Adore Me

IT Operations & Security Specialist

Role Summary: As part of the IT Operations & Security team, this role requires, on one hand, knowledge of general computer management, maintenance, and troubleshooting; and on the other, knowledge about security software, Identity and Access Management (IAM) configuration and operation; and periodic audit & compliance activities.

This role

This role is two-fold: supporting users and devices, and providing security support for day-to-day operations.

To align with your company's structure and the specific needs of an IT Operations & Security Specialist, here is an extensive list of hard skills.

The focus is on execution, reliability, and fundamental understanding.

1. Identity & Access Management (IAM)

  • User lifecycle management: Ability to create, update, and deactivate accounts in Google Workspace, Microsoft Entra/O365, Slack, Atlassian, and internal e-commerce tools.
  • MFA: Support users in setting up Multi-Factor Authentication (security keys, TOTP apps), troubleshooting, and access recovery.
  • Permission mapping: Understanding the difference between "User", "Admin", and "Service Account" types of roles. Ensure that the principle of "least privilege" is enforced across all production and corporate environments.
  • Password hygiene: Using and managing enterprise password managers (e.g., 1Password) and enforcing strong credential policies.
  • Knowledge of SAML and/or OIDC protocols and how to integrate 3rd-party applications to enable Single Sign-On.

2. Device Management: Endpoint Management (MDMs) & Hardware

  • Hardware lifecycle management: acquisition, installation, troubleshooting, and decommissioning
  • OS Installation & Troubleshooting: Installing and configuring MacOS and Windows operating systems, and general troubleshooting
  • MDM Enrollment: Enrolling devices into MDMs (e.g., Jamf, Intune).
  • Remote troubleshooting: Ability to troubleshoot computer issues through remote management software such as TeamViewer or through conference calling software such as Google Meet, Microsoft Teams, or Zoom
  • Hardware diagnostics: Basic hardware testing (battery health, disk integrity, and memory issues) for laptops.
  • Peripheral support: Configuring office hardware like AV or video conferencing equipment or printers.

3. Network & Connectivity Fundamentals

  • Networking basics: Understanding the "Client-Server" model and how a browser communicates with a web server.
  • IP & Connectivity: Knowledge of IPv4, Subnets, and using tools like ping, traceroute, and speedtest to diagnose connectivity issues.
  • Client VPN: Configuring and troubleshooting VPN clients for secure remote access.
  • Office WiFi: Understanding the difference between 2.4GHz and 5GHz bands and managing basic Access Point tasks.

4. Security Posture & Compliance

  • Phishing identification: Ability to analyze email headers and URLs to identify phishing attack attempts.
  • Antimalware/EDR: Checking the status of security agents on endpoints and ensuring they are reporting correctly to the central management system.
  • Disk encryption: Verifying that FileVault (macOS) or BitLocker (Windows) is active and that recovery keys are being escrowed into their respective MDMs
  • Physical security: Managing office badge access systems and ensuring physical security hardware, such as security cameras and locks, are operational.
  • Security & Regulatory compliance: Execute recurring audit playbooks for, but not limited to: User Access Reviews, Security Settings for various applications.
  • Security Incident Response: Investigate low- to medium-severity security alerts (e.g., suspicious logins, malware flags) and perform/contribute to root-cause analysis (RCA).

5. Technical Literacy & Automation

  • CLI familiarity: Ability to use the Unix Shell (bash/zsh) and Microsoft PowerShell for basic tasks: navigating directories, checking system info, and running pre-written scripts.
  • SaaS Integration: Basic knowledge of how different tools talk to each other (e.g., how a SaaS application like Slack can get user information from Microsoft EntraID)
  • Ticketing Systems: Knowledge of Atlassian Jira, Atlassian Jira Service Management, or Zendesk to track, categorize, and document work history.

Core competencies:

  • Accountable for your continuous professional development: defines your own learning needs, monitors and improves your learning process; uses the company learning resources and proposes new ones as the computer and security landscape evolves;
  • Share own expertise with other colleagues, supports and mentors colleagues;
  • Abide by the confidentiality rules and procedures that exist within the organization
  • Analytical and problem-solving skills, with the ability to diagnose and resolve technical issues.
  • Excellent communication and interpersonal skills, with the ability to effectively collaborate with cross-functional teams and communicate technical concepts to non-technical stakeholders.
  • Ability to work independently, prioritize tasks, and manage multiple projects simultaneously.
  • Adaptability and flexibility to thrive in a fast-paced and constantly evolving IT environment.

Technical qualifications required:

  • Minimum 2 years of experience in a similar role.
  • Hands-on experience with MacOS and Windows operating systems, and ideally MDMs such as Jamf and Intune.
  • Experience with networking: wireless networks, switches, and an understanding of the TCP/IP network stack. A network-related certification is ideal but not required.
  • CompTIA Security+ or other internationally recognized cybersecurity certifications are ideal, but not required.
  • Understand the basics and have used various video conferencing systems (e.g., Zoom, Microsoft Teams, Google Meet).

%FOOTER_POWERED_BY%breezy