CYBER SECURITY IDENTITY MANAGEMENT / M365

JOB RESPONSIBILITES

Assist and support in the implementation of Information Security related projects

Provide system-level logs and details related to potential security investigations

Investigate Information Security related incidents as reported to the organization or identified with our security tools

Research the latest information security trends and recommend security enhancements to management

Ensure users understand and adhere to necessary procedures to maintain security

Assists in the development and periodic review of security procedures to ensure we are in compliance with Information Security defined policies

Ensures systems and software configurations comply with Information Security Requirements, Policies, and Standards

Assist in troubleshooting and solving a wide variety of security issues

Promote security awareness and provide training/communications to internal end-users

Administration of Office 365 platform of tools and applications

Manage, configure and setup security for company-wide Two Factor Authentication, Mobile Device Management, OneDrive, Anti-Virus, Microsoft Teams, and Intune

Develop and execute security controls, defenses, and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce, and web-based systems

Working with administration/management of the tool and working with outsourced Security Operation Center SOC

Ensure that security findings and issues are followed up on and closed out as needed

Incident Response Management

Manage Penetration Testing results, tracking and remediation with internal teams

e-Discovery knowledge leveraging O365 Tools

Research attempted or successful efforts to compromise systems security and designs countermeasures

Administer security policies to control physical and virtual access to systems. Focus on hardening internal processes

Provide information to management regarding the negative impact on the business caused by theft, destruction, alteration, or denial of access to information and systems

REQUIRED:

Knowledge of Microsoft M365 E3/E5 and Microsoft Advanced Security Suite of Tools, best practices

Must possess superior problem-solving skills, be action-oriented and decisive

Security threat hunting, managing alarms and events

Troubleshooting, isolating, and escalating security threats

Proven track record on working with other departments on security risks and mitigation

Knowledge of NIST 800-171 and CMMC L3 – Documentation / Process / Procedures

Understand, define, and apply industry security standards

Excellent written and verbal communication skills, as well as interpersonal skills including the ability to articulate to both technical and non-technical audiences.

Knowledge with KnowBe4 or other Security Awareness training tools and programs

Ability to manage technical projects in detail

Demonstrate analytical and problem-solving skills

Ability to document process, procedures, and technical diagrams

Knowledge of networking and technical knowledge and understanding of security concepts (e.g., Application, Web and Network Security, Identity and Access Management, Vulnerability Management, Encryption, security protocols)

Education and Experience:

BS/BA Degree in Information Security, Information Systems or Computer Science required

Minimum of 5 years of hands-on IT experience; 3 years of IT security experience

Security+ certification is a plus

Knowledge of Microsoft M365 E3/E5 and Microsoft Advanced Security Suite of Tools, best practices

Knowledge of NIST 800-171 and CMMC L3 – Documentation / Process / Procedures