A Senior Security Consultant is a client-focused position that works with ProArch customers to maintain a comprehensive security program. Senior Security Consultants will leverage ProArch’s security tools to detect and prevent cyber threats to ProArch’s customers. This role is primarily focused on Data Security, governance, protection, and compliance, leveraging Microsoft Purview and related Microsoft 365 security tools. Secondary focus includes securing cloud workloads in Azure environments. Responsibilities include design, advisement, implementation, and configuration management. The Senior Security Consultant will be part of a select group of industry recognized experts who work on unique security solutions associated with next generation technologies and emerging security threats. Ongoing training and professional certifications are part of the job requirements.Lead comprehensive security assessments to identify vulnerabilities and recommend actionable remediation strategies across client environments.
Job Responsibilities
- Data Security:
- Lead workshops and assessments to identify gaps in data governance
- Design and implement scalable Microsoft Purview architectures tailored to client needs.
- Provide strategic recommendations for improving data lifecycle management.
- Collaborate with GTM and leadership to evolve service offerings around Purview.
- Leadership and Engagement:
- Provide mentorship and leadership to senior cybersecurity resources, fostering their development and guiding strategic projects.
- Work closely with cross-functional teams to ensure alignment of cybersecurity initiatives with overall business objectives.
- Ensure day-to-day operations of Security Consulting team are handled smoothly, issues are addressed; escalate issues deemed appropriate
- Consulting, Advising, and Client Engagement:
- Act as a trusted adviser to clients and internal teams, offering strategic guidance to address specific security challenges and objectives.
- Lead consultative engagements, including requirements gathering, security workshops, assessments, and proofs-of-concept.
- Work closely with strategic clients to enhance solution adoption, ensuring solutions align with their needs and maximizing client satisfaction.
- Overcoming Obstacles and Driving Successful Delivery:
- Identify obstacles and potential issues in security solution delivery, proactively addressing these challenges with management.
- Ensure smooth project execution and client satisfaction through effective leadership and problem-solving.
- Develop and implement best practices and methodologies to ensure the successful delivery of cybersecurity solutions.
- Design and implement robust security frameworks tailored to clients’ needs, incorporating industry best practices and compliance requirements.
- Provide expert-level consultation on Advanced Microsoft Cloud Security, including deployment and management of security tools and solutions.
- Oversee the deployment and troubleshooting of security platforms, including SIEM, SOAR, and Threat Intelligence tools.
- Develop and maintain security policies, standards, and procedures in line with regulatory and compliance frameworks.
- Mentor junior security consultants and contribute to their professional development and expertise in security practices.
- Serve as a trusted advisor, building long-term relationships with clients to enhance their security postures.
- Conduct security awareness training and awareness campaigns to educate clients and their employees on security best practices.
- Stay updated with the latest trends in cybersecurity and adjust strategies accordingly to mitigate emerging threats.
- Collaborate with cross-functional teams to ensure a holistic security approach across all technology platforms.
TECHNICAL SKILLS:
Candidate should have a minimum of 5 years of experience in cybersecurity with additional background in Security Consulting. To be successful, this position will require the candidate to have expertise in the following areas:
- Microsoft Security and Compliance including:
- Microsoft Purview, IRM, DLP, Insider Risk
- Defender for Endpoint
- Defender for Office 365
- Defender for Identity
- Defender for Cloud Apps
- Defender for Cloud
- Defender XDR
- Defender for IoT
- Entra ID Identity Protection
- Entra ID & Intune
- Microsoft Sentinel
- Experience with Microsoft Compliance Manager and Microsoft Priva.
- Familiarity with regulatory compliance mapping using Microsoft tools.
- Experience with Microsoft Graph API for data governance automation.
- Familiarity with Security Information and Event Management (SIEM) systems, particularly Microsoft Sentinel and Extended Detection & Response (XDR) solutions, such as Microsoft Defender XDR.
- Familiarity of how SOAR (Security Orchestration and Automated Response) works and ability to provide workflows which can be used for automating SOC responses.
- Incident Handling, take technical investigation ownership of incidents and coordinate response efforts.
- Industry knowledge and experience in Managed Detection and Response (MDR) technologies.
- Experience of CrowdStrike Endpoint, Identity, Next-Gen SIEM is highly desirable.
- Vulnerability Management tools, such as Qualys.
- Security Awareness Training using tools such as KnowBe4.
- Experience in analyzing and creating remediation strategies for vulnerability management programs, security architecture reviews, cloud security reviews in a Managed Security Services Model.
- Experience in Advanced Microsoft Cloud Security Implementation and Consulting.
- Implement and maintain security solutions, tools, and IT Policies and standards.
- Experience with major Identity Provider and related security solutions, such as Microsoft Entra ID, Identity Protection, Active Directory, Defender for Identity.
- Demonstratable knowledge in Microsoft and other vendor-based licensing.
- Experience in Policy and Device Management solution like MEM, Intune, Azure Arc, GPO.
- Experience with Azure DevOps is desirable.
- Advanced knowledge of Kusto Query Language (KQL). Splunk Processing Language (SPL) knowledge is a good to have.
- Experience in Scripting languages like AZCLI, PowerShell and Python.
- Experience in Power Automate and Logic Apps.
- Good to have non-Microsoft Cloud Security knowledge like GCP, AWS, etc.
- Experience in public speaking, building client relationships, security report analysis and delivery.
- Experience in handling highly technical, project based, and process driven questions from customers.
- Experience in data analysis, logging, fine-tuning and cost reduction solutions.
- Experience developing and improving security tools onboarding and validation process.
- Experience analyzing network topologies, security architectures, security solutions, tools, and IT Policies and standards to find gaps between in-place programs and industry best practices.
- Knowledge of Authentication and Authorization mechanisms, Identity Access Management, user provisioning best practices.
- Takes ownership of the project, tasks, and client deliverables.
REQUIREMENTS
This position requires that the applicant be a professional leader. ProArch is looking for a candidate who can fulfill the following:
- Outstanding Written, Verbal, Technical, Non-Technical, communication & presentation skills.
- Self-directed with the ability to prioritize and handle multiple tasks concurrently, and of high quality.
- Proven collaborator. Experience in mentoring and guiding a highly technical team.
- Eager learner continually improving skill sets, earning certifications, and gaining industry knowledge.
- Skilled in leading a conversation with client to drive security strategy and program improvement.
- Exceptional analytical skills.
- A well understood English dialect is a must.
- Ability to prioritize effectively and handle shifting priorities professionally.
- Produce and review reports to support project deliverables.
- Ongoing training and professional certifications are part of the job requirements.
- Create clearly stated remediation recommendations based on industry best practice.
- Successfully interface with clients, both internally and externally.
- Document and explain technical details in concise and clear manner.
- Manage personal schedule and project tasks.
- Provide weekly time accounting and monthly expense reports.
- Travel within upstate NY and occasionally out of state, as required.
EDUCATION AND CERTIFICATION
- BS or MS in Computer Science / Engineering or significant demonstratable experience in Microsoft Cloud Security.
- Must have the following Certifications. If not held at time of hire, must be attained within 12 months after hire.
Linked-in
Google