Security Manager

IT Security Manager

Position Type: FTE

Location: Nashville, TN (3 days onsite)

Overview

We are seeking an IT Security Manager to lead security operations and ensure the effective delivery of critical security controls across a multi-site, hybrid IT environment. This role will serve as a strategic and operational leader, partnering with IT Operations, business teams, and external vendors to maintain secure, reliable systems. The ideal candidate will have deep expertise in Microsoft environments, security operations, risk management, and cross-team collaboration, while driving process improvements and operational excellence across the organization.

Responsibilities

• Lead day-to-day IT security operations, including management of the Security Operations Center (SOC) and incident response activities.
• Identify, assess, and mitigate risks to enterprise assets (endpoints, mobile, network, server, virtual environments).
• Maintain asset security and inventory; ensure compliance with corporate standards, policies, and regulatory requirements.
• Develop, review, and manage IT security policies, collaborating with compliance, IT Security Analysts, and other teams.
• Protect data at rest and in transit, ensuring network security in partnership with internal and external networking teams.
• Manage identity and access (IAM) processes, including onboarding/offboarding and best-practice enforcement.
• Review, design, and implement security architecture and controls across IT and clinical systems.
• Oversee configuration, operation, and maintenance of security systems, ensuring reliability, availability, and performance.
• Monitor KPIs, measure operational performance, and implement continuous improvement initiatives.
• Serve as primary contact for external penetration testing, coordinating annual tests and follow-ups.
• Manage vendor and partner relationships, including SLAs and contract negotiations.
• Lead security initiatives, perform research, proof-of-concepts, and testing to support organizational objectives.
• Troubleshoot and resolve technical issues across hardware, software, and network environments.
• Support IT projects and security deployments, collaborating with multiple departments.

Required Skills & Knowledge

• Expertise in Microsoft 365, Azure, Entra, Sentinel, Defender, and related security services.
• Experience with Meraki SD-WAN, Cisco ASA, and vulnerability/patch management tools.
• Strong knowledge of IAM concepts, Conditional Access policies, and authentication solutions (MFA, Authenticator).
• Familiarity with incident response frameworks, ITIL, and industry best practices.
• Proven ability to assess and mitigate IT risks, implement security measures, and ensure compliance.
• Strong leadership and team management skills; ability to mentor and motivate teams.
• Excellent problem-solving, analytical, and troubleshooting capabilities.
• Effective communication and relationship-building skills with technical and non-technical stakeholders.

Qualifications

• Education: Bachelor’s degree in Computer Science, Information Technology, or related field preferred. Equivalent experience may substitute.
• Certifications: CISSP, ITIL, PMP, or other relevant certifications highly desirable.

Experience:

• 3+ years in IT or security operations management.
• 5+ years in Microsoft Windows and Microsoft 365 environments.
• 2+ years with Azure, Entra, Purview, and Defender portals/dashboards.
• Experience with cloud, on-premises, and virtual computing; Active Directory, IAM, networking, SQL Server, Windows Server, endpoint management.
• Project management experience, Smartsheet preferred.

Additional Information

• Willingness to travel up to 20%
• Participation in on-call rotations and after-hours incident response may be required.

About the Role

This role is focused on creating a secure, reliable IT environment while driving operational excellence, continuous improvement, and cross-team collaboration.