Security Consultant

A Security Consultant is a client-focused position that works with ProArch customers to maintain a comprehensive security program. Security Consultants will leverage ProArch’s security tools to detect and prevent cyber threats to ProArch’s customers.  Additionally, responsibilities include implementation, monitoring security controls, and incident response.  The Security Consultant will be part of a select group of industry recognized experts who work on unique security solutions associated with next generation technologies and emerging security threats. Ongoing training and professional certifications are part of the job requirements.

Your skills are:

• Experience in analyzing and creating remediation strategies for vulnerability management programs, security architecture reviews, cloud security reviews in a Managed Security Services Model.
• Experience in Advanced Microsoft Cloud Security Implementation and Consulting.
• Implement and maintain security solutions, tools, and IT Policies and standards.
• Experience in deploying and troubleshooting Microsoft Sentinel, Azure Lighthouse.
• Experience in Deploying and managing SIEM, SOAR and Threat Intelligence platforms.
• Experience in EDR solutions like Microsoft Defender for Endpoint, CrowdStrike Falcon, CarbonBlack, SentinelOne, etc.
• Experience in all Microsoft 365 security solutions, such as Microsoft Defender for Office 365, Defender for Identity, Defender for Endpoint, Defender for Cloud, Defender for IoT, Defender for XDR, etc.
• Experience with major Identity Provider and related security solutions, such as Microsoft Entra ID, Identity Protection, Active Directory, Defender for Identity.
• Demonstratable knowledge in Microsoft and other vendor-based licensing.
• Experience in deploying and troubleshooting vulnerability scanning tools like Qualys, Rapid7, Nessus, etc.
• Experience in System and Network Security Hardening and best practices.
• Experience in Policy and Device Management solution like MEM, Intune, Azure Arc, GPO.
• Experience with Azure DevOps.
• Advanced knowledge of Kusto Query Language (KQL). Splunk Processing Language (SPL) knowledge is a good to have.
• Experience in Scripting languages like AZCLI, PowerShell and Python.
• Experience in Power Automate and Logic Apps.
• Good to have non-Microsoft Cloud Security knowledge like GCP, AWS, etc.
• Experience conducting Security Awareness Campaigns using tools like Knowbe4.
• Experience in public speaking, building client relationships, security report analysis and delivery.
• Experience in handling highly technical, project based, and process driven questions from customers.
• Experience in data analysis, logging, fine-tuning and cost reduction solutions.
• Experience developing and improving security tools onboarding and validation process.
• Experience analyzing network topologies, security architectures, security solutions, tools, and IT Policies and standards to find gaps between in-place programs and industry best practices.
• Knowledge of Authentication and Authorization mechanisms, Identity Access Management, user provisioning best practices.
• Familiarity with industry standards such as PCI DSS, NY DFS, HIPAA\HiTech\HiTrust, DFARS, NIST SP-800 series, CIS Critical Security Controls, OWASP.
• Takes ownership of the project, tasks, and client deliverables.

Requirements

• Proven collaborator.
• Ability to prioritize effectively and handle shifting priorities professionally.
• Exemplary written and verbal communication skills.
• Produce and review reports to support project deliverables.
• Working in Agile environment.
• Ongoing training and professional certifications are part of the job requirements.
• Create clearly stated remediation recommendations based on industry best practice.
• Successfully interface with clients, both internally and externally.
• Document and explain technical details in concise and clear manner.
• Manage personal schedule and project tasks.
• Provide weekly time accounting and monthly expense reports.
• Be a member of the ProArch Global Cybersecurity Consulting Team.
• Travel within upstate NY and occasionally out of state, as required.
• Your Education: 5-7 years of experience in Cybersecurity Consulting. BS or MS in Computer Science / Engineering or significant demonstratable experience in Microsoft Cloud Security. Certifications such as CISSP, CISM, and CISA are desirable but not required.