The Security Consultant is responsible for leading the development of information security architecture and ensuring technology initiatives are implemented within the framework to make our client’s cloud environments more secure. The Security Consultant is accountable for securing enterprise information by identifying network and application security requirements, planning, implementing and testing security controls and procedures. The role of the Security Architect is to be customer facing and to play an active role in transforming our client’s Security through designing and implementing Security technologies on-premise and in the cloud.
Day-to-day, you will:
- Work closely with enterprise architects to identify and mitigate risks, perform security reviews, design top tier security practices, and deliver strategic, innovative cloud based security offerings.
- Propose, design, plan and execute strategic and tactical operational security objectives.
- Perform deep analysis and develop metrics that measure current risk
- Develop metrics that effectively evaluate and manage threats
- Identify appropriate technology/data sources and drive the collection of data necessary to effectively evaluate threats.
- Communicate threat intelligence and vulnerability management options
- Analyzing threats and current security controls to identify gaps in current defensive posture
- Meet with clients and leading workshops
The ideal candidate must have strong foundation across Microsoft technology stack and Azure security offerings and the ability to communicate security and risk-related concepts to key stakeholders along with experience with the following:
- Enterprise Mobility and Security Suite (EM+S), Advanced Threat Protection (ATP), Azure Information Protection (AIP) and Intune
- Azure Key Vault, Azure Security Center, OMS
- Identity and Access Management principals
- Architecture and security management
- Strong understanding of security best practices
- Securing network and enterprise cloud applications
- Privileged access management technologies
- Security frameworks, such as ISO/IEC 27001, NIST 800-53 or OWASP
- Creating security framework, SIRRP process and/or forensic handling methods
- Knowledge of host hardening, auditing, logging and monitoring, network security, SEIM deployments, security analytics, anomaly detection, PKI
- Market understanding of industry trends for cyber security, risk & threat intelligence, and governance
- Proven implementation of cloud security models, particularly identity, network, and encryption
- Demonstrated understanding of Microsoft security technologies and strategy
- Program management skills and solution support for security transformation/implementation programs
- Business case development skills for justifying, prioritizing & forecasting the funding requirements for security programs and initiatives
- Certifications: CISSP, CISM, Microsoft Mobility MCP Exam 98-368, or other relevant certifications (preferred)
To supplement the technical knowledge and project delivery experience, the successful candidate will come from a Consulting background with good customer facing skills, the ability to gather customer requirements and produce high quality written deliverable. As a consultant, you must be willing to travel to our client locations as needed.
You likely have a bachelor’s degree in computer science, computer engineering, management information systems, information technology, or a similar field. An equivalent combination of education and experience may substitute for a degree.