Security Administrator in Cedar Rapids, Iowa at Kuvare
Explore Related Opportunities
Job Description
About Kuvare
Kuvare is on a mission to serve hardworking consumers overwhelmed by the complexities of retirement and is built from the ground up to do so. Our unified financial hub protects the retirement of everyday Americans and the distributors, carriers and investors that serve them. We create life insurance and annuity products that protect consumers’ retirements, and are simplified for distributor partners and financial professionals to sell and service.
Kuvare family of companies:
Retail Annuity and Life Insurance Solutions:
- United Life Insurance Company
- Guaranty Income Life Insurance Company
- Lincoln Benefit Life
Institutional Insurance:
- Kuvare Life Re
Bespoke Insurance Solutions:
- Ignite Partners
About the role
The Security Administrator is a hands-on technical role on the Information Security team, responsible for engineering, hardening, and operating security controls across a hybrid environment spanning Microsoft Azure, Microsoft Entra ID, Microsoft 365, and traditional infrastructure. This is not a policy-focused position. The ideal candidate is an accomplished Security Administrator who can walk into an existing complex environment, quickly understand the architecture, and immediately contribute to incident response, identity and access hardening, cloud security engineering, and vulnerability remediation.
Success in this role requires deep, current technical expertise in Information Security, Security Operations, Microsoft Ecosystem, a DevSecOps mindset, and fluency with automation and infrastructure-as-code / security-as-code practices. The organization operates in a highly regulated financial services environment, so the candidate must apply strong engineering discipline while meeting compliance obligations.
What you'll do
Security Operations & Incident Response
- Operate, tune, and build detections in Microsoft Sentinel (KQL for analytics rules, hunting queries, workbooks) and Microsoft Defender XDR to detect, investigate, and respond to threats.
- Design and automate response with SOAR playbooks (Logic Apps / Sentinel automation rules) to reduce mean time to respond.
- Lead and coordinate hands-on incident response for events such as data breaches, malware outbreaks, and identity compromises, including containment, eradication, and root-cause analysis across cloud and on-premises systems.
- Partner with Security and Risk leadership to translate policies and frameworks into enforceable, technically implemented controls.
- Develop, test, and validate disaster recovery and resilience strategies from a security perspective.
Access Management & Compliance
- Engineer and administer Microsoft Entra ID: Conditional Access, PIM, Privileged Access Groups, authentication methods, identity protection, and hybrid identity.
- Manage privileged access controls and conduct recurring, evidence-based access reviews across cloud and on-premises systems.
- Ensure technical controls map to financial industry regulatory and compliance requirements; produce audit-ready evidence and documentation.
- Coordinate with compliance officers on security-related regulatory requirements.
- Maintain asset inventory and system/component security documentation.
- Coordinate and oversee third-party penetration testing and remediate findings.
Security Infrastructure Management
- Administer and continuously improve security solutions across our hybrid environment.
- Harden PaaS/IaaS workloads and partners with engineering teams on secure-by-design cloud implementations (e.g., network segmentation, private endpoints, Key Vault, managed identities, RBAC).
- Conduct regular security assessments and vulnerability scans; drive remediation to closure.
- Perform periodic access and configuration reviews of enterprise systems.
- Build automation and infrastructure-as-code solutions (PowerShell, Python, Bicep/ARM/Terraform) to deploy controls consistently and reliably.
- Recommend and implement improvements, upgrades, and modernization of the security stack.
Leadership & Guidance
- Provide security architecture guidance for cloud and infrastructure initiatives.
- Mentor IT team members on security best practices and secure engineering patterns.
- Partner with network, application, and database teams to implement secure solutions.
Qualifications
- 7+ years of Information Technology experience, with at least 3 years focused on Cybersecurity
- Minimum of 4 years on Microsoft technologies in hands-on administration, engineering or operations capacity.
- Advanced cybersecurity certifications in good standing (e.g., CEH, OSCP, AZ-500, SC-300, SC-200, SC-100).
- Deep, hands-on knowledge of Microsoft services such as Defender (Cloud/Endpoint/XDR), Intune, Sentinel, and Entra ID, sufficient to operate and troubleshoot in a live environment on day one.
- Extensive experience operating hybrid cloud security architecture and controls.
- Strong background in security tooling administration, configuration, and tuning.
- Proven experience with endpoint security and modern device management (Intune).
- Advanced knowledge of network security concepts, including VPNs, firewalls, and SASE.
- Demonstrated experience leading security monitoring, incident response, and day-to-day security operations.
The pay range for this role is:
100,000 - 125,000 USD per year(Rosemont)