Job Description

Compass Health Center is seeking a Security Administrator to join our growing organization. This position will report to our Director of Information Technology and will be responsible for securing enterprise computing systems and data used to deliver our clinical care. This role is an onsite role based in Northbrook, IL. This is not a remote role.

We are a leading provider in the mental health space. Our rapid growth continues to create greater technology needs in all dimensions. The Security Administrator will play an integral role in our day-to-day operations as well as supporting the growth of both virtual working staff and additional facility-based services.

As we grow, our goal is to create a technology model that provides a stable, secure, and replicable environment for delivering on our care mission. This role will help Compass make IT a leading capability in crisis-level mental health treatment.

Primary Duties and Responsibilities

• Proactively secure Microsoft 365 enterprise and hybrid environments, implement and manage security and compliance solutions, respond to threats, and enforce data governance.
• Work with the Systems team to fix detected vulnerabilities to maintain a high-security standard.
• Conducts network monitoring, intrusion detection and data leakage analysis using various tools such as Intrusion Detection/Prevention Systems (IDS/IPS), Firewalls, SIEM, NAC, Vulnerability Management tools, and DLP monitoring, etc.
• Document and escalate incidents (including event's history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment.
• Implement, configure and manage Intrusion Detection/Prevention Systems (IDS/IPS).
• Responsible for validating network security alerts and taking appropriate action to mitigate.
• Provides cybersecurity recommendations to IT management based on significant threats and vulnerabilities.
• Conduct regularly scheduled security audits, risk assessments and penetration tests to ensure network environment is secure.
• Identifies and resolves false positive findings in assessment results.
• Perform tasks to meet continuous monitoring requirements such as audit log reviews, security patching, and hardware/software configuration.
• Support IT in development and implementation of corporate policies and procedures to meet HIPAA, NIST, ISO and contractual requirements.
• Research emerging threats and present IT security vulnerabilities.
• Ensures the necessary steps are taken to mitigate and contain any malicious activity.
• Develop strategies to respond to and recover from security breaches.
• Coordinate education for all staff on information security risks and policies and procedures.
• Participate in the planning and design of enterprise security architecture, under the direction of the Director, Information Technology.
• Implement and manage SIEM solution for on-prem and Azure/M365 environments.
• Analyzes data from threat and vulnerability feeds and analyzes data for applicability to the organization.
• Manage and secure mobile devices.
• Provide 24x7 on-call coverage.

Qualifications

• Bachelor's in Computer Science, Information Systems, or other related field; equivalent work experience acceptable
• Qualified candidates should have subject matter expertise implementing security controls and threat protection, managing identity and access, and protecting data, applications, and networks in Microsoft cloud and hybrid environment as part of an end-to-end infrastructure. (M365/Azure)
• 5+ years experience installing, monitoring, and maintaining IT Security solutions for an enterprise-level organization
• Knowledge of Microsoft Advanced Threat Protection suite of products (MDATP, OATP, Cloud App Security, Azure AD Security)
• One or more security certificates preferred (CompTIA Security+, CISSP, CISA)
• Strong understanding of HIPAA compliance principles/standards preferred