Security Software and Controls Administrator

Position Summary

The Security Software & Controls Administrator is responsible for the daily operation, monitoring, and improvement of the organization’s cybersecurity controls and platforms. This role ensures protection of enterprise systems, data, and users through proactive security management, incident response, platform optimization, and collaboration with internal teams.

• Managed Detection & Response (MDR – Arctic Wolf)
• Serve as the primary contact for all MDR alerts, escalations, advisories, and general security recommendations.
• Investigate and remediate security incidents in coordination with the SOC.
• Review MDR reporting and drive ongoing reduction of attack surface.
• Endpoint Detection & Response (Aurora / EDR)
• Administer endpoint protection agents and ensure complete deployment coverage.
• Monitor detections and conduct triage of endpoint-related threats.
• Maintain endpoint security posture including policy enforcement and hardening.
• Email Security & Awareness (Proofpoint)
• Oversee email security and filtering while monitoring cloud‑based access activity for signs of abnormal or risky behavior.
• Develop and execute End-User Security Awareness Training, including regular simulated phishing campaigns and security briefings.
• DNS Security (Cisco Umbrella)
• Maintain DNS‑layer security filtering across all users and devices and manage Cisco Umbrella operations and policies to support consistent DNS‑level protection.
• Investigate blocked threats and suspicious domain activity.
• Fortinet Security Fabric (Forti Analyzer, Forti
  
  EMS)
• Maintain and monitor Fortinet systems, including cloud‑based analytics, endpoint telemetry, and security fabric posture.
• Conduct threat‑hunting activities using Forti Analyzer datasets and firewall logs.
• Manage firewall security posture, apply patches, audit rule sets, and manage VPN and remote‑access controls.
• Monitor remote endpoint DNS telemetry (via EMS if applicable) to supplement organization‑wide threat visibility.
• Identity & Access Governance (Microsoft 365 Entra)
• Maintain Conditional Access, MFA, and identity protection.
• Evaluate and refine Intune device‑compliance and data‑protection policies.
• Assist with SharePoint and One Drive DLP policies and data governance.
• Monitor risky sign‑ins, privileged operations, and identity alerts.
• Cross‑Platform Responsibilities
• Maintain internal documentation, diagrams, and security baselines.
• Support audits, risk assessments, and vulnerability remediation.
• Act as an escalation point for complex systems or security‑related issues.
• Assist with compromise response workflows; collaborate with local IT for user‑facing remediation when appropriate.
• Evaluate emerging network and security platforms, assess new features and service offerings, and work with vendors to recommend solutions that enhance the organization's security posture.
• Minimum Qualifications /
  
  Skills:
• 2+ years experience in IT security operations.
• Experience with MDR, EDR, DNS filtering, and email security solutions.
• Knowledge of Microsoft 365 security architecture.
• Familiarity with MDM, endpoint hardening, and enterprise identity governance.
• Ability to interpret technical manuals and translate them into clear, internal SOPs and technical guides.
• Strong root‑cause analysis skills and the ability to research new products or emerging security threats.
• Highly organized with the ability to prioritize critical tasks and security incidents in high‑pressure environments.

• Effective interpersonal skills and relationship‑building skills
• Ability to present ideas in user‑friendly language
• Understanding of the organization’s goals and objectives
• Self‑motivated and directed
• Keen attention to detail
• Analytical and problem‑solving abilities
• Ability to work in a team‑oriented, collaborative environment
• Strong customer‑service orientation
• Occasional nights and/or weekends if required by a project or emergency
• While performing the duties of this job, the employee will prolong periods sitting at a desk and working on a computer, is occasionally required to stand; walk; use hands to handle or feel objects, tools, or controls; reach with hands and arms; climb stairs; talk or hear. The employee must occasionally lift or move office products and supplies, up to 50 pounds.

• 2+ years of progressive experience in Systems Administration or IT Security Operations.
• Associates degree in a technical field or equivalent professional experience.
• Current Microsoft (M365/Azure) or Security certifications (e.g., Security+, AZ-800/801, or MS-102) are highly preferred but not required.

This is a full time Monday thru Friday Exempt remote role that is occasional on-site.

Royston Group is an Equal Opportunity Employer M/F/Vets/Disability