IT Security & Compliance Administrator

Job Summary:

We are looking for a proactive and detail-oriented Security and Compliance Administrator to join our team. This role focuses on managing cybersecurity operations and ensuring IT compliance. You will leverage Microsoft security tools to safeguard our IT environment while conducting quarterly SOX and ITGC audit control testing. This is an excellent opportunity for a skilled professional to make an impact in a dynamic and fast-paced global organization. This is not a general sys admin role. You must have proven experience in a security role using Microsoft security products.

Key Responsibilities:

Security Administration:

• Manage and monitor Microsoft Defender solutions, including Defender for Endpoint, Defender for Office 365, Defender for Cloud, Defender for Cloud Apps.
• Configure and enforce security policies, including conditional access, MFA, and endpoint compliance.
• Investigate and respond to security threats, performing advanced hunting using KQL scripts.
• Optimize and maintain Microsoft Sentinel for threat detection and incident response.
• Proactively identify and mitigate vulnerabilities across endpoints, cloud services, and networks.

Compliance and Audit:

• Execute quarterly SOX and IT General Controls (ITGC) testing to validate control effectiveness.
• Document and maintain compliance evidence for audits, ensuring accuracy and audit readiness.
• Collaborate with internal and external auditors to support audit processes.
• Identify and help remediate gaps in IT controls or findings from audits.
• Stay updated on regulatory frameworks, such as SOX and ISO 27001, and recommend best practices for compliance.

Collaboration and Reporting:

• Provide regular reports on security incidents, compliance metrics, and audit readiness to global IT leadership.
• Work with cross-functional teams to ensure security initiatives align with business objectives.
• Keep up to date with the latest cybersecurity threats, trends, and compliance requirements to recommend improvements.

Qualifications:

Technical Skills (You will be tested on these):

• Proficiency with Microsoft security tools, including:
• Microsoft Defender suite (Endpoint, Identity, Cloud, Office 365).
• Microsoft Sentinel for SIEM and advanced threat detection.
• Azure Active Directory and related identity and access management policies.
• Strong understanding of compliance frameworks (e.g., SOX, ISO 27001, NIST CSF).
• Experience with ITGC testing and SOX control areas, including access management, change management, and data protection.

Education and Experience:

• Bachelor's degree in Computer Science, Information Technology, or a related field.
• 3-5 years of experience in cybersecurity, compliance, or IT audit roles.
• Experience with audit management tools (e.g., Diligent Highbond) is a plus.

Certifications (preferred):

• Microsoft Certified: Security Operations Analyst Associate (SC-200).
• Microsoft Certified: Security, Compliance, and Identity Fundamentals (SC-900).
• Certified Information Systems Auditor (CISA) or Certified Information Systems Security Professional (CISSP).