Information Security Programs Administrator

Job Title: Information Security Programs AdministratorCorp Level : Associate ILocation: COEKey responsibilities:Track the performance of security measures to protect information and network infrastructure and computer systems  Responsible for the operations of the Third-Party Cyber Risk Management program.Conduct thorough risk assessments of third-party vendors and partners. Implement risk management strategies to mitigate potential threats. Monitor and review third-party compliance with security policies and standards. Collaborate with Revantage and Portfolio Companies IT and third parties on their remediation effort Collaborate with procurement and legal teams to ensure security requirements are included in contracts. Perform annual reviews of provider SOC reports and document the review for audit reviews Responsible for the operations of the Security Awareness Training program.Administer and maintain the KnowBe4 security awareness training platform. Develop and deliver engaging security awareness programs to educate employees on best practices. Track and report on training completion rates and effectiveness. Continuously update training materials to reflect the latest security threats and trends. Maintain policies and procedures for identity and access governance.Ensure proper access controls are in place and regularly reviewed. Maintain recertification processes and update/remove reviewers. Run IAM reports to clean up unused accounts. Run reports on stale groups and perform clean-up Represent security in annual external audits Maintain policies and procedures for SSPM and oversee related operationsConduct regular security posture assessments and implement necessary improvements. Sort and report on critical vulnerabilities, setting up reports and rules for notifications. Prioritize and assign vulnerabilities by categories to the infrastructure team. Identify and clean up dormant users. Run regular security posture reports Maintain policies and procedures for CSPM and oversee related operationsIdentify and mitigate risks in cloud environments through continuous monitoring and automated remediation. Prioritize and assign vulnerabilities by categories to the infrastructure team. Discover and integrate additional tools with CSPM tool for enhanced monitoring Maintain policies and procedures and administer the vulnerability management program. Assign vulnerabilities by categories to the infrastructure team to remediate Monitor DLP and Insider Threat Management systems and respond to alerts Monitor systems for irregular behavior and set up preventive measures.  Maintain secure, resilient enterprise-grade cloud processes in tandem with architects and system engineers. Develop, maintain, and utilize scripts for various administrative and application purposes.  Stay apprised of current and proposed security changes impacting regulatory, privacy, and security industry best practice guidance. Apply learned knowledge across key business lines, including products, practices, and procedures. Respond to ServiceNow security tickets, troubleshoot, and resolve reported issues. Participate in the change control process. Participate in on-call duties during assigned periods. Perform other duties as assigned. WHAT YOU BRING TO THE ROLERequired: Bachelor's degree in computer science, information assurance, MIS or related field, or equivalent industry experience. Minimum 2 years experience in security and systems administration with Azure cloud infrastructure, including software as a service (SaaS), infrastructure as a service (IaaS), and platform as a service (PaaS). Solid understanding and experience with administering Windows operating systems and Microsoft Azure cloud ecosystem, including administrative use of PowerShell. Knowledge of Microsoft Word, Excel, PowerPoint, and Power BI for creating reports & metrics dashboards Excellent verbal and written communication skills Preferred: Preferred experience with Wiz, Adaptive Shield, Veza, Linux, Python, Microsoft  Defender, Microsoft Sentinel and other cloud ecosystems  Security certifications such as CCSP, CISSP, Azure Security Engineer or similar  certifications