Consultant, Cybersecurity

This a Full Remote job, the offer is available from: North Carolina (USA) JOB DESCRIPTION OVERVIEW CREO Consultants lead and deliver complex, security-focused engagements across Microsoft cloud and endpoint ecosystems. You will serve as a trusted advisor to client executives and technical teams, owning outcomes from scoping and solution design through execution, reporting, and remediation guidance. This role is ideal for a hands-on practitioner who can both architect and build, with strength in Identity & Access Management (IAM), Microsoft Azure/M365 security, and automation using PowerShell. Consultants work autonomously, mentor analysts, and contribute to proposals, statements of work (SOWs), and reusable delivery accelerators. POSITION RESPONSIBILITIES • Vulnerability & Framework Assessment Responsibilities • Schedule, run, and interpret vulnerability scans using tools like Tenable or Qualys • Track and report on remediation progress in collaboration with client IT teams • Assist with readiness assessments for SOC 2, ISO 27001, and NIST CSF • Map client controls to framework requirements and identify gaps • Client Leadership & Delivery • Own end-to-end delivery for security engagements (e.g., M365 hardening, Sentinel deployments, MDR onboarding, external/internal assessments). • Translate business risk into technical requirements; create architectures, roadmaps, and prioritized remediation plans. • Facilitate client workshops, runbooks, and executive readouts; produce clear, actionable deliverables and presentations. • Coordinate cross-functional teams; track scope, risks, issues, and dependencies; ensure on-time, on-budget delivery. • Identity & Access Management • Design and implement secure identity architectures in Microsoft Entra ID (Azure AD), including tenant configuration baselines. • Engineer Conditional Access policies, MFA, passwordless, risk-based access (Identity Protection), and step-up authentication. • Establish role-based access control (RBAC), Privileged Identity Management (PIM), Just-In-Time (JIT) access, and access reviews. • Build joiner/mover/leaver lifecycle processes; integrate HRIS/IDaaS; govern external/guest access and B2B collaboration. • Harden identities for hybrid environments (Entra Connect/Cloud Sync), legacy protocols, service principals, and workload identities. • Microsoft Cloud Security (Azure & M365) • Deploy and tune Microsoft Sentinel (data connectors, analytics rules, UEBA, workbooks, automation rules, hunting queries). • Implement Defender for Cloud and Microsoft 365 Defender (Endpoint, Identity, Office 365, Cloud Apps) with secure configurations. • Design secure landing zones (network segmentation, Private Link, Key Vault, managed identities, logging/monitoring). • Apply Zero Trust principles across identity, device, network, apps, and data; document security baselines and exceptions. • Integrate third-party controls (e.g., CrowdStrike) with Microsoft security for holistic detection and response. • Engineering & Automation (Powershell/Devops) • Develop robust PowerShell tooling and modules to automate Entra ID, Exchange Online, Defender, Intune, and Graph API workflows. • Create automation runbooks (e.g., Azure Automation, Functions) for repetitive administrative and incident response tasks. • Use KQL for analytics and threat hunting; build reusable dashboards and reports. • Follow secure coding standards, version control (Git), and CI/CD practices for infrastructure-as-code where applicable. • Detection, Response & Vulnerability Management • Triage and investigate alerts; lead incident response playbooks, root-cause analysis, and containment/remediation guidance. • Correlate telemetry across Sentinel, Microsoft 365 Defender, and endpoint tools; develop custom detections and enrichments. • Coordinate vulnerability scanning/validation and remediation with client teams; communicate risk and business impact. • Prepare client-ready IT deliverables. • Help design visually compelling and insightful IT presentations and reports, translating complex technical data into clear, actionable insights for clients • Your deliverables will include detailed technical documentation, spreadsheets, IT models, PowerPoint decks, and status reports, all designed to communicate intricate information in an accessible and professional manner • Collate data from vulnerability scans and penetration tests to create client deliverables • Collect data for analysis of business problems. • Assist in gathering, organizing, and analyzing data to address business challenges from an IT perspective • Work with clients to understand their technical requirements, conducting research, and synthesizing information to inform technology-related recommendations • Build Excel models to analyze IT-related data, such as system performance metrics, cost reduction, network optimization, and user engagement • Conduct vendor interviews, create IT-related surveys, and develop reports that provide valuable insights for client decision-making • Record information and disperse it to those who need it • Play a critical role in recording and summarizing technical discussions during internal and client meetings • Help capture essential IT-related details, ensuring that all important information is documented accurately and distributed to relevant stakeholders • Effective communication, both written and verbal, will be key in keeping the project team aligned, ensuring technical solutions are clearly communicated, and tracking action items and project progress • Governance, Risk & Compliance (GRC) • Map controls to frameworks (NIST CSF/800-53, ISO 27001, SOC 2); document policies/standards and exceptions. • Support audit readiness and evidence collection; drive continuous improvement with measurable KPIs. • Knowledge Sharing & Practice Development • Mentor analysts; perform peer reviews; contribute playbooks, templates, and accelerators. • Assist pre-sales with scoping, level-of-effort, and solution narratives; participate in client demos and POCs. • Maintain high level of billable time • Annual billable utilization target: 1,700 hours REQUIRED QUALIFICATIONS, SKILLS, AND EXPERIENCE • 6+ years in cybersecurity with significant client-facing consulting experience. • Deep Microsoft 365 administration and security configuration experience. • Advanced PowerShell scripting (module development, Graph API, REST), automation runbooks, and CLI tooling. • Hands-on IAM engineering: Conditional Access, MFA/passwordless, PIM/JIT, RBAC, access reviews, lifecycle (joiner/mover/leaver). • Azure and Microsoft security engineering: Sentinel, Defender for Cloud, Microsoft 365 Defender, secure landing zones, logging/monitoring. • Strong analytical and communication skills; ability to translate technical risk for executives and practitioners. • Bachelor’s degree in a relevant field or equivalent experience. • This role is open to remote candidates; however, preference will be given to those located in Durham, NC. CERTIFICATIONS (Required or within 6 months) • Microsoft Certified: Identity and Access Administrator Associate (SC-300). • Microsoft Certified: Azure Security Engineer Associate (AZ-500). • Strongly preferred: Cybersecurity Architect Expert (SC-100); Security Operations Analyst Associate (SC-200). ADDITIONAL DESIRED, BUT NOT REQUIRED • Experience integrating CrowdStrike Falcon with Microsoft security tools. • Experience with Infrastructure-as-Code (Bicep/Terraform) and policy (Azure Policy, Defender for Cloud). • Scripting beyond PowerShell (e.g., Python) for data analysis and automation. • Experience with data protection and compliance controls (DLP, Purview). Please note: This application may be reviewed in part by automated systems to help identify qualified candidates. This offer from "CREO" has been enriched by Jobgether.com and got a 74% flex score. Apply tot his job Apply To this Job