**This role will work fully on-site in Franklin, TN.**

Here's some of what you will be doing:

• Manage cybersecurity risk identification and mitigation across enterprise systems, networks, cloud, and web environments.
• Assess digital information risk using cybersecurity tools and methodologies; facilitate remediation and provide actionable recommendations to leadership.
• Review cloud toolsets to identify protection gaps and propose appropriate solutions, including cost estimates.
• Identify and implement opportunities for improved reporting, detection, and IR automation.
• Monitor on-premises and cloud environments using in-place tools, responding promptly to identified threats or anomalies.
• Identify opportunities to automate incident response to reduce time to remediation.
• Drive remediation efforts stemming from internal/external audits, assessments, or pen tests.
• Identify and recommend improvements to cybersecurity-related policies, procedures, playbooks and standards.
• Stay current on cybersecurity methodologies and technologies through certification or vendor-led training.
• Monitor and advise on cybersecurity threats and trends, recommending best defenses to reduce enterprise risk.
• Evaluate asset compliance with cybersecurity policies and make improvement recommendations.
• Serve as project lead for cybersecurity-specific initiatives.
• Collaborate with senior Technology Group staff to support strategic and tactical projects by offering security best practice guidance.
• Provide application support for both on-prem and cloud security technologies (e.g., EDR, DLP, SIEM, FIM, IDS/IPS, NGFW, CASB, IAM).
• Manage PCI compliance obligations and implement cybersecurity initiatives that safeguard operational integrity while meeting legal, regulatory, and Ministry standards.
• Analyze and recommend optimizations for security tools and systems, identifying needs that may lead to new projects.
• Partner with technology Team Members to enhance documentation and security-related processes.
• Respond to cybersecurity incidents and propose or implement mitigation strategies.
• Participate in on-call rotation as assigned.
• Lead investigations into suspicious or anomalous digital activity.
• Act as a cybersecurity subject matter expert, providing internal mentorship and risk-related training.
•  

Here's some experience we are seeking: 

• Bachelor’s degree in computer sciences, or equivalent experience. (IT Administration Support and Cybersecurity experience required)
• Certified Ethical Hacker, Incident Handling Certification, and formal information security education is desired.  SANS-GIAC, ISC2, ISACA or other similar credentials preferred.
• 3-5 years Cybersecurity or IT experience (emphasis of maintaining Technical Security Controls) with a proven ability to engage with Senior Management and regulators.
• Knowledge of relevant common information security management frameworks (e.g., ISO 27001, NIST CSF, PCI-DSS, CIS Benchmarks).
• Proven experience in the evaluation, planning g, and implementation of enterprise-wide Cybersecurity control programs/technologies. These can include but are not limited to: Data Loss Prevention, Security Event Management, Global Risk and Compliance Tools, Threat Intelligence, Vulnerability Management, Identity Access Management, Application Security, Computer IR/Forensics.
• Knowledge of technical infrastructure, networks, databases, and systems in relation to Cybersecurity and risk.
• Understanding security best practices in cloud environments such as AWS and Azure.
• Knowledge of cloud security and SIEM administration, Azure Security Center, and Azure Sentinel.
• Basic understanding of Kusto Query Language (KQL) a plus.
• Ability to successfully manage projects.
• Prior experience performing security reviews and risk assessments of applications, devices and vendors including the development of risk mitigations plans.
• Experience assessing and correcting cloud configuration a plus.
• Advise on security change requests through formal change control process.
• Experience with security operation center work which includes managing the priority and lifecycle of incidents and alerts.
• Possesses well developed soft skills in business and cybersecurity. In addition to strong written and verbal communication skills.
• Possesses proven and effective collaboration skills, with the ability to work effectively with others through conflicting pressures and priorities while resolving complex issues.
• Demonstrated ability to work independently; establishing and meeting performance/Ministry goals and perform responsibilities with minimum guidance (self-motivated and self-starter).
• Exhibits versatility and flexibility. Regularly adapts to change while maintaining a positive attitude and high productivity.

What can we offer you?

• Industry leading Medical, Dental & Vision coverage
• Short/long term disability and life insurance
• Robust 401K with company match
• Parental leave with Baby Bonding pay
• Generous PTO, holiday and sick pay
• Unique company culture that includes exclusive access to concerts, movie premieres, media industry events, and more
• Leadership and Career Development Programs including free access to LinkedIn Learning platform

Why work for Educational Media Foundation, K-LOVE/Air1?

Educational Media Foundation (EMF) is a nonprofit, multi-platform media company on a mission to draw people closer to Christ. Founded in 1982 in Santa Rosa, CA, with a single radio station, EMF today owns and operates the nation's two largest Christian music radio networks (K-LOVE and Air1) with over 1,000 broadcast signals across all 50 states and beyond, streaming audio reaching around the world, and a growing family of media ministries including podcasts, books, films, concerts, and events. EMF employs nearly 500 team members between its offices in Nashville, TN, Rocklin, CA, and field locations around the country. You can view our mission and values here Mission, Beliefs & Values. 

“As an Equal Opportunity Employer, EMF makes employment decisions based on merit and other legitimate reasons. The Company is committed to a diverse and inclusive work environment and the promotion of equal employment opportunities regardless of protected class, characteristic or status.  However, EMF is also a religious non-profit organization where all team members contribute to the Company’s mission of encouraging our audiences “to have a meaningful relationship with Christ.” Therefore, pursuant to the Civil Rights Act of 1964, Section 702 (42 U.S.C. 2000e I(a)), EMF has the right to hire only candidates who agree with the Company’s Statement of Faith.  Also, as a religious non-profit organization, the Company is not governed by the CA Fair Employment and Housing Act.”