The Role
- Security Implementation and Remediation: Develop and implement engineering security changes across the above solutions. Lead security remediation efforts following audits against an identified list and extend this list as suitable to provide a rounded security posture.
- Privilege Management: Strategically manage and reduce standing privileges to minimise risks and ensure compliance with industry best practices and regulatory requirements.
- Attack Surface Reduction: Identify vulnerabilities and reduce attack surfaces in legacy and modern operating systems, focusing on proactive threat mitigation.
- Policy and Compliance: Formulate and document/diagram process and enforce policies for access control, identity management and device management based on Microsoft security protocols and tools.
Skills
- Minimum of 5 years of experience in a security engineering role with a focus on Microsoft technologies, including Active Directory, Entra, Intune and Autopilot.
- Expertise in Microsoft Active Directory, Microsoft Entra & Conditional Access Policies, Azure Key Vault and Microsoft Certificate Authority.
- Experience with Bloodhound/Pingcastle/Azurehound or similar testing tools.
- CIS SecureSuite and application of CIS Benchmarks across the enterprise.
- Microsoft Intune and Autopilot.
- Deep understanding of security principles and technologies related to identity and access management, device management and data protection.
- Strong experience in reducing standing privileges and minimising attack surfaces in both legacy and modern environments.
- Demonstrated ability in crafting and implementing security procedures and technical outcomes.
** Note, this is an inside of IR35 based contract**