Summary
The job description is for a 6-month remote Microsoft365 Security Consultant role that requires experience in Microsoft Azure and Office 365, specifically in configuring and ensuring initial and ongoing compliance with multiple suites of security benchmarks as per Industry standards. The candidate should have a Bachelor's degree in Computer Science or equivalent experience.
Requirements
- In-depth knowledge and experience with MS Azure and O365, specifically in configuring and ensuring initial and ongoing compliance with multiple suites of security benchmarks as per Industry standards
- Experience with Microsoft Azure AD, MS Azure technologies (e.g., Azure Resource Manager) and architecture; Office 365 product suite
- Knowledge of and experience implementing services based on industry standard security and control frameworks, e.g., CIS (Center for Internet Security); NIST CSF, 800-53; Azure Security Benchmarks (ASB)
- One or more Microsoft Azure certifications, e.g., AZ-900, AZ-500, SC-300, SC-400, SC-900
- In-depth understanding of and extensive experience with Windows, Linux, Windows security (NTFS), Active Directory, Linux security, TCP/IP, common networking services (e.g., DNS, DHCP, DFS, PKI), authentication, encryption, SSL/TLS, ciphers
- Experience with any of PowerShell, Terraform, bash, Ansible
- Experience with any of the following: CyberArk, Tenable, f5 APM, Kibana, Macintosh Operating Systems (MacOS), iptables
- Knowledge of CI/CD and DevSecOps tools
- Prior experience installing, configuring, monitoring, and administering several of the following: firewall policies, IDS, IPS, SIEMs, password vaulting systems, patch management systems, vulnerability scanners, web application firewalls, certificate management systems, key management systems, security detection and response, networking diagnostic/monitoring tools, and/or other security appliances and services
- Ability to establish effective professional business relationships throughout the organization
- Experience successfully managing multiple vendor and service provider relationships
- Bachelor's degree or equivalent experience in Computer Science
Responsibilities
- Assist projects securely implementing services and migrating data to Microsoft Office 365, and Azure
- Secure services following best practices such as CIS benchmarks, NIST CSF, and Microsoft CAF (Cloud Adoption Framework)
- Document status and decisions made during the processes
- Define program scope and problem statements
- Document current state for process and technologies currently being deployed to address security posture on the Azure platform
- Develop future state Azure Security framework
- Document roles and responsibilities
- Develop roadmap and business case including funding estimates
- Facilitate obtaining stakeholder consensus
- Create program charter
- Validate current controls and IT risk management
- Create 2-year Azure Security program roadmap
Preferred Qualifications
- Cybersecurity certifications such as CISSP, CISM, vendor certifications, etc
- 1 - 3 years overall experience in Public Key Infrastructure (PKI), Digital Certificates (user and device based), Secure Shell (SSH), Transport Layer Security (TLS), Hardware Security Modules (HSM), Key Management Lifecycle (Generation, Deployment and Revocation), Information / Digital Rights Management, Transparent Database Encryption (TDE), Storage and Messaging Encryption
- 2 - 3 years overall experience in IT infrastructure and networking administration
- 2 - 3 years overall experience in network and platform security
