Microsoft 365 Security Professional

Cloud Security Services is currently looking for an experienced Microsoft365 security consultant for our client. Our client requires an experienced consultant with experience in Micsrosoft365 security with excellent project management and communications skills to support the continuous enhancements of their security posture on the Microsoft365 paltform. This is a 6-month remote project that may require some onsite travel.

Responsibilities:

The Microsoft365 Security Consultant secures Company enterprise information, provides leadership in developing and applying security controls, and in reporting upon control effectiveness through integrated metrics.

The person in this role will be a subject matter expert providing technical security expertise, guidance, and implementation assistance to multiple internal teams. The person will also act as a technical liaison for external security service providers. The role provides opportunities to evaluate, plan, test, implement, and maintain security systems and controls; and to create and enforce security standards and procedures as they related to the Microsoft365 platform.

Primary

• Assist projects securely implementing services and migrating data to Microsoft Office 365, and Azure.
• Secure services following best practices such as CIS benchmarks, NIST CSF, and Microsoft CAF (Cloud Adoption Framework).
• Document status and decisions made during the processes.
• Define program scope and problem statements
• Document current state for process and technologies currently being deployed to address security posture on the Azure platform.
• Develop future state Azure Security framework
• Document roles and responsibilities
• Develop roadmap and business case including funding estimates
• Facilitate obtaining stakeholder consensus
• Validate current controls and IT risk management
• Create 2-year Azure Security program roadmap

Required Skills:

The role requires in-depth knowledge and experience with MS Azure and O365, specifically in configuring and ensuring initial and ongoing compliance with multiple suites of security benchmarks as per Industry standards

• Experience with Microsoft Azure AD, MS Azure technologies (e.g., Azure Resource Manager) and architecture; Office 365 product suite.
• Knowledge of and experience implementing services based on industry standard security and control frameworks, e.g., CIS (Center for Internet Security); NIST CSF, 800-53; Azure Security Benchmarks (ASB).
• One or more Microsoft Azure certifications, e.g., AZ-900, AZ-500, SC-300, SC-400, SC-900
• In-depth understanding of and extensive experience with Windows, Linux, Windows security (NTFS), Active Directory, Linux security, TCP/IP, common networking services (e.g., DNS, DHCP, DFS, PKI),
• Experience with any of PowerShell, Terraform, bash, Ansible.
• Experience with any of the following: CyberArk, Tenable, f5 APM, Kibana, Macintosh Operating Systems (MacOS), iptables.
• Knowledge of CI/CD and DevSecOps tools

Candidate should have prior experience installing, configuring, monitoring, and administering several of the following: firewall policies, IDS, IPS, SIEMs, password vaulting systems, patch management systems, vulnerability scanners, web application firewalls, certificate management systems, key management systems, security detection and response, networking diagnostic/monitoring tools, and/or other security appliances and services

Ability to establish effective professional business relationships throughout the organization

Experience successfully managing multiple vendor and service provider relationships

Preferred Skills:

• Cybersecurity certifications such as CISSP, CISM, vendor certifications, etc.
• 1 - 3 years overall experience in Public Key Infrastructure (PKI), Digital Certificates (user and device based), Secure Shell (SSH), Transport Layer Security (TLS), Hardware Security Modules (HSM), Key Management Lifecycle (Generation, Deployment and Revocation), Information / Digital Rights Management, Transparent Database Encryption (TDE), Storage and Messaging Encryption
• 2 - 3 years overall experience in IT infrastructure and networking administration
• 2 - 3 years overall experience in network and platform security

Required Education:

• Bachelor's degree or equivalent experience in Computer Science

EEO Statement:

Cloud Security Services is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, marital status, national origin, genetics, disability, age, or veteran status.