Sr. Project Consultant - Security
Arctiq · Nashville, TN · 2 mo ago
Information TechnologyFull-time
Responsibilities
- Microsoft Entra ID & Identity Security (Primary)
- Entra ID tenant architecture, configuration, and security hardening
- Conditional Access design (baseline + phased rollout), including device, location, and risk-based controls
- MFA strategies (number matching, passwordless, and phishing-resistant MFA) and rollout planning
- Identity Protection policies (user/sign-in risk) and investigation workflows
- Privileged Identity Management (PIM) for roles and privileged users; least privilege implementation
- Identity governance concepts (access reviews, entitlement management concepts, lifecycle controls)
- Hybrid identity integration using Entra Connect or Cloud Sync; legacy auth remediation (basic auth/legacy protocols)
- Microsoft 365 Security & Compliance
- Defender XDR: Defender for Endpoint, Defender for Office 365, Defender for Identity, Defender for Cloud Apps
- Email security: anti-phishing, impersonation protection, Safe Links/Safe Attachments, quarantine policies, mail flow
- Endpoint hardening: security baselines, ASR rules, device control, web protection
- Microsoft Purview: sensitivity labels, DLP, retention, audit, and compliance reporting
- Security posture management: Secure Score improvement planning and executive reporting
- Third-Party Security Migration Experience (Required)
- Plan and execute migrations from third-party EDR and email security platforms to Microsoft security controls
- EDR examples: Carbon Black, CrowdStrike, and similar tools (policy translation, onboarding/offboarding, tuning)
- Email security examples: Mimecast, Postini, Proofpoint or similar (policy mapping, connectors, cutover, decommission)
- Feature mapping and coexistence planning; build cutover/runback plans and post-migration stabilization
- Hybrid & On-Prem Security (Supporting)
- Active Directory security assessments, remediation, and hardening; privileged access models
- Defender for Identity sensor deployment and tuning; audit and logging improvements
- Bachelor’s degree (or equivalent experience) in Computer Science, Engineering, or a related technical field
- 6–10 years of experience delivering Microsoft identity, security, and modernization solutions (hybrid and cloud).
- Proven experience with:
- Entra ID security architecture, Conditional Access, MFA/passwordless, PIM
- Microsoft Defender XDR (Endpoint, Office 365, Identity, Cloud Apps) deployments and tuning
- Microsoft Purview fundamentals (labels, DLP, retention) and governance concepts
- Security migrations from third-party EDR/email security tools (e.g., Carbon Black, CrowdStrike, Mimecast, Postini)
- Hybrid identity integration (AD DS ↔ Entra ID) and legacy authentication remediation
- Microsoft Entra ID (Azure AD) Security & Identity Protection
- Zero Trust Access (MFA, Conditional Access, Passwordless, PIM)
- Hybrid Identity & Legacy Security Modernization (AD DS ↔ Entra ID)
- Third-Party Security Migrations (e.g., Carbon Black, CrowdStrike, Mimecast, Postini, Okta) to Microsoft
- Microsoft 365 Security (Defender XDR, Purview) and Email/Collaboration Protection
- Microsoft Certifications (any combination preferred): Microsoft Cybersecurity Architect, Microsoft Certified: Azure Solutions Architect Expert, Microsoft 365 Certified: Enterprise Administrator Expert, Microsoft Certified: Azure Security Engineer Associate
- Relevant Exams: SC-100, SC‑300, AZ‑104, AZ‑305, AZ‑700, AZ‑500
- Equal Opportunity Employer
Qualifications
Benefits
Pay
TBD
Schedule
Remote work with occasional onsite travel