We are seeking a skilled MS365 Security Consultant to join our team and help design, implement, and manage Microsoft 365 security solutions. The consultant will be responsible for ensuring the security of our MS365 environment, including identity management, threat protection, data governance, and compliance. The ideal candidate will have hands-on experience with MS365 security tools and the ability to deliver tailored solutions to meet both business and regulatory requirements.
Key Responsibilities:
- Identity and Access Management (IAM):
- Configure and manage Azure Active Directory (Azure AD), Conditional Access, and Multi-Factor Authentication (MFA) to secure user identities.
- Implement Single Sign-On (SSO) and manage external and internal access.
- Threat Protection:
- Deploy and manage Microsoft Defender for Office 365 and Advanced Threat Protection (ATP) to protect against phishing, malware, and other advanced threats.
- Monitor and respond to security alerts and incidents using Microsoft 365 Defender and Azure Sentinel.
- Data Protection and Compliance:
- Implement Data Loss Prevention (DLP) policies to prevent unauthorized data sharing and leakage.
- Configure Azure Information Protection (AIP) and Microsoft Information Protection (MIP) to classify and protect sensitive data.
- Ensure the organization’s compliance with data privacy regulations (e.g., GDPR, HIPAA).
- Mobile Device Management (MDM) & Endpoint Security:
- Deploy and manage Microsoft Intune for mobile device management (MDM) and securing endpoints.
- Implement endpoint detection and response (EDR) solutions to monitor for and defend against device-based threats.
- Collaboration Security:
- Secure collaboration platforms like Microsoft Teams, SharePoint, and OneDrive by configuring permissions, encryption, and data retention policies.
- Manage security for external collaboration while safeguarding internal resources.
- Security Auditing and Monitoring:
- Perform security audits, risk assessments, and vulnerability management within the MS365 environment.
- Utilize Microsoft Cloud App Security (MCAS) and Microsoft 365 Security Center for continuous monitoring.
- Incident Response:
- Develop and execute incident response strategies, including identifying, mitigating, and resolving security breaches.
- Work closely with internal and external stakeholders to ensure rapid incident response and mitigation.
- Documentation and Reporting:
- Maintain thorough documentation of security policies, procedures, and configurations.
- Provide regular reports to stakeholders on security performance, vulnerabilities, and incidents.
Requirements:
- Bachelor’s degree in Information Technology, Computer Science, or a related field.
- 5+ years of experience in IT security, with a focus on Microsoft 365 security solutions.
- Proficiency in Microsoft 365 Security & Compliance Center, Azure AD, Microsoft Defender, and Intune.
- Strong knowledge of Microsoft security technologies including MFA, SSO, Conditional Access, and Advanced Threat Protection (ATP).
- Experience with Azure Sentinel, SIEM, and incident response practices.
- Strong understanding of data privacy regulations (GDPR, HIPAA, etc.).
- Hands-on experience with PowerShell scripting for automation and security policy enforcement.
- Microsoft certifications preferred (e.g., Microsoft 365 Certified: Security Administrator Associate, Azure Security Engineer Associate).
Skills
Preferred Qualifications:
- Familiarity with Zero Trust Security frameworks.
- Experience in securing cloud environments and integrating third-party security tools.
- Strong analytical, communication, and problem-solving skills.
- Ability to work both independently and in a team-oriented environment.