Security Consultant

• Experience in analyzing and creating remediation strategies for vulnerability management programs, security architecture reviews, and cloud security reviews in a Managed Security Services Model.
• Experience in Advanced Microsoft Cloud Security Implementation and Consulting.
• Implement and maintain security solutions, tools, and IT Policies and standards.
• Experience in deploying and troubleshooting Microsoft Sentinel, and Azure Lighthouse.
• Experience in Deploying and managing SIEM, SOAR, and Threat Intelligence platforms.
• Experience in EDR solutions like Microsoft Defender for Endpoint, CrowdStrike Falcon, CarbonBlack, SentinelOne, etc.
• Experience in all Microsoft 365 security solutions, such as Microsoft Defender for Office 365, Defender for Identity, Defender for Endpoint, Defender for Cloud, Defender for IoT, Defender for XDR, etc.
• Experience with major Identity Providers and related security solutions, such as Microsoft Entra ID, Identity Protection, Active Directory, and Defender for Identity.
• Demonstratable knowledge in Microsoft and other vendor-based licensing.
• Experience in deploying and troubleshooting vulnerability scanning tools like Qualys, Rapid7, Nessus, etc.
• Experience in System and Network Security Hardening and best practices.
• Experience in Policy and Device Management solutions like MEM, Intune, Azure Arc, and GPO.
• Experience with Azure DevOps.
• Advanced knowledge of Kusto Query Language (KQL). Splunk Processing Language (SPL) knowledge is good to have.
• Experience in Scripting languages like AZCLI, PowerShell, and Python.
• Experience in Power Automate and Logic Apps.
• Good to have non-Microsoft Cloud Security knowledge like GCP, AWS, etc.
• Experience conducting Security Awareness Campaigns using tools like Knowbe4.
• Experience in public speaking, building client relationships, security report analysis, and delivery.
• Experience in handling highly technical, project-based, and process-driven questions from customers.
• Experience in data analysis, logging, fine-tuning, and cost-reduction solutions.
• Experience developing and improving security tools onboarding and validation process.
• Experience analyzing network topologies, security architectures, security solutions, tools, and IT Policies and standards to find gaps between in-place programs and industry best practices.
• Knowledge of Authentication and Authorization mechanisms, Identity Access Management, and user provisioning best practices.
• Familiarity with industry standards such as PCI DSS, NY DFS, HIPAA\HiTech\HiTrust, DFARS, NIST SP-800 series, CIS Critical Security Controls, OWASP.
• Takes ownership of the project, tasks, and client deliverables.

Requirements

• Proven collaborator.
• Ability to prioritize effectively and handle shifting priorities professionally.
• Exemplary written and verbal communication skills.
• Produce and review reports to support project deliverables.
• Ongoing training and professional certifications are part of the job requirements.
• Create clearly stated remediation recommendations based on industry best practices.
• Successfully interface with clients, both internally and externally.
• Document and explain technical details in a concise and clear manner.
• Manage personal schedule and project tasks.
• Provide weekly time accounting and monthly expense reports.
• Be a member of the ProArch Global Cybersecurity Consulting Team.
• Travel within upstate NY and occasionally out of state, as required.

Benefits

• 401k with Company match
• 14 days Paid Time Off
• Term Life Insurance
• Health Savings Account
• Short-Term and Long-Term Disability coverage