Security & Google Workspace Administrator (Remote, LATAM)
Remote - US
|Contract
Our client is a fast-growing health-tech organization operating in a regulated environment and handling sensitive patient data. Following a formal security assessment, they now need a hands-on Security & Google Workspace Administrator to implement, operate, and maintain security controls across Google Workspace and related systems.
This is a long-term, fully remote contract opportunity; candidates must be based in Latin America. Strong English communication skills (B2+ or higher) are required.
Responsibilities
This is a long-term, fully remote contract opportunity; candidates must be based in Latin America. Strong English communication skills (B2+ or higher) are required.
Responsibilities
- Administer Google Workspace & email security:
Enforce MFA and strong authentication, manage and harden admin roles and privileges, tune Drive sharing and external collaboration settings, and manage DMARC/SPF/DKIM and mail filtering policies for high-risk mailboxes. - User & access administration:
Handle day-to-day user lifecycle tasks (provisioning, changes, deprovisioning), group and OU management, access reviews, and permissions hygiene across Google Workspace and key SaaS tools. - Monitor & respond to security alerts:
Review, triage, and tune alerts from Google Security Center, email security tools, and related services, escalating issues as needed and helping to reduce noise through better configuration. - Maintain endpoint & device security baselines:
Work with IT and vendors to ensure baseline policies are enforced on laptops and workstations (EDR/AV, disk encryption, configuration management) and that devices stay compliant with agreed standards.
- Configuration hygiene, documentation & audit support:
Keep configurations, admin runbooks, change logs, and exception lists up to date. Provide technical evidence for audits and security reviews and ensure that implemented controls align with documented policies.
tracking.
- 5+ years in security engineering, systems administration, or SecOps with a strong focus on implementation and operations.
- Hands-on expertise with Google Workspace administration, including security, identity, and Drive/Docs/Sheets/Meet configuration and sharing policies.
- Solid experience with email security, security monitoring, and user access management across SaaS and endpoints.
- Experience automating or streamlining admin tasks using Google Apps Script, APIs, or similar scripting/automation tools (e.g., PowerShell, Python, or automation platforms).
- Experience working in regulated or sensitive environments, ideally healthcare / health-tech / PHI or similarly regulated sectors.
- Demonstrated ability to take a security roadmap or policy set and turn it into concrete, stable configurations and operating routines.
- Comfortable operating with a high degree of autonomy: propose practical solutions, improve existing configurations, and implement changes end-to-end.
- Experience building more advanced automation & workflows (Apps Script, APIs, automation platforms, SIEM integrations) around user lifecycle, access changes, security alerts, and periodic access reviews.
- Background in securing BYOD and mobile devices, including MDM or app-level protections, and supporting gateway protections and basic network segmentation.
- Experience strengthening backup, disaster recovery, and resilience for PHI and other critical datasets, including monitoring backups and participating in DR testing.
- Exposure to running or supporting phishing simulations, security awareness campaigns, and structured incident / exception tracking.
- Google Professional certifications.
- Security / Governance certifications such as CISSP, CISM, CCSP, HCISPP, Security+, or GIAC (GSEC, GCWN, GMON).
- You must maintain a secure, private workspace with reliable internet; a company-issued laptop and/or additional endpoint controls may be required.
- HIPAA and security/privacy training will be required before your start date.
- Completed background checks will be required if selected.