Security Specialist

The Security Specialist is responsible for protecting client and internal environments from cyber threats by monitoring systems, detecting vulnerabilities, managing security tools, and responding to incidents. You will play a key role in implementing and enforcing best security practices across multiple customer environments while supporting compliance requirements and driving awareness. 

Clients: Court houses, manufacturing, schools, health care, law firms, banks (multiple sites) 

Responsibilities Include: 

• Investigate alerts from SOC teams & security tools (EDR, SIEM, etc.) & respond as necessary. 

• Perform root cause analysis & develop incident reports & remediation plans 

• Act as lead for cybersecurity incident response events working alongside SOC, NOC, & legal teams 

• Manage & Deploy security tools (EDR, SIEM, vulnerability scanners, etc.) 

• Security tools included, but not limited to, CrowdStrike, SentinelOne, Huntress, ConnectSecure, ThreatLocker, Barracuda Email Security, Avanan, BlackKite, & Infima 

• Monitor server & workstation patching internally & for clients 

• Assist in designing and enforcing security policies, procedures, and standards based on best practices (NIST, CIS, etc.) 

• Perform risk assessments, vulnerability scans, and security audits for client environments 

• Support clients with compliance frameworks such as HIPAA, NIST, PCI-DSS, and CMMC. 

• Work with the service desk and project teams to implement secure configurations and access controls. 

• Educate end-users through phishing simulations and cybersecurity awareness campaigns. 

• Assist with client onboarding security evaluations and contribute to solution design. 

• Stay current on the threat landscape and emerging technologies; recommend improvements to security services and tools. 

• Create detailed SOP’s for alert troubleshooting processes 

• Review monthly/quarterly security reports for clients & provide recommendations on fixes/enhancements for findings out of compliance 

• Manage offshore proactive centralized services team (3 users) 

Requirements Include: 

• 3+ years of experience in cybersecurity or network security, preferably within an MSP or IT services firm. 

• Strong knowledge of security tools (e.g., CrowdStrike, SentinelOne, Huntress, ThreatLocker, Barracuda ESS, Avanan). 

• Familiarity with Microsoft 365 security features, Azure AD, Entra ID, and conditional access policies. 

• Familiarity with Microsoft server operating systems & Active Directory. 

• Understanding of firewalls, VPNs, DNS security, email filtering, and endpoint protection. 

Preferred: 

• Security certifications such as Security+, CISSP, or MS-500 

• Familiarity with scripting or automation 

• Experience with HIPAA, PCI, NIST, SOC 2, & CMMC compliance frameworks 

Benefits Include:  

• Unlimited growth opportunities. 

• Vehicle provided for offsite/client visits. 

• You will play an active role as part of an excellent team of encouraging and successful people. 

• Excellent work environment where you can meaningfully have an impact on the success of the company /clients. 

• We value each and every employee, along with their ideas and opinions. 

Compensation: 

Candidates can anticipate a starting hourly rate of $25.00 or higher, depending on experience and skills. This role is overtime qualified. 

CTS, a New Charter Technologies company, is committed to creating an inclusive environment and is proud to be an equal opportunity employer. CTS recruits, employs, trains, compensates, and promotes regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, veteran, or disability status.