Vacancy expired!
Job Req #: 21-08835Job Description: IT Security and Compliance Administrator (Microsoft 365 Security Stack)Location: Redwood City, CAPosition Type: Contract to Hire OR Perm/FTEOur Biopharmaceutical client is looking to hire an IT Security and Compliance Admin on a contract to hire basis. This person will be based in their Redwood City office. This person should be able to work in a fast paced, start-up environment and be very collaborative. Position Summary: You recognize cyber security as the management of risk associated with people, process, technology and data. You understand how to use the Microsoft Ecosystem to design Zero Trust - Identity and Data Centric solutions that will mitigate these risks and ensure compliance. You are an astute advisor on Security Transformation, Security Strategy and Security Operations.Essential Responsibilities:
- Security & Compliance practitioner: Experienced with solutions and architectures for confidentiality, integrity and availability including endpoint detection and response, anti-malware, persistent threats, email security, user behavior and analytics, threat intelligence, threat hunting and forensics, information protection, application, security management, auditing and governance.
- Identity practitioner: Experienced professional conversant in cloud-based identity and access management solutions that extend security, governance, and compliance to SaaS, PaaS, IaaS
- Practitioner mindset: Committed to knowing not just what tools can do but practices the skills required to successfully implement a solution required.
- Technical experience with cloud and hybrid infrastructures, architecture designs, and technology management; broad experience with Microsoft 365 Security, Compliance Azure Security and MDM / MAM, and Windows 10
- Technical depth: Practical enterprise experience with configuration and implementation of Microsoft or other security & compliance solutions
- Excellent Communicator: Outstanding written & verbal communication, collaboration, organizational, presentation.
- Executive Validated experience engaging with senior level executives preferred.
- Growth Mindset: Experience and passion for learning (technical and professional skills); implementing practices from others; trying, failing, and learning from both successes and failures; sharing practices and knowledge for others benefit.
- Act as a Trusted Advisor on best practices to protect information. Giving effective advice in large-scale technology projects while working at all levels
- Review, monitor and develop security and compliance posture across physical and logical infrastructures centralizing on the Microsoft 365 technology stack:
- Security Center, Compliance Center, Endpoint manager, CAS, LAN, WAN, Firewall, edge security
- Carry out threat and risk assessments and develop security architecture to mitigate threats.
- Maintain and Develop compliance initiatives and audits (e.g., Sox, CFR 21 part 11, GxP, GDPR, CCPA etc.).
- Certification in Microsoft 365 Security Administration or Azure Security Engineer, preferred
- Bachelor s Degree in computer science or related preferred
- Life Science experience preferred
- 5+ years Extensive security compliance auditing or implementation experience
- Exposure to AWS, Azure, Google Cloud Platform
- Manage identity and access.
- Hybrid environments (Connectivity, sync services, and authentications)
- Azure AD Self-service password reset, Azure AD access reviews)
- Authentication Methods (sign-on security, multi-factor authentication (MFA), device sign-on methods, manage authentication methods)
- Conditional Access (Compliance and conditional access policies, device compliance policy, conditional access policy)
- Role-based access control (RBAC)
- Azure AD Privileged Identity Management (PIM)
- Azure AD Identity Protection (User risk policy and sign-in risk policy)
- O365 ATP - Advanced Threat Protection (Anti-phishing protection, anti-spoofing, anti-spam protection, Safe-Attachments, Safe Links, anti-malware solution, and tests using Attack Simulator)
- Information Protection
- Secure data within O365 (Customer Lockbox, Office 365 collaboration workloads, SharePoint, Teams, and B2B sharing for external users)
- Azure Information Protection (Azure Rights Management, labels and conditions, templates, AIP scanner, RMS connector, tenant keys, integrate AIP with Microsoft Online Services)
- Data Loss Prevention (Manage DLP policies, manage sensitive information types)
- Cloud App Security (Plan implementation and configuration)
- O365 Governance and Compliance
- Security reporting (Windows Analytics, Office Telemetry, Office 365 secure score, Azure Log Analytics integration, and alert policies in the O65 Security and Compliance Center)
- Audit logs and reports (Office 365 auditing and reporting)
- O365 classification and labeling (Data governance classification and labels)
- Data governance and retention (Retention policies, data governance reports and dashboards, Information holds, import data in the Security and Compliance Center, manage inactive mailboxes)
- Search and investigation (Content search and eDiscovery, export content search results, and manage eDiscovery cases)
- Data privacy regulation compliance (Regulatory compliance in Microsoft 365, review and interpret GDPR dashboards and reports, Compliance Manager reports)
- Ability to integrate Microsoft Cloud Technologies with 3rd party security products such as Lookout, Zscaler, MobileIron, AirWatch, Splunk, Symantec, Ping, Okta, SailPoint, etc.
Vacancy expired!