Job Details

Job Location
Temecula, CA

Secondary Job Location(s)
Flower Mound, TX; Kernersville, NC

Remote Type
Fully Remote

Salary Range
$120000.00 - $150000.00 Salary

Description

Position Summary

The Security Administrator is a key member of FFF Enterprises' Information Security team, responsible for strengthening and maintaining the company's overall security posture. This role oversees the evaluation, testing, and documentation of security controls while designing and implementing strategies to protect the organization's digital and physical assets against unauthorized access, data breaches, disruption, or other threats.

Partnering closely with Information Security leadership, IT teams, and business stakeholders, the Security Administrator ensures security principles are embedded across all technology systems and processes. This position provides expert guidance on risk mitigation and regulatory compliance, supporting FFF's mission to protect sensitive data, enable operational resilience, and maintain trust with patients, partners, and the healthcare community.

Essential Functions and Duties

Information Security & Access Management:

• Develop, implement, and enforce policies to govern access to company resources, including the Office 365 environment, for both human and machine identities.
• Ensure the security, integrity, and compliance of Active Directory, Entra ID, Okta, and other cloud-based identity providers (IDPs).
• Configure and manage Microsoft Purview tools such as Data Loss Prevention (DLP), sensitivity labels, and retention policies to protect sensitive data and ensure regulatory compliance.
• Oversee and integrate advanced identity technologies, including Privileged Access Management (PAM), Identity Governance & Administration (IGA), User and Entity Behavior Analytics (UEBA), Cloud Infrastructure Entitlement Management (CIEM), Customer Identity and Access Management (CIAM), and Network Host Integration (NHI).
• Manage centralized user security and entitlement reviews, including recurring certifications and related audit processes, to ensure access is appropriate and compliant.
• Assess and mitigate organizational risks associated with user access, data access, and identity governance, providing recommendations for improved security posture.
• Establish, document, and maintain standards, policies, and procedures related to identity management and infrastructure.
• Provide guidance, education, and training to IT staff and business users on identity and access management (IAM) policies, tools, and best practices to promote consistent and secure practices across the organization.

Security Control Assessment:

• Conduct comprehensive security audits and risk assessments of systems, infrastructure, and identity environments to identify vulnerabilities and compliance gaps.
• Develop and deliver detailed reports that clearly outline audit findings, highlighting areas of strength, potential risks, and opportunities for process improvement.
• Provide strategic, consultative guidance to cybersecurity governance and infrastructure teams to enable informed decision-making and effective prioritization of resources.
• Facilitate the implementation of appropriate control measures aligned with the organization's risk appetite to proactively monitor, mitigate, and manage cybersecurity threats.
• Ensure identified risks are remediated in a timely manner and that all residual risks are accurately documented, tracked, and reported to leadership for ongoing oversight.

Security Event & Incident Response:

• Continuously monitor system logs, SIEM tools, network traffic, user activity, and endpoint behavior to identify unusual or suspicious activity that may indicate potential threats.
• Collaborate with internal teams and external partners to manage, contain, and report security incidents, ensuring clear communication and rapid response.
• Participate in incident response activities during non-standard work hours when required to mitigate urgent threats and maintain business continuity.
• Evaluate the performance and effectiveness of Managed Detection and Response (MDR) solutions, recommending enhancements to improve threat detection, response speed, and overall cybersecurity resilience.

General Responsibilities:

• Adheres specifically to all company policies and procedures, Federal and State regulations, and laws.

• Display dedication to position responsibilities and achieve assigned goals and objectives.
• Always represent the Company in a professional manner and appearance.
• Understand and internalize the Company's purpose.
• Display loyalty to the Company and its organizational values.
• Display enthusiasm and dedication to learning how to be more effective on the job and share knowledge with others.
• Work effectively with co-workers, internal and external customers and others by sharing ideas in a constructive and positive manner; listen to and objectively consider ideas and suggestions from others; keep commitments; keep others informed of work progress, timetables, and issues; address problems and issues constructively to find mutually acceptable and practical business solutions; address others by name, title, or other respectful identifier, and respect the diversity of our work force in actions, words, and deeds.
• Comply with the policies and procedures stated in the Injury and Illness Prevention Program by always working in a safe manner and immediately reporting any injury, safety hazard, or program violation.

• Ensure conduct is consistent with all Compliance Program Policies and procedures when engaging in any activity on behalf of the company. Immediately report any concerns or violations.
• Other duties as assigned.

Qualifications

Education, Knowledge, Skills, and Experience

Required Education:

• Bachelor's degree in Management Information Systems, Computer Science, Information Technology, or a related field, or an equivalent combination of education and directly related professional experience that provides the knowledge, skills, and abilities necessary to perform the role effectively.

Preferred Education:

• Advanced degree (Master's) in Information Security, Cybersecurity, Information Technology, or a related discipline.
• Industry-recognized security certifications such as CISSP, CISM, CISA, CompTIA Security+, or Microsoft Certified: Cybersecurity Architect Expert.
• Specialized training or coursework in cloud security, identity governance, or compliance frameworks (e.g., HITRUST, HIPAA, GDPR).

