IT System Administrator & Security Specialist

As THE leader in transit technology, Clever Devices' vision is to make meaningful contributions to worldwide mobility. Our goal is to be the leading provider of exciting technology that improves the quality of mobility in communities around the world.

Clever Devices is seeking a team-oriented, self-motivated individual with a passion for technology and a proven track record in IT systems administration and security to join our team. In this hybrid position, you will ensure the security and integrity of our organization's IT infrastructure.

As the IT System Administrator and Security Specialist, you will contribute to the planning, implementation, and maintenance of our organization's IT systems and infrastructure. You will also contribute to the development, implementation, and management of security policies, procedures, and technologies to safeguard our systems and data assets.

Responsibilities:

Administrative Functions:

• Manage user access controls, permissions, and authentication mechanisms.
• Implement security measures for network infrastructure, including firewalls, intrusion detection/prevention systems, and VPNs.
• Maintain incident response plans and participate in security incident investigations as needed.
• Serve as an Okta Administrator for company-wide access management.
• Ensure SAML authentication is implemented wherever possible.
• Administration, monitoring, and optimization of hybrid Windows and Entra AD infrastructure.

BitLocker Management:

• Implement and manage BitLocker encryption across all relevant endpoints and servers.
• Monitor BitLocker status and ensure encryption keys are effectively managed and securely stored.
• Troubleshoot BitLocker-related issues and provide timely resolution.
• Stay updated with BitLocker advancements and best practices to enhance security measures.

Security ISO Compliance:

• Ensure adherence to security ISO and NIST CSF standards such as ISO 27001, ISO 27002, and ISO 27018.
• Develop and maintain security policies, procedures, and documentation in accordance with ISO standards.
• Conduct regular audits and assessments to evaluate compliance status.
• Collaborate with internal teams to address non-compliance issues and implement corrective actions.

Security Monitoring and Analysis:

• Assesses the need for security reconfigurations (minor or significant) and executes them as required.
• Utilize security tools and technologies to monitor network traffic, detect anomalies, and respond to security incidents.
• Analyze security logs and reports to identify potential security threats or vulnerabilities.
• Monitor security incidents and respond to security breaches in a timely and efficient manner.
• Recommend and implement security enhancements to mitigate risks and strengthen defenses.
• Contribute to the company's CrowdStrike deployment to ensure security across all devices, identifying vulnerabilities and remediation.
• Conduct regular security assessments, penetration testing, and vulnerability scans to identify and mitigate potential risks.

Collaboration and Communication:

• Work closely with cross-functional teams, including IT operations, development, and compliance, to integrate security into all aspects of IT infrastructure and operations.
• Communicate security-related concepts and recommendations to technical and non-technical stakeholders effectively.
• Collaborate with external auditors and regulatory bodies during security audits and assessments.
• Collaborate with other departments to integrate security measures into IT projects and initiatives.
• Stay current on security trends, threats, and best practices to proactively address emerging risks.

Qualifications:

• Bachelor's degree in Computer Science, Information Technology, or other related field and 3 years of IT security related work experience or additional work experience equivalency as noted below.
• Additional related work experience in lieu of education requirement: Four (4) years of related work experience. PLUS, another 8 years in place of the 4-year degree requirement.
• Proven experience in managing BitLocker encryption and maintaining security ISO compliance within a corporate environment.
• Proficiency in administering Windows Active Directory, Entra AD, Group Policy, and other relevant administrative tools.
• Strong understanding of network security principles, protocols, and technologies (e.g., TCP/IP, VPN, IDS/IPS).
• Current software protocols, and Internet standards, including TCP/IP, HTML, PowerShell, JavaScript, and XML, Regular Expressions, SQL, IOS, Perl, Python, Bash, PowerShell, and PHP programming languages.
• Experience with security assessment tools and techniques, including vulnerability scanning and penetration testing.
• Well versed in multiple security technologies such as SIEM; Intrusion Detection Systems; Endpoint security; PKI, SAML; Log Analysis; etc.
• Excellent analytical and problem-solving skills with a keen attention to detail.
• Effective communication and interpersonal skills, with the ability to collaborate with diverse teams and stakeholders.
• Knowledge of industry best practices and emerging trends in IT security.

Physical Requirements: