Cyber Defense Security Administrator

We are looking for a Cyber Defense Security Administrator (Infrastructure & Network Security)Location: Hybrid - Midland, TX or Houston, TX Hire Type: Direct Hire (Full-time)Salary: $120k per annum + standard benefitsPurpose of PositionThe Security Administrator (Cyber Defense) provides hands-on cybersecurity protection and response capabilities for us. This position safeguards UL’s information assets by managing firewalls and network segmentation, overseeing vulnerability management across all systems, and leading response and recovery for cybersecurity incidents.Note:- We are seeking a hands-on Security Administrator with a focus on Cyber Defense. It should be someone with strong experience in on-prem infrastructure, network engineering, and firewall/segmentation design, ideally coming from a background in systems or network administration. This role focuses on practical security engineering—vulnerability remediation across servers and infrastructure, tuning and managing firewalls, strengthening network segmentation, deployment and operations of security tooling like EDR, SIEM, and IDS/IPS, and leading or driving incident response through detection, containment, and recovery. We are not looking for GRC or policy-focused candidates; we need someone who can immediately contribute to technical security operations in a small, highly collaborative team.Essential FunctionsSecurity Operations & Network Defense· Administer and tune next-generation firewalls, IDS/IPS, and segmentation policies.· Monitor and analyze alerts from SIEM, EDR, and firewall platforms.· Build and maintain dashboards and detection rules for local SOC visibility.· Perform packet-level and log analysis to identify malicious or anomalous activity.Vulnerability Management· Conduct regular vulnerability scans across servers, endpoints, and network infrastructure.· Interpret results, prioritize risk, and remediate or coordinate remediation.· Track remediation metrics and produce executive summaries of risk posture.· Apply configuration baselines and ensure patch management compliance.Incident Response & Recovery· Lead containment, eradication, and recovery during security incidents (e.g., ransomware, intrusion, data breach).· Maintain and execute incident response runbooks and evidence handling procedures.· Perform root-cause and post-incident analysis; recommend improvements.· Coordinate with central ISO and vendors for forensics or law-enforcement notifications.Security Engineering & Implementation· Implement and maintain security technologies such as MFA, enterprise EDR/XDR platforms, and vulnerability management systems.· Secure virtualization, network infrastructure, and server/storage systems.· Support zero-trust and micro-segmentation initiatives within on-prem and hybrid environments.· Collaborate on new system deployments to ensure secure design and compliance.Collaboration & AwarenessPartner with Infrastructure, Client Services, and Solutions Development teams to ensure consistent security practices.Provide technical input for user-awareness initiatives and IT security training.Participate in after-hours response during critical incidents or maintenance windows.Knowledge, Skills, and AbilitiesProficient in administering Windows and Linux systems, virtualization platforms, and enterprise network environments.Experience with vulnerability scanning tools, patch management platforms, and firewall configurations.Familiarity with cybersecurity frameworks and compliance standards such as NIST CSF.Capable of translating complex security issues into actionable tasks.Strong troubleshooting skills across multiple technology layers.Ability to work independently in a high-responsibility environment.Effective communicator with both technical and non-technical staff.This position requires the ability to maintain the security and integrity of our System Administration and its infrastructure.Required QualificationsBachelor’s degree in Information Technology, Cybersecurity, or a related field.Minimum of five (5) years’ experience in IT Operations with a strong security component.Each additional year of experience over the required minimum may substitute for one year of college (30 semester hours) on a year-for-year basis.Preferred QualificationsCertifications such as Security+, SSCP, CISSP, or equivalent. · Direct experience with firewalls, network segmentation, vulnerability management, and incident response.Hands-on experience with modern next-generation firewalls, enterprise vulnerability management platforms, and EDR/XDR solutions for endpoint and network defense.Familiarity with Microsoft Active Directory, Group Policy, and identity and access management best practices and administration.Experience supporting hybrid infrastructure environments (on-prem + cloud).Background in small team environments where multi-role flexibility is required.Working ConditionsWork is primarily performed in a standard office environment.Occasional after-hours and weekend support required.Limited travel may be necessary for projects or training.Hybrid work schedule available upon approval.