Required Knowledge:

• Comprehensive expertise in data security, access management, and identity governance concepts, tools, and best practices.
• Strong proficiency in securing multiple computing platforms, with a primary focus on Windows and Linux operating systems.
• Foundational understanding of network security principles, including firewalls, network segmentation, and intrusion prevention.
• Knowledge of incident response processes, including real-time system monitoring, analysis, and threat mitigation techniques.
• Ability to translate complex security risks into clear business impacts, enabling informed decision-making by technical and non-technical stakeholders.

Preferred Knowledge:

• Understanding of risk management practices and security control audit methodologies, including implementation and evaluation techniques.
• Familiarity with regulatory and compliance frameworks such as HITRUST, PCI, HIPAA, SOX, GDPR, and CPRA, with the ability to apply these standards to security operations.
• Knowledge of cloud platform security, with a strong preference for experience working with Google Cloud Platform (GCP) or Microsoft Azure environments.
• Proficiency in managing advanced security tools, including file integrity monitoring (FIM) systems, Data Loss Prevention (DLP) solutions, and Microsoft Active Directory group policies.
• Experience with emerging Microsoft technologies, including Copilot Studio, PowerApps, Microsoft Graph API, data connectors, and associated integrations to optimize automation and identity management.

Required Experience:

• A minimum of five (5) yearsof experience in network and system administration, or acombination of three (3) yearsof experience in network/system administrationand two (2) yearsof experience in cybersecurity or control audit/risk management.
• Demonstrated experience applyingchange managementandproject managementprinciples to IT and security initiatives.
• Hands-on expertisewith Microsoft 365 services, including Entra ID, SharePoint, Teams, Active Directory, and Microsoft Purview.
• Proven ability toimplement, manage, and optimize data protection methods, including encryption, access controls, and security monitoring tools.

Preferred Experience:

• Five (5) or more years of progressive experience in cybersecurity, including control audits and risk management, or a total of ten (10) or more years of combined experience across cybersecurity and network/system administration.
• Proven experience integrating emerging access control technologies, such as Single Sign-On (SSO), Data Loss Prevention (DLP), and Role-Based Access Control (RBAC), within multi-operating system (multi-OS) environments.
• Experience leading or conducting control audits aligned with industry compliance standards and best practices.
• Demonstrated expertise in securing cloud-based data and identity resources, with an emphasis on scalability and regulatory compliance.

Required Skills:

• Strong organizational and prioritization abilities, with exceptional attention to detail and accuracy.
• Excellent verbal and written communication skills, including the ability to convey complex technical concepts to both technical and non-technical audiences.
• Demonstrated ability to work independently while fostering collaboration within cross-functional teams.
• Proven decision-making and problem-solving skills, with the capacity to analyze complex situations and determine effective solutions.
• Ability to balance strategic vision with tactical execution, aligning day-to-day activities with long-term organizational goals.
• Resilience to remain calm and effective under pressure, including high-stakes or time-sensitive situations.
• Commitment to integrity, accountability, and continuous improvement, with a focus on advancing security practices and outcomes.
• Dedication to staying current with evolving cybersecurity threats and emerging technologies, applying new knowledge to enhance the organization's security posture.

Preferred Skills:

• Advanced analytical and investigative abilities, with experience leveraging data-driven insights to identify vulnerabilities and recommend targeted solutions.
• Proficiency with security automation tools and scripting languages (e.g., PowerShell, Python) to streamline processes and improve operational efficiency.
• Experience mentoring or training team members, fostering knowledge sharing and the adoption of best practices across technical teams.
• Strong presentation and executive communication skills, with the ability to influence leadership decisions and drive alignment on security initiatives.
• Cross-functional leadership experience, collaborating with business stakeholders, IT teams, and external partners to deliver enterprise-wide security improvements.
• Familiarity with threat intelligence platforms and advanced threat-hunting techniques for proactive risk detection and mitigation.
• Strategic project management capabilities, including planning, execution, and evaluation of large-scale cybersecurity initiatives.

Physical requirements

Vision, hearing, speech, movements requiring the use of wrists, hands and/or fingers. Must have the ability to view a computer screen for prolonged periods and the ability to sit for extended periods. Must have the ability to work the hours and days required to complete the essential functions of the position, as scheduled. Must have the ability to lift and maneuver items of at least 20 lbs. Must have the ability to travel occasionally. Working condition include normal office setting.

Mental Demands

Learning, thinking, concentration and the ability to work under pressure, particularly during busy times. Must be able to pay close attention to detail and be able to work as a member of a team to ensure excellent customer service. Must have the ability to interact effectively with co-workers and customers, and exercise self-control and diplomacy in customer and employee relations' situations. Must have the ability to exercise discretion as well as appropriate judgments when necessary. Must be proactive in finding solutions.

Direct Reports

No

EEO Statement

FFF Enterprises and Nufactor are an equal opportunity employer and prohibits discrimination and harassment based on the following characteristics: race, color, religion, national origin, physical or mental disability, gender, age (40 years and over) qualified veteran and any other characteristic protected by state or federal anti-discrimination law covering employment. These categories are defined according to Government Code section 12920. The Company prohibits unlawful discrimination based on the perception that anyone has any of those characteristics or is associated with a person who has or is perceived as having any of those characteristics.