Manager, IT Security

Job Summary

The Manager, IT Security reports to the IT Operations and Security leader, and will work closely with the IT Operations leadership, IT department, and business-at-large to ensure the successful delivery and operations of critical security controls across a heterogeneous corporate/Centers multi-site computing environment. This position will play a critical role in providing strategic guidance, expertise, and leadership in managing and optimizing the security operations of the organization. The IT Security Manager will be responsible for supporting and aligning the day-to-day activities, ensuring the smooth functioning of IT security systems, and driving continuous improvement efforts to enhance operational efficiency and effectiveness while hardening our environment from known and yet discovered threats. As such, you will have the opportunity to make a significant impact by driving security-oriented operational excellence, fostering innovation, and ensuring the delivery of high-quality IT security services. Your expertise and skills will contribute to the overall success of the organization's technology operations, enabling efficient and reliable IT systems to support business objectives while adhering to IT and security compliance policies and procedures.

The Manager will likewise have opportunities for involvement in security-related IT projects and center technology deployments and initiatives.

Duties/Responsibilities

• Security, risk, and vulnerability management, including identifying, assessing, and mitigating risks to ArchWell Health’s enterprise assets: endpoint, mobile, network, server, virtual, etc. Assist in our vulnerability lifecycle management.
• Asset security and inventory, ensure all assets are compliant with all standards and policies, some examples: Azure-joined, connected, secured, patched, monitored, evaluated for compliance or security issues, escalations.
• Review, improve, or establish information technology and security policies for the organization under the guidance of the IT Operations leader, manage these policies in conjunction with IT Security Analyst(s), Compliance, and other teams as needed, including annual review exercises and attestations.
• Ensure data is protected at rest and in transit while ensuring and enforcing network security. Strong partnership with our internal and external telephony and networking teams is a must.
• Manage user identities and access to resources utilizing established best practices. Assess and provide meaningful feedback for continuously improving the security, efficiency and effectiveness of IAM and onboarding/offboarding processes.
• Assume the lead of our SOC on a day-to-day basis and all that that entails.
• Review, understand, design, and implement security architecture and controls under the guidance of IT leadership.
• Collaborate with IT operations leadership to maintain, develop, improve, and implement IT operational security strategies and lifecycles.
• Oversee the configuration, operation, support, and maintenance of IT security systems and solutions.
• Ensure availability, reliability, and security of systems, and address any technical issues or disruptions in a timely manner.
• Monitor key performance indicators (KPIs) and implement metrics-driven approaches to measure and improve operational performance.
• Participate in support, collaboration, partnership, and managing strategic trade partner and vendor relations, both for established and new.
• Act as main point of contact for our external penetration testing partner.
• Own security domain applications administration and maintenance.
• Program manage certain security processes, applications, and/or workstreams to support IT, IS, and the broader organization where appropriate.
• Coordinate IT security initiatives.
• Rationalize new security domain requests and flow them to internal and external parties.
• Perform troubleshooting. Possess a deep understanding of hardware, software, and networking.
• Willingness to travel up to 20%. If remote, quarterly visits to HQ in Nashville, TN, and in-market center visits.
• Other tasks and duties required by the position.

List of Solutions (SME knowledge) and required Skills

• Microsoft 365, Azure, Entra, Office, Sentinel, Defender, Score, Azure Virtual Desktop.
• Must possess a strong knowledge of Microsoft licensing model and the security services, addons, etc. that go with each license type.
• Conditional Access Policies.
• Groups: Security, Exchange, Entra, SharePoint, 365, etc.
• Authentication – Authenticator, MFA, etc.
• Meraki SD WAN
• Cisco ASA
• Automox, Application Patching.
• Understand our internal, and our MSSPs’ external incident playbooks.
• In-depth knowledge of ITIL frameworks, industry best practices in security and technology operations.
• Strong leadership skills with the ability to inspire and motivate teams.
• Proficiency in assessing and managing IT risks, implementing security measures, and ensuring compliance.
• Highly motivated and possesses excellent problem-solving and analytical skills.
• Effective communication and interpersonal skills.
• Strong grasp of IT technology and security fundamentals.
• Solid understanding of common Windows platforms including Windows 10.
• Technical and functional documentation skills are essential.

Education and Experience:

• Bachelor’s degree in computer science, Information Technology, or a related field preferred.
• Relevant certifications such as ITIL, PMP, CISSP, or similar credentials are highly desirable.
• Proven experience (7+ years) in IT operations management, including hands-on experience with infrastructure, networking, systems administration, and security.
• 5+ years’ experience in IT project management, Smartsheet experience is preferred.
• 5+ years’ experience working in predominantly Microsoft Windows and Microsoft 365 based environments.
• 2+ years’ Experience working within Microsoft Azure, 365, Entra, Purview, and Defender portals / dashboards.
• Experience with application inventory and management.
• Experience with Adobe products and administration.
• Experience with Apple Business Manager and administration.
• Experience with endpoint imaging, software/deployment packaging, and device provisioning automation.
• Experience with Cloud, on-premises, and virtual computing.
• Experience with SQL Server, Windows Server, Active Directory, IAM.
• Experience with networking technologies (DNS, DHCP).
• Experience working in a fast-paced environment with multiple projects and efforts.

About ArchWell Health:

At ArchWell Health, we’re creating a community of caring designed to help our members stay healthy and engaged. By focusing on a strong provider-patient relationship, routine wellness, and staying active, our members enjoy a higher level of care and better quality of life after the age of 60. Everything we do is for seniors. We believe seniors should be heard, listened to, and given ample time by their physicians to live well later in life.

Our value-based care model is designed to prevent illnesses while keeping members healthy and happy in every aspect of their life. We deliver best-in-class primary care at comfortable, accessible neighborhood centers where older adults can feel at home and become part of a vibrant, wellness-focused community. We’re passionate about caring for older adults and united by the belief that caring has the power to change everything for our members.