Job Summary:

The IT Security Administrator II is responsible for running critical security scans, analyzing results, installing updates, and the overall general support and security of IT systems. Working in this role, you will gain valuable experience with cross-functional teams while making a meaningful impact on Supernus IT's ability to provide highly available and secure systems. The IT Security Administrator II will assist in detecting, investigating, and defending the IT environment against information security incidents. The incumbent will also assist in analyzing and promptly remediating any security breach or vulnerability issue identified and conduct user activity audits where required.

This role will assist in endpoint security, application security, cloud security, infrastructure security, security incident handling, risk assessment, security awareness communication, and training. You will be responsible for the day-to-day operations of collecting and analyzing data and assisting in eliminating risk, performance, and capacity issues. You will also assist in maintaining preventative security measures and evaluating new security technologies.

The IT Security Administrator II will assist in maintaining IT security controls documentation and security standards and need the ability to recognize any security gaps and assist in preparing a remediation action plan. Adhere to and enforce IT Security policies as well as track vulnerabilities and collaborate with internal IT teams to ensure the timely remediation of any vulnerabilities. This role will stay current on IT security trends, help develop company-wide best practices for IT security, research security enhancements and make recommendations to management.

Essential Duties & Responsibilities:

• Monitor the security tools implemented including but not limited to, CrowdStrike, Zscaler, Microsoft Defender, Microsoft Endpoint Manager, Tenable, Office 365, Azure AD, and computer log files, etc., to maintain situational awareness.
• Investigate security alerts received by the external SOC (Security Operations Center). The investigation will make use of all tools and log files possible and will determine if the alert is a false positive, a security event, an actual attack, and/or a security incident. The investigation will answer and report on the who, what, where, when, and how of the occurrence. The investigation will report on any actions taken to contain and/or remediate the situation and any recommendations for further action.
• Escalate any security incident (the confidentiality, integrity, or availability of any information or information asset that is negatively impacted) to the Senior Manager, IT Security, and Director of IT Operations.
• Investigate all reported suspicious emails and determine whether the email is malicious, non-malicious, or legitimate. The IT Security Administrator II will categorize and file the reported email to support tracking and reporting activities. Also replies to the user who reported the suspicious email with a message reporting the determination and any recommendations.
• Under the direction of the Senior Manager, IT Security, utilize the Supernus KnowBe4 application to deploy periodic IT Security Training to all users such as Security Awareness Training, Privacy Training, etc.
• Concentrated effort to keep software and hardware on up-to-date security levels and patches.
• Maintaining situational awareness and keeping current with cyber security news and threat actor Tactics, Techniques, and Procedures (TTPs).
• Researching, condensing, and reporting on security bulletins and publicly identified threats.
• Assist coworkers where necessary, including but not limited to onboarding, training, investigations, reports, etc.
• Supporting the development of new systems and modernization of legacy systems/applications that are in line with security requirements.
• Assists in performing technical assessments of information security incidents and provides necessary reporting and remediation actions.
• Adhere to and enforce security policies, procedures, and associated plans for system security administration and user system access based on industry-standard best practices.
• Research emerging products, services, protocols, and standards in support of security enhancement and development efforts.
• Collaborates with cross-functional teams to define, design, and deliver new and enhanced security measures that meet the needs of the company, clients, and end-users.

Supervisory Responsibilities:

• N/A

Knowledge & Other Qualifications:

• Bachelor's degree in Cyber/IT Security, Computer Science, Computer Engineering, or related field.
• 4+ years of IT security and system administration-related work experience or equivalency.
• Involved in the implementation of security software systems, applications, and related products.
• Software management best practices and troubleshooting experience.
• Working knowledge of policies, procedures, and protocols of a Security Operations Center.
• Demonstrated knowledge of applicable practices and laws relating to data privacy and protection.
• Basic knowledge of multiple security technologies such as SIEM, Intrusion Detection Systems, Endpoint security, Web Proxy/Content Filtering, Active Directory, PKI, Radius, Log Analysis, etc.

Other Characteristics:

• Attention to detail and ability to use your initiative.
• Ability to work independently and as part of a team and maintain high ethical standards of integrity and quality.
• Good analytical thinker who possesses problem-solving skills that can visualize solutions and is capable of an innovative and dynamic approach to work.
• Ability to understand business objectives and focus to deliver success.
• Customer-oriented with patience in assisting users and proactive in troubleshooting and problem resolution.
• Ability to quickly learn new or unfamiliar technology and products using documentation and internet resources, it is vital you keep up to speed with the latest in technical developments as the industry changes so fast.
• Dependable, reliable, and flexible, when necessary, with excellent time management skills.
• Maintain high ethical standards regarding data integrity and data security.
• Good communication skills being able to communicate via various methods including electronic, in person, or via telephone.
• Authorized to legally work in the United States without visa sponsorship.
• Ability to consistently exhibit Supernus Values in interactions with employees at all levels of the organization, vendors, and others.
• Capable of performing other duties and responsibilities as assigned or directed by Management.
• Authorized to legally work in the United States without visa sponsorship.

Physical Requirements/Work Environment/Travel Requirements:

• Candidate should be comfortable moving throughout a five-floor, connected two-building complex.
• Position may require prolonged sitting, standing, walking, reaching, twisting, turning, kneeling, and bending; the ability to push, pull, drag, and/or lift to 25 pounds; normal manual dexterity and hand/eye coordination; repetitive hand movement using a computer keyboard and mouse.
• Required to have close visual acuity to perform activities such as viewing a computer monitor and reading.
• The worker is not substantially exposed to adverse environmental conditions.

Supernus Pharmaceuticals is an Equal Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, age or any other characteristic protected by law.