SECURITY ARCHITECT

SECURITY ARCHITECT

GC, USC

2 rounds of MS Teams interviews

REMOTE CONTRACT FOR SECURITY ARCHITECT IN WAUKEGAN, IL

TO CONDUCT SECURITY ARCHITECTURE ALIGNMENT FOR PRIVILEGED ACCESS MANAGEMENT AND MICROSOFT 365 E5

A client of ours, a 10B company is looking for a Security Architect to conduct Security Architecture Alignment for Privileged Access Management and Microsoft 365 E5.

This should be a really Enterprise Security Guru who is capable of telling the Client's Security Team including the top Security Architects what to do!!!

Originally it is a 3-month project, likely will be extended to continue with policies implementation and oversight and guidance on implementing proper security policies and procedures.

EXCELLENT COMMUNICATION SKILLS ARE A MUST

Stage 1. Privileged Access Management Assessment and Roadmap:

• Conduct a review of the current PAM Systems:

• • Review the current privileged access management systems being used, the type of access controls in place, and the effectiveness of these systems in securing privileged access.
  • Review the processes for granting, changing, and revoking privileged access to ensure they follow best practices in secure access management.
  • Review the procedures for handling privileged access requests, including urgency procedures, and incident response procedures in case of a security breach involving privileged access.
  • Review compliance with relevant industry standards, regulations, and laws concerning privileged access management, such as GDPR, ISO 27001, PCI-DSS, and HIPAA.
  • Examine the roles and responsibilities of individuals with privileged access, their level of training, and their awareness of security risks and preventive measures.

• Conduct Gap Analysis and Risk Assessment:

• • Identify and evaluate potential risks associated with the organization's current privileged access management policies, systems, and practices.
  • Identify areas with business and technological gaps, assess the risk levels, and recommend mitigation approaches

• Develop recommendations for improvement:

• • Develop a set of recommendations to improve the Privileged Access Management posture at the company.
  • Create a prioritized list of initiatives for applying these recommendations and the proposed timeline for their implementation

Stage 2. M365 E5 Security Assessment and Roadmap:

• Review current security architecture, standards, and tools:

• • Review current state documentation for security architecture, standards, processes, and procedures
  • Conduct interviews with individual SMEs.
  • Review the business and technical requirements, software products and tools, their licensing and renewal cycles, architecture patterns, and other relevant information in a summary format

• Review the E5 alignment roadmap and future state:

• • Assess security software available to the company as part of the E5 license.
  • Conduct analysis of security features and functionality available under the E5 license for applicability to the company environment, business, and technical requirements, including both on-premises and cloud environments.
  • Review the areas of overlapping or complementary use with current security portfolio.
  • Review the opportunities for improving security posture while maximizing the benefits provided by security tools, features, and functionality available under the E5 license.

• Develop an E5 security implementation roadmap:

• • Review recommendations for the optimal introduction of security tools included in E5 license.
  • Review the prioritized roadmap for E5 security implementation
  • Conduct an executive readout of the recommendations and the roadmap and identify the next steps.