Lantana Consulting Group · 6 hours ago
IT Security Administrator
United States
Full-time
Remote
Senior Level, Lead/Staff
$90K/yr - $110K/yr
9+ years expLantana Consulting Group is a leader in health-information exchange services and software, dedicated to improving public health and quality of care. The IT Security Administrator will develop, implement, and manage the company's IT security program, ensuring systems, data, and networks are protected from emerging threats while complying with security and privacy requirements.
ConsultingInformation TechnologySoftware
No H1B
Security Clearance RequiredU.S. Citizen Only
Responsibilities
Perform internal audits, conduct vulnerability and penetration testing, and ensure that security controls are fully implemented and continuously monitored
Lead the definition, implementation, and ongoing governance of security architecture for internal IT and designated projects, programs, and products
Leverage the Unified Architecture Framework (UAF) to embed security considerations across the enterprise by identifying security assets, evaluating risks, and applying appropriate security controls throughout system lifecycles
Assess the organization’s current security posture, design and refine architecture-level mitigations, and establish sustainable processes for monitoring, incident response, and audit readiness
Act as both a strategist and a hands-on technologist; manage security tools, conduct internal assessments, and collaborate with system and network teams to integrate security as a cross-cutting concern across all operational and technical domains
Provide the leadership, expertise, and accountability necessary to ensure resilient, compliant, and well-architected security across enterprise systems
Collaborate with the IT infrastructure and DevOps teams to maintain secure configurations and compliance with security and privacy requirements
Communicate clearly with leadership, report on risk and readiness, and develop practical security roadmaps that keep pace with evolving threats
Apply NIST 800-53, FedRAMP Moderate, and CMMC 2.0 control requirements to Cloud and on-premises environments through documented policies, procedures, and technical safeguards
Maintain HIPAA-compliant configurations for systems handling ePHI, including access controls, encryption, and audit logging within Microsoft 365 and other regulated platforms
Support security assessments, evidence collection, and control audits across multiple frameworks to contribute to compliance reporting, continuous monitoring, and certification-readiness efforts
Implement, configure, and maintain controls for intrusion detection and prevention within the Microsoft 365 security ecosystem, including Defender ATP, Sentinel, and integration with network IDS/IPS tools where applicable
Assess complex security challenges, evaluate alternatives, and develop effective, compliant solutions across diverse technical environments
Support zero-trust architecture initiatives through authentication hardening, network segmentation, and endpoint control
Collaborate with DevOps and application teams to integrate security automation and continuous monitoring into CI/CD pipelines
Conduct periodic reviews of encryption and key management practices to adhere to policy and evolving best practices
Qualification
Required
Bachelor's degree in Information Technology, Computer Science, Cybersecurity, or a related field with at least nine (9) years of progressive work experience; or equivalent combination of education and experience
Minimum of three (3) years of experience in IT security administration or engineering
Strong understanding of NIST 800-53R5/171R3, FedRAMP Moderate, HIPAA, and overarching governance frameworks such as the NIST Cybersecurity Framework (CSF) and CMMC 2.0; and how these models align and reinforce one another across enterprise security programs
Proven ability to translate policies and standards into actionable technical tasks and measurable outcomes
Demonstrated ability to own and mature an organization's IT security capability
Experience with Microsoft Defender ATP, Intune, and Purview, including alert management and tuning
Solid understanding of Cloud and endpoint security tools such as Grafana and/or Splunk
Experience conducting internal security audits and preparing for external compliance reviews
Strong understanding of network security principles, including firewalls, VPNs, and access control
Exceptional communication skills, including the ability to clearly articulate security risks, requirements, and architectural decisions; and document processes, shepherd approvals, and escalate issues or risks in a timely and effective manner
Strong analytical and problem-solving abilities
Familiarity with automation scripting in PowerShell or Python for audit and monitoring tasks
Must be able to obtain and maintain a Public Trust Level 5 clearance
Preferred
Demonstrated progression from technical roles (System or Network Administrator) to security-focused responsibilities
Experience supporting security operations in federal or healthcare IT environments
Certifications such as CompTIA Security+, CISSP, or Certified Ethical Hacker (CEH)
Experience with Azure tools for security configuration and Cloud compliance
Proven success leading incident response efforts or managing security incidents
Familiarity with OWASP (Open Worldwide Application Security Project) testing methodologies or tools (e.g., ZAP, Burp Suite)
Experience developing and maintaining system security plans (SSPs) and Plan of Action and Milestones (POA&Ms)
Strong understanding of security protocols and underlying encryption algorithms such as TLS/SSL, SSH, IPSec, S/MIME, and HTTPS
Company
Lantana Consulting Group
Lantana Consulting Group provides software and services for hospitals, insurance provides and government agencies.
51-200 employees
Funding
Current Stage
Growth StageLeadership Team
Courtney Panaia-Rodi
Chief Executive Officer
Wendy Wise, MPH, PMP
Chief Operating Officer
Recent News
2023-07-31
Company data provided by crunchbase