UNITE HERE HEALTH serves 190,000+ workers and their families in the hospitality and gaming industry nationwide. Our desire to be innovative and progressive drives us to develop impactful programs and benefits designed to engage our participants in managing their own health and healthcare. Our vision is exciting and challenging. Please read on to learn more about this great opportunity.
The IT Security Administrator I position will secure enterprise information by administering appropriate security systems and controls; preparing necessary security procedures; and mentoring IT and business team members in security best practices.
ESSENTIAL JOB FUNCTIONS AND DUTIES- Monitors Fund SIEM and responds to alerts, coordinates actions, and escalates as appropriate
- Administers day-to-day operations of the enterprise SIEM solution, reviews alert levels to reduce false positives, maintain data feeds coordinating with other IT partners
- Administers day-to-day operations of vulnerability management platform to include scheduled scanning, scans on demand, pre-development scans, and analysis of reports
- Monitors and coolates vulnerability alerts from official resources, contextually analyses impact and likelihood with guidance, and advises Infosec team members on recommended actions
- Alerts on suspicious email submissions and actual compromises, takes appropriate actions as necessary, as well as conducts threat hunting analysis with guidance
- Assists the Information Security Analysts in XDR endpoint investigations
- Evangelizes 'security-first' in all duties and actions including Least Access Principle
- Represents the Information Security Mission with integrity and accountability to department leadership and end users at all times
- Collaborates with other IT departments to improve and enhance application and system security
- Confers with leadership and users to discuss data access needs, security violations, etc.
- Participates in the software installation request process from a security perspective, validates use case
- Facilitates Penetration Test and Risk Assessments, assists in coordination of remediation actions
- Demonstrates the Fund's Diversity and Inclusion (D&I) principles in their conduct at work and contributes to a safe inclusive culture with equitable opportunities for success and career growth
ESSENTIAL QUALIFICATIONS - Minimum 2 years' experience in an IT environment, User Support or Systems Admin preferred Knowledge in healthcare, insurance or related field a plus
- Bachelor's degree in Information Technology or related field or equivalent work experience required
- Security certification (e.g., A+, GIAC-GSEC)
- Practical understanding of CIS and NIST 800-53 controls
- Knowledge of any of the following security tools desired:
- Rapid 7 products with emphasis on IDR, IVM, Appsec, Projects Heisenberg and Sonar Sonar
- Metasploit
- Sophos (XDR, Central, Cloud Optix, Phish Threat Training Platform)
Salary range for this position: Salary: $85,300 - $106,700. Actual base salary may vary based upon, but not limited to: relevant experience, qualifications, expertise, certifications, licenses, education or equivalent work experience, time in role, peer and market data, prior performance, business sector, and geographic location.
Work Schedule (may vary to meet business needs): Monday Friday, 7.5 hours per day (37.5 hours per week) as a hybrid work arrangement.
We reward great work with great benefits, including but not limited to: Medical, Dental, Vision, Paid Time-Off (PTO), Paid Holidays, 401(k), Short- & Long-term Disability, Life, Pension, AD&D, Flexible Spending Accounts (healthcare & dependent care), Commuter Transit, Tuition Assistance, and Employee Assistance Program (EAP).