Security Administrator

Job Description

Education
• Bachelor’s degree in information technology, Cybersecurity, Computer Science, or a related field preferred.
Preferred Certifications
• CompTIA Security+, CISSP, or equivalent (preferred but not required).

Technical Skills
• Strong working knowledge of computer networks, Windows ecosystem, and Linux system administration.
• Proficiency in PowerShell (or similar) scripting — original code creation for automation and data manipulation.
• Experience with Python or other scripting languages for automation, data correlation, and workflow creation.
• Proven ability to merge datasets from multiple sources (e.g., Active Directory + inventory systems) and automate resulting actions (e.g., moving inactive computers in AD).
• End-to-end experience setting up and managing logging/SIEM systems (e.g., Graylog, NXLog, Logstash, FortiAnalyzer), including installation, configuration, and rule creation.
• Skilled in writing Regular Expressions and YARA rules for log analysis and threat detection.
• Familiarity with syslog configuration and log stream categorization into buckets and fields.
• Experience configuring and managing security tools such as firewalls, IDS/IPS, EDR, and vulnerability scanners (e.g., Nessus).
• Database administration experience (Oracle, SQL Server, Postgres) a plus.
• Familiarity with data visualization and reporting tools (e.g., Excel).
• Documentation & Process Development
• Creation and maintenance of runbooks, system build documentation, and playbooks for operational and incident response procedures.
• Ability to format and standardize information security policies, procedures, and guidelines for clarity and accessibility.
• Development of checklists for operational tasks such as patch management, vulnerability scanning, and access control reviews.
• Automation & Workflow
• Development of scripts and workflows to automate repetitive security tasks, log analysis, vulnerability scans, and report generation.
• Integration of automation tools with existing security platforms (SIEM, ticketing systems) to improve efficiency and reduce response times.
• Risk, Compliance & Reporting
• Understanding of information security frameworks (e.g., NIST, CIS).
• Familiarity with compliance requirements (e.g., IRS Pub 1075, PCI DSS).
• Ability to collect, organize, and analyze data for risk assessments and compliance audits.
• Tracking and reporting on remediation efforts for vulnerabilities and compliance gaps.
• Experience generating operational metrics from security tools for vulnerabilities, incidents, and performance.
Soft Skills
• Strong attention to detail with excellent documentation skills.
• Ability to communicate technical concepts clearly to non-technical stakeholders.
• Strong organizational and time-management skills.
• Hands-on contributor mindset with a demonstrated passion for cybersecurity