SECURITY ARCHITECT
GC, USC
2 rounds of MS Teams interviews
REMOTE CONTRACT FOR SECURITY ARCHITECT IN WAUKEGAN, IL
TO CONDUCT SECURITY ARCHITECTURE ALIGNMENT FOR PRIVILEGED ACCESS MANAGEMENT AND MICROSOFT 365 E5
A client of ours, a 10B company is looking for a Security Architect to conduct Security Architecture Alignment for Privileged Access Management and Microsoft 365 E5.
This should be a really Enterprise Security Guru who is capable of telling the Client's Security Team including the top Security Architects what to do!!!
Originally it is a 3-month project, likely will be extended to continue with policies implementation and oversight and guidance on implementing proper security policies and procedures.
EXCELLENT COMMUNICATION SKILLS ARE A MUST
Stage 1. Privileged Access Management Assessment and Roadmap:
- Conduct a review of the current PAM Systems:
-
- Review the current privileged access management systems being used, the type of access controls in place, and the effectiveness of these systems in securing privileged access.
- Review the processes for granting, changing, and revoking privileged access to ensure they follow best practices in secure access management.
- Review the procedures for handling privileged access requests, including urgency procedures, and incident response procedures in case of a security breach involving privileged access.
- Review compliance with relevant industry standards, regulations, and laws concerning privileged access management, such as GDPR, ISO 27001, PCI-DSS, and HIPAA.
- Examine the roles and responsibilities of individuals with privileged access, their level of training, and their awareness of security risks and preventive measures.
- Conduct Gap Analysis and Risk Assessment:
-
- Identify and evaluate potential risks associated with the organization's current privileged access management policies, systems, and practices.
- Identify areas with business and technological gaps, assess the risk levels, and recommend mitigation approaches
- Develop recommendations for improvement:
-
- Develop a set of recommendations to improve the Privileged Access Management posture at the company.
- Create a prioritized list of initiatives for applying these recommendations and the proposed timeline for their implementation
Stage 2. M365 E5 Security Assessment and Roadmap:
- Review current security architecture, standards, and tools:
-
- Review current state documentation for security architecture, standards, processes, and procedures
- Conduct interviews with individual SMEs.
- Review the business and technical requirements, software products and tools, their licensing and renewal cycles, architecture patterns, and other relevant information in a summary format
- Review the E5 alignment roadmap and future state:
-
- Assess security software available to the company as part of the E5 license.
- Conduct analysis of security features and functionality available under the E5 license for applicability to the company environment, business, and technical requirements, including both on-premises and cloud environments.
- Review the areas of overlapping or complementary use with current security portfolio.
- Review the opportunities for improving security posture while maximizing the benefits provided by security tools, features, and functionality available under the E5 license.
- Develop an E5 security implementation roadmap:
-
- Review recommendations for the optimal introduction of security tools included in E5 license.
- Review the prioritized roadmap for E5 security implementation
- Conduct an executive readout of the recommendations and the roadmap and identify the next steps.