Job Title: Senior Microsoft/Network Security Specialist
Date: October 2024
Department: Systems & Technology
Location: Reston, Virginia (Office First)
Status: Full-time/Exempt
Job Reports To: Associate Managing Director, IT Security & Operations
Job Summary
We are seeking a highly skilled and experienced Senior or Advanced Network Security Specialist focusing on Microsoft Security to join our IT Security & Operations team. The ideal candidate will be responsible for ensuring the security and integrity of our Microsoft-based systems and infrastructure. This role involves implementing, managing, and monitoring security measures to protect our organization's data and systems from cyber threats.
Essential Duties and Responsibilities
· This position requires in-depth knowledge of information technology security standards and best practices using the NIST framework and using CIS Controls.
· Partner with client stakeholders to translate business requirements into solutions for deploying, upgrading, or migrating to the latest Microsoft Security technologies.
· Deployment of document sensitivity for PHI, PII, PCI data, and Controlled Unclassified Information.
· Deploying and managing Microsoft Defender security tools, including but not limited too; Microsoft 365 Defender suite of products, Azure Defender Suite of products, Microsoft Purview, Microsoft Entra, Microsoft Intune, and Azure Sentinel SIEM, including Windows Server, Azure, Office 365, and other Microsoft technologies.
· Conduct security assessments and vulnerability analyses to identify and mitigate potential security risks, by managing and using the Qualys security platform, and tracking tickets using Jira Service Management.
· Work with the Cloud Solutions Architect on GitHub Advanced Security and resolve any identified coding vulnerabilities or security issues using the Jira Ticket system.
· Monitoring and remedying security threats, using threat-hunting skills.
· Expect to communicate comfortably about all aspects of IT-related security.
· Review existing architecture and configuration plans and provide a detailed assessment of a product’s current or planned configuration and make recommendations.
· Create Security documentation and identify any gaps or exceptions that must be noted and approved.
· Advise on security compliance and document any exceptions in the risk registers.
· Advise business users on best practices for cloud security architecture, design, development, or integration processes to reduce future problems.
· Conduct root cause analysis of critical situations and make recommendations and plans for preventing recurrences.
· Collaborate with the TAM to examine ticket trends and identify recurring issues and common threads. Analyze issues and engineer changes to prevent and solve current problems proactively.
· Lead reactive troubleshooting or proactive service delivery, such as risk or health assessments.
· Work with IT leadership on annual Business Continuity exercises.
· Act as the SME through the design, implementation, and support of solutions related to Microsoft cloud security.
· Participate in problem analysis and assist in determining strategic software solutions and enhancements to address identified issues.
· Stay abreast of new technologies and application releases.
· Articulate effectively using both technical and non-technical resources across all levels of an organization.
· Provide training and guidance to staff on security best practices and awareness.
Knowledge, Skills & Abilities
· Excellent attention to detail with ability to manage multiple projects.
· Stellar written and verbal skills.
· Initiative-taker with a well-developed aptitude for time management; and leading, building and participating in teams, especially in a remote-first environment.
· Ability to interact with others professionally and respectfully with diverse cultural and professional backgrounds.
· Incident response experience is required.
· Strong Change Management experience preferred.
· Understand and contribute to Nacha’s goals.
· Embrace and apply the association’s core values.
· Experience with cloud security and hybrid environments.
· Knowledge of scripting and automation tools (e.g., PowerShell).
· Familiarity with regulatory requirements and compliance standards (e.g., GDPR, HIPAA).
· In-depth knowledge of information technology security standards and best practices using the NIST Cybersecurity Framework and using CIS Controls as well as other Control Frameworks; ISO, MITRE ATT&CK, CMMC and OWASP to name a few.
Required Background / Minimum Qualifications
· Bachelor's degree in Computer Science, Information Technology, or a related field or Certifications and 5 – 7 years of relevant work history.
· Proven experience as a Microsoft Security Specialist or similar role.
· In-depth knowledge of Microsoft security technologies, including Windows Server, Azure, Office 365, and Active Directory.
· Strong understanding of cybersecurity principles, practices, and frameworks.
· Experience with security assessment tools and techniques.
· Excellent problem-solving and analytical skills.
· Strong communication and interpersonal skills.
· Relevant certifications such as Microsoft Certified: Security, Compliance, and Identity Fundamentals, Certified Information Systems Security Professional (CISSP), or Certified Ethical Hacker (CEH) are a plus.
Supervisory Responsibilities
None at this time.
Working Conditions
This position will be mainly on-site (minimum three days/week) with the exception to occasional work remotely.
Success Factors and Essential Mental Functions
The position of Network Security Specialist offers growth opportunities to the incumbent commensurate with demonstrated and consistent performance. The incumbent shall be able to excel in a dynamic environment with a myriad of competing priorities and demands. Beyond subject matter and functional mastery, the successful incumbent shall demonstrate:
· Initiative and creative critical thinking skills.
· Ability to work in a remotely, effectively.
· Willingness to own responsibility for delivery of key value.
· Balance between independence/initiative-taker and a team player.
· Professionalism and decorum.
· Commitment to quality and focus on members/customers.
Physical Demands
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. While performing the duties of this job, the employee is regularly required to talk and hear. This is largely a sedentary role; however, some filing and light lifting of boxes may occur. This would require the ability to lift files/boxes, open filing cabinets and bend or stand on a stool, as necessary.
Other Duties
Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice.
___________________________________
Nacha has the distinct honor of being named one of the Best Places to Work in Virginia for six years in a row.
Nacha provides a competitive, comprehensive benefits package to include: Medical, Dental, Vision, Life insurance, Short- and Long-term Disability, FSA, HSA, 401k with Match, VAC/SICK/HOL, Wellness Reimbursement, and promotes a culture that encourages learning and professional development.
If you would like to be a part of a dynamic team, please submit your cover letter and resume to attention Human Resources.
About Nacha
Nacha governs the thriving ACH Network, the payment system that drives safe, smart, and fast Direct Deposits and Direct Payments with the capability to reach all U.S. bank and credit union accounts. Through problem-solving and consensus-building among diverse payment industry stakeholders, Nacha advances innovation and interoperability in the payments system. Nacha develops rules and standards, provides industry solutions, and delivers education, accreditation, and advisory services. To do all of this, we rely on the heart of Nacha – our people and Core Values.
Nacha Core Values
Being a team member of Nacha means adopting and living our Core Values. As the problem solvers and consensus builders who enable payments to securely reach virtually every American, WE ACHieve success through teamwork, commitment and innovative thinking.
To join Nacha is to exemplify our Core Values by: not sitting on the sidelines but being doers. We don’t shy away from tough problems or long odds - we do what is right, which may not be easy. We foster curiosity and embrace learning to broaden our expertise. We are each great, but together we are better and foster a respectful, diverse and inclusive work culture. And finally, we don’t take ourselves too seriously. We bring our ‘A’ game and still have fun. We celebrate successes and have a friendly and fun work environment.
Nacha is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.