IT Security Manager

The Manager, IT Security reports to the IT Operations and Security leader, and will work closely with the IT Operations leadership, IT department, and business-at-large to ensure the successful delivery and operations of critical security controls across a heterogeneous corporate/Centers multi-site computing environment. This position will play a critical role in providing strategic guidance, expertise, and leadership in managing and optimizing the security operations of the organization. The IT Security Manager will be responsible for supporting and aligning the day-to-day activities, ensuring the smooth functioning of IT security systems, and driving continuous improvement efforts to enhance operational efficiency and effectiveness while hardening our environment from known and yet discovered threats. As such, you will have the opportunity to make a significant impact by driving security-oriented operational excellence, fostering innovation, and ensuring the delivery of high-quality IT security services. Your expertise and skills will contribute to the overall success of the organization's technology operations, enabling efficient and reliable IT systems to support business objectives while adhering to IT and security compliance policies and procedures.

The Manager will likewise have opportunities for involvement in security-related IT projects and center technology deployments and initiatives.

Duties/Responsibilities

• Security, risk, and vulnerability management, including identifying, assessing, and mitigating risks to ArchWell Health’s enterprise assets: endpoint, mobile, network, server, virtual, etc. Assist in our vulnerability lifecycle management.
• Asset security and inventory, ensure all assets are compliant with all standards and policies, some examples: Azure-joined, connected, secured, patched, monitored, evaluated for compliance or security issues, escalations.
• Review, improve, or establish information technology and security policies for the organization under the guidance of the IT Operations leader, manage these policies in conjunction with IT Security Analyst(s), Compliance, and other teams as needed, including annual review exercises and attestations.
• Ensure data is protected at rest and in transit while ensuring and enforcing network security. Strong partnership with our internal and external telephony and networking teams is a must.
• Manage user identities and access to resources utilizing established best practices, adopting and understanding our current technology and solutions.
• Assume the lead of our SOC on a day-to-day basis.
• Review, understand, design, and implement security architecture and controls under the guidance of IT leadership.
• Collaborate with IT operations leadership to maintain, develop, improve, and implement IT operational security strategies and lifecycles aligned with organizational goals.
• Oversee the configuration, operation, support, and maintenance of IT security systems and solutions.
• Ensure availability, reliability, and security of systems, and address any technical issues or disruptions in a timely manner.
• Monitor key performance indicators (KPIs) and implement metrics-driven approaches to measure and improve operational performance.
• Participate in support, collaboration, partnership in managing, strategic trade partner and vendor relations.
• Act as main point of contact for our external penetration testing partner and directly responsible for coordinating the annual testing.
• Own security domain applications administration and maintenance.
• Program manage certain security processes, applications, and/or workstreams to support IT, IS, and the broader organization.
• Coordinate IT security initiatives.
• Rationalize new security domain requests and flow them to internal and external parties.
• Perform troubleshooting. Possess a deep understanding of hardware, software, and networking.
• Willingness to travel up to 20%.
• Other tasks and duties required by the position.

List of Solutions (SME knowledge) and required Skills

• Microsoft 365, Azure, Entra, Office, Sentinel, Defender, Score, Azure Virtual Desktop.
• Must possess a strong knowledge of Microsoft licensing model and its security services.
• Conditional Access Policies.
• Groups: Security, Exchange, Entra, SharePoint, 365, etc.
• Authentication – Authenticator, MFA, etc.
• Meraki SD WAN
• Cisco ASA
• Automox, Application Patching.
• Understand our internal, and our MSSPs’ external incident playbooks.
• In-depth knowledge of ITIL frameworks, industry best practices, and emerging trends in security and technology operations.
• Strong leadership skills with the ability to inspire and motivate teams.
• Proficiency in assessing and managing IT risks, implementing security measures, and ensuring compliance.
• Highly motivated with excellent problem-solving and analytical skills.
• Effective communication and interpersonal skills.
• Strong grasp of IT technology and security fundamentals.
• Solid understanding of common Windows platforms including Windows 10.
• Technical and functional documentation skills are essential.

Education and Experience:

• Bachelor’s degree in computer science, Information Technology, or a related field preferred.
• Relevant certifications such as ITIL, PMP, CISSP, or similar credentials are desirable.
• Proven experience (7+ years) in IT operations management.
• 5+ years’ experience in IT project management, Smartsheet experience preferred.
• 5+ years’ experience working in predominantly Microsoft Windows and Microsoft 365 based environments.
• 2+ years’ Experience working within Microsoft Azure, 365, Entra, and Defender portals.
• Experience with application inventory and management.
• Experience with Adobe products and administration is preferred.
• Experience with Apple Business Manager and administration is preferred.
• Experience with endpoint imaging, software/deployment packaging, and device provisioning automation.
• Experience with Cloud, on-premises, and virtual computing.
• Experience with SQL Server, Windows Server, Active Directory, IAM.
• Experience with networking technologies (DNS, DHCP), multi-site, LAN/WAN topology.
• Experience working in a fast-paced environment with multiple projects.

About ArchWell Health:

At ArchWell Health, we’re creating a community of caring designed to help our members stay healthy and engaged. Our value-based care model is designed to prevent illnesses while keeping members healthy and happy in every aspect of their life. We deliver best-in-class primary care at comfortable, accessible centers where older adults can feel at home. ArchWell Health is an equal opportunity employer.