Acadia Healthcare’s purpose is to Lead Care With Light and our mission is to be a world-class organization that sets the standard for excellence in the treatment of mental health and addiction concerns. We strive to maintain our standing as a thought leader in the behavioral healthcare industry, providing treatment that is synonymous with compassion and innovation.

We are seeking a Cybersecurity Specialist - Email & Cloud Collaboration Security to join our team in Franklin, TN.  The first 90 days in this role will be fully in-person to ensure comprehensive onboarding and training. After the initial period, the position will transition to a hybrid model, with 2 days remote and 3 days in the office each week

The Cybersecurity Specialist – Email & Cloud Collaboration Security will play a critical role in protecting Acadia’s information assets, systems, and sensitive data by serving as the subject matter expert in enterprise email and cloud collaboration security, particularly within Microsoft 365 and other SaaS platforms. This role is responsible for designing, implementing, and optimizing advanced security controls across email, Teams, SharePoint, OneDrive, and other cloud collaboration tools while contributing to broader cybersecurity initiatives across networking, governance, and compliance. The Cybersecurity Specialist will partner with IT, IAM, compliance, and business teams to strengthen Acadia’s cloud security posture, reduce risks associated with email and cloud collaboration, and support the adoption of best practices in cybersecurity across the organization.

ESSENTIAL FUNCTIONS:

• Email & Cloud Collaboration Security Leadership: Serve as Acadia’s subject matter expert for email and cloud collaboration security, including Microsoft 365, Teams, SharePoint, OneDrive, and other SaaS platforms. Lead the design, implementation, and optimization of security controls to protect against phishing, business email compromise (BEC), data leakage, and other cloud-based threats. Provide strategic guidance and operational support to ensure secure configuration, monitoring, and incident response across cloud collaboration environments.
• Policy & Configuration Management: Develop, maintain, and enforce secure policies for email and cloud collaboration platforms, including encryption, data loss prevention (DLP), safe links/attachments, and secure sharing. Ensure systems are configured securely and aligned with best practices.
• Identity & Access Security: Collaborate with IAM teams to strengthen account protections across cloud platforms with multifactor authentication (MFA), conditional access policies, and privileged access management (PAM).
• Cloud Security Controls: Support security posture for Microsoft 365, Teams, SharePoint, OneDrive, and other SaaS applications. Integrate security monitoring, CASB/SSPM tools, and configuration baselines to protect cloud workloads.
• Network & Endpoint Security Integration: Work with infrastructure teams to ensure secure integration of cloud collaboration platforms with firewalls, secure web gateways, and endpoint detection and response (EDR) solutions.
• Data Protection & Compliance: Ensure cloud security controls align with HIPAA, 42 CFR Part 2, SOX, PCI, GDPR, and other regulatory requirements. Collaborate with the Data Protection & Risk Specialist to ensure DLP and insider risk measures are applied consistently.
• Continuous Improvement: Stay current with emerging cloud and collaboration threats, attack techniques, and security enhancements. Recommend and implement improvements to enhance resilience against advanced email and cloud-borne threats.
• Cross-Functional Collaboration: Engage with IT, IAM, compliance, and business units to align cloud and collaboration security initiatives with organizational priorities. Provide expertise during audits, assessments, and compliance reviews.

OTHER FUNCTIONS:

• Performs other tasks as assigned.

STANDARD EXPECTATIONS:

• Complies with organizational policies, procedures, and performance improvement initiatives while maintaining industry standards of confidentiality.
• Builds constructive and cooperative working relationships across teams.
• Fosters mutual trust, respect, and cooperation among colleagues.

EDUCATION/EXPERIENCE/SKILL REQUIREMENTS:

• Education: Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related field, or equivalent work experience.
• Experience: At least 4–6 years of cybersecurity experience, with 3+ years in Microsoft email, cloud, or collaboration security. Broader experience in governance, networking, and compliance preferred.
• Expertise: Deep knowledge of Microsoft 365 security ecosystem (Defender for Office 365, Purview, Intune, Azure AD Conditional Access) and cloud collaboration security concepts. Strong understanding of phishing, business email compromise (BEC), CASB, and SaaS security posture management.
• Communication: Ability to explain complex security threats and technical details to non-technical audiences.
• Project Management: Skilled in managing security projects, prioritizing tasks, and delivering solutions within scope and timeline.
• Compliance Knowledge: Strong understanding of healthcare regulations such as HIPAA and 42 CFR Part 2, and familiarity with security frameworks like NIST and ISO.
• Self-Motivation: Highly organized, detail-oriented, and proactive in addressing security challenges.
• Continuous Learning: Commitment to staying current on emerging cloud, collaboration, and email security threats and technologies.
• Language Skills: Proficient in English to provide and receive instructions and directions effectively.
• Soft Skills: Exceptional empathy, discretion, and communication skills to address the sensitivity of behavioral health data.

LICENSES/DESIGNATIONS/CERTIFICATIONS:

• Desired but not required: Microsoft Certified: Security Operations Analyst Associate, Microsoft Certified: Cybersecurity Architect Expert, CISSP, CISM, CISA, GIAC Email Security Professional (GWEB), HCISPP, or equivalent certifications.

SUPERVISORY REQUIREMENTS: This position is an Individual Contributor

While this job description is intended to be an accurate reflection of the requirements of the job, management reserves the right to add or remove duties from particular jobs when circumstances (e.g. emergencies, changes in workload, rush jobs or technological developments) dictate.