IT Security Operations Administrator

SUMMARY OF POSITION

The IT Security Operations Administrator is the technical SME and will be responsible for executing security operational processes, maximizing knowledge of cybersecurity and infrastructure support tools to provide and maintain a secure computing environment for the Alvogen business. The position is uniquely positioned within the IT team to work closely with the Director of IT Security & Compliance in cybersecurity operations as a lead for various projects and initiatives to mitigate threats and continue to improve Alvogen's security posture.

ORGANIZATION STRUCTURE

This position will have direct line reporting to US Director of IT Security & Compliance with main responsibilities focused on cybersecurity operations and projects. This position will be in position to leverage advanced knowledge and skills to succeed as an IT Security solutions architect, Security Systems manager, or an IT Security engineer.

RESPONSIBILITIES

Primary responsibilities of this role include the following:

1. Cyber security operations
   1. Administer and maintain security monitoring and alerting tools.
   2. Adjust alerts to minimize false positives
   3. Creation and maintenance of security information reports
   4. Respond to alerts escalated from the managed SOC team through final resolution
   5. Provide rotational coverage for after-hours response for Critical and High alert escalations from the managed SOC team
2. Incident Management
   1. Lead and coordinate investigative activities for security incidents through resolution
   2. Assist in the creation and maintenance of security policies and procedures for security incidents
3. Vulnerability Management
   1. Administer and maintain vulnerability management tool
   2. Coordinate with IT Infrastructure and Support teams on mitigation of security vulnerabilities found in the environment
   3. Maintain and provide reports for patch management and vulnerabilities
4. Security Project Management
   1. Under guidance of the Director of IT Security & Compliance, lead security project initiatives which include
      1. Implementation of security applications
      2. Configuration of security controls for infrastructure and applications
      3. Implementation of security processes
5. Creation and maintenance of security related documentation. These include policies, SOPs, procedures, best practices for securing devices or endpoints, and playbooks for addressing common or critical security alerts.

Secondary responsibilities of this role include the following:

1. Assist Legal Department with eDiscovery activities
2. Security Application Support
3. Documentation maintenance and review

QUALIFICATIONS

• Strong analytical and technical ability to forensically investigate and assess cyber threats
• Strong written and verbal communication skills
• Posses self-motivated desire to continually improve personal awareness, technical skills and keep current with emerging technologies
• Strong work ethic, passionate about creating high quality solutions
• Occasional travel is required

Education requirements: ISC2 CISSP certification strongly preferred. BS in information technology,AS degree, or compensatory work experience would be considered.

Work Experience: 3+ years

Expert knowledge of:

• Windows Defender
• Microsoft Cloud App Security- configuration and policy creation
• Microsoft 365 Security
• Windows PowerShell.
• Kusto Query Language (KQL)
• Microsoft Entra Conditional Access policies
• Vulnerability management tools, Working knowledge of Rapid7 InsightVM preferred.
• Microsoft Purview
• Microsoft Intune Mobile Application Protection policies

Broad knowledge of information systems including Microsoft Intune, Active Directory, Microsoft Entra ID, network security, communication networks, security software/hardware.

GMP DECISION-MAKING AUTHORITY

None

An Equal Opportunity Employer, including disability/vets