• Audit WordPress setup, hosting, plugins, forms, integrations, tracking tools, and user access. • Identify HIPAA, privacy, and security gaps related to PHI handling, encryption, access control, backups, logging, and third-party vendors. • Assess risks involving CRMs, analytics tools, email platforms, payment tools, APIs, and form builders. • Review overall website security posture and identify vulnerabilities or misconfigurations. • Provide a concise audit report with findings, risk levels, and prioritized remediation steps.

Role Description The selected candidate works within the Security Operations Center to improve, tune, and enhance security alerts, responses, and remediation of detected issues. The engineer will also work within the Incident Management process to remove threats and vulnerabilities within the organization. This role collaborates with other Information Security and IT Operational teams to maintain a secure environment and incident response capabilities. - Serves as the regional point of contact for security escalations/requests and escalates requests to Security architecture as needed. - Responsible for the identification and assessment of enterprise risks. - Identifies, evaluates, and tests appropriate security products, tools, and systems to ensure alignment with the CushWake global security posture. - Articulates security policies, guidelines, and standards to customers and developers. - Works independently within an established framework. - Develops techniques and procedures for conducting IS and cyber security risk assessments and compliance audits. - Implements IS and cyber security policies and takes measures against intrusion, frauds, attacks, or leaks. - Continues to build knowledge of the organization, processes, and customers. - Partners with Security Architecture on critical scope delivery. - Reviews security INC(s) to ensure proper processes have been followed and to identify additional IoA(s)/IoC(s). - Performs proactive threat hunting using hypothesis and telemetry from endpoints, identities, cloud, and network. - Serves as the security stakeholder for IR/MIM activities until Security Architecture and/or senior leadership can engage. Qualifications - Junior or Senior pursuing a Bachelor’s or Master’s degree in Computer Science, Engineering, Information Systems, Cybersecurity, or a related degree. - Experience in the security domain with exposure to tools such as CrowdStrike, ZScaler, Palo Alto, Mimecast, MS Defender is a plus. - Highly skilled and knowledgeable within the Microsoft environment and toolset. - Energetic and a quick learner. - Good communication skills with a positive attitude. - A willingness to learn new technology. - Experienced in incident response lifecycle and SLAs. - Any Security Certification is an added advantage. Requirements - Experience responding to security incidents in enterprise environments, with a deep understanding of the Incident Response cycle. - Deep understanding of Cybersecurity concepts, principles, and best practices. - Knowledge of Security frameworks and standards (e.g., NIST). - Comprehensive understanding of technical architectures including networking, application and system architecture, web technology, and common internet and ICS protocols. - Knowledge of Windows and MAC operating systems and their security features. - Understanding compliance requirements. - Experience with administrating or architecting solutions in: - Zscaler - CrowdStrike - Mimecast - Wiz - MS Defender - Emphasis on Identity, setting up and analyzing Conditional Access Policies. - Experienced operating as an administrator across security platforms and executing changes per the Security Architecture group's design. - Direct long-term tracking and analysis of Advanced Persistent Threat (APT) actors, including TTPs, infrastructure, and campaign evolution. - Guide the implementation of threat hunting methodologies using SIEM, EDR, and advanced telemetry. - Sponsor and oversee the use of statistical, spatial, and qualitative threat modeling. - Expert level understanding of standard risk classification schemes including CVSS. - Strong organization skills and effective communication on risk with experience presenting to an executive audience. - Mastery of cybersecurity core concepts & terminology, including the vulnerability management lifecycle. - Composure and clear thinking during high-pressure situations. - Capable of performing technical and business risk analysis on cybersecurity issues. - Ability to analyze problems, ask questions, and come up with potential solutions within the confines of our security standards. - Ability to work in multiple areas but track through issue resolution. Benefits - Health, vision, and dental insurance. - Flexible spending accounts. - Health savings accounts. - Retirement savings plans. - Life and disability insurance programs. - Paid and unpaid time away from work. - Competitive pay, which may vary depending on eligibility factors such as geographic location, date of hire, total hours worked, job type, business line, and applicability of collective bargaining agreements.

• Define reference architecture, technical standards, and reusable primitives for AI enablement services, the Security Operations Data Plane, and ecosystem integrations. • Establish standards for code quality, test-driven development, availability, and secure software engineering practices. • Engineer guardrails for AI-assisted and agentic workflows (bounded actions, least privilege, evidence logging, observability, auditability) and ensure secure-by-default configurations. • Ensure ingestion, transformation, schema discipline, enrichment, and analytics readiness are engineered for reliability, performance, and defensible operations. • When tooling operation is required, define integration contracts (APIs, schemas, telemetry, access controls), automate configuration, and ensure tooling adheres to ecosystem standards and monitoring. • Ensure platform services and operated tooling have runbooks, health signals, and repeatable remediation patterns. • Coach engineers, provide technical oversight, and serve as escalation point for complex design decisions and cross-product tradeoffs.

• Manage the security technology team. • Design and manage new construction, retrofit installs, and site upgrades regarding ACS, IDS, and VMS. • Create a companywide playbook to guide site leaders to ensure our people and assets are secure. • Design, configure and support enterprise-level access control, video management, and intrusion detection systems. • Coordinate system integrations between multiple security platforms and enterprise IT network environments. • Develop and maintain technical documentation and life-cycle management plans. • Act as a senior escalation point for complex technical issues, collaborating with internal teams and system integrators to resolve incidents. • Provide technical guidance and knowledge-sharing to project stakeholders. • Support planning, installation, and deployment of new systems, system migration, integrations, and upgrades. • Ensure systems performance aligns with governmental and organizational security policy requirements. • Participate in design reviews providing technical input for new construction, renovation, and upgrade projects. • Ensure all security-related technologies and system requirements are operable for proactive and reactive programming.