Maintains and periodically updates Incident Response, Business Continuity, and Disaster Recovery Plans.
Ensure ongoing compliance with NIST, CJIS, and organizational security policies.
Prepare documentation for audits and regulatory reviews.
Requirements
Preferred Qualifications
Education:
Bachelor's degree in computer science, Information Technology, Cybersecurity, or related field preferred.
Experience as a Cyber Security Analyst or similar role, preferably in a municipal or government environment.
Equivalent experience and/or relevant certifications considered.
Experience:
2-5 years of experience in a security-focused IT role.
Experience managing hybrid Active Directory and Entra ID environments.
Familiarity with Fortinet security infrastructure and Microsoft 365 security stack.
Hands-on experience with SIEM, EDR/XDR, vulnerability scanning, and email security solutions.
Preferred Tools & Platforms:
FortiGate, FortiAP, Microsoft Defender, CrowdStrike, Arctic Wolf, Abnormal Security, KnowBe4, Horizon3, Entra ID, and Azure Security Center.
Certifications (Preferred, Not Required):
CISSP, CISM, CISA, CEH, CompTIA Security+, SC-200, SC-300, or equivalent.
Skills:
Strong knowledge of NIST and CJIS security frameworks.
Proficiency in PowerShell or Python scripting for automation and security tasks.
Solid understanding of networking protocols (TCP/IP, DNS, HTTP/S) and Windows server administration.
Strong analytical, problem-solving, and communication skills.
Ability to work independently and in cross-functional teams.
