Cloud Security Consultant (Jr.)
Share
Job Location:
Monthly Salary:
Posted on:
9 hours ago
Vacancies:
1 Vacancy
Job Summary
It all starts with the mission: NVISO is here to protect European society from potentially devastating cyber attacks! This means we offer cyber security services to private and governmental organizations to help them better prepare for prevent detect and respond to cyber security incidents.
All of this is built on four fundamental values that define who we are: We are Proud We Break Barriers We Care and No BS!
Tasks
You will be joining NVISOs Cloud Security team as a Cloud Security Consultant (Jr.). The ideal candidate has knowledge in Azure or Microsoft 365 cloud services with a particular focus on security.
As part of a team of security consultants and engineers you will collaborate closely with other colleagues and our customers to understand their business and security requirements assess their current security posture and develop tailored cloud security solutions for them.
We are aware that cloud security features and products are abundant; the following list apply to the ones of interest to us. If you have experience or feel capable of conducting only some of them (not the full list) please reach out!
You tasks will include:
Identity and Access Management (IAM)
- Design and implement Microsoft Entra tenant architecture including identity lifecycle conditional access and MFA.
- Implement and tune Conditional Access policies risk-based access and device compliance integrations with Intune/Endpoint Manager.
- Deploy and operate Privileged Access Management (PAM) including PIM for Azure and M365 roles just-in-time access and break-glass accounts.
- Integrate on-premises identities (hybrid) with secure synchronization and hardening of federation where used.
Platform Security and Hardening (Azure)
- Build secure landing zones using Azure Policy Blueprints/Bicep/Terraform and management groups.
- Enforce baseline controls for networking (NSGs Azure Firewall Private Link) compute (secure images patching) and storage (encryption private endpoints).
- Configure Azure Key Vault for secrets keys and certificates management with RBAC and purge protection.
- Implement workload isolation tagging and resource locks; manage identity-based access (managed identities).
Threat Protection and Monitoring
- Deploy and tune Microsoft Defender for Cloud Defender for Cloud Apps (MCAS) Defender for Endpoint and Defender for Identity.
- Configure Microsoft Sentinel: data connectors analytics rules UEBA watchlists workbooks and SOAR playbooks (Logic Apps).
Microsoft 365 Security
- Configure and manage Microsoft Purview (Compliance portal) for DLP information protection labels data lifecycle and insider risk.
- Implement Exchange Online SharePoint OneDrive and Teams security baselines safe links/attachments and anti-phishing policies.
- Enforce device compliance via Intune app protection policies and conditional access for BYOD and corporate devices.
- Secure collaboration and external sharing with sensitivity labels access reviews and entitlement management.
Data Protection and Encryption
- Design data classification and labelling strategies with Microsoft Purview; enforce DLP across endpoints Exchange SharePoint and Teams.
- Ensure encryption at rest and in transit customer-managed keys (CMK) and double encryption where required.
- Implement eDiscovery legal hold and audit configurations for regulatory needs.
Requirements
- You hold citizenship in one of the 32 NATO member states.
- At least 1 year of experience in information security specific to Azure or Microsoft 365 cloud environments.
- Experience with Microsofts cloud services including Entra ID Microsoft Sentinel and Microsoft Defender for Cloud Defender for Endpoint Defender for Cloud Apps Defender for Identity Intune and/or Purview.
- Knowledge or experience with cloud security best practices and related frameworks. For example: CIS Benchmarks Microsoft Cloud Security Benchmark etc.
- Strong communication documentation and reporting skills.
- Relevant current Microsoft cloud certifications. For example: AZ-104 SC-900 SC-200 SC-300 SC-401 or AZ-500.
Preferred
- Bachelors degree in Computer Science Cyber Security Information Security Engineering Information Technology or related studies.
- Experience in consulting.
- Other vendor-agnostic cybersecurity certifications. E.g. SSCP CompTIA Security or equivalent.
- Experience with scripting languages such as PowerShell or Python.
Benefits
At NVISO we care. We are committed to offering you a highly competitive remuneration package including financial and non-financial components:
- A training budget of 10.000 and 10 days every 2 years
- Company car and Belgian fuel card
- Working and learning from the best people in the European cyber security industry. We have multiple SANS Instructors working at NVISO our staff has presented at popular hacking conferences (BlackHat BruCON OWASP etc) and all of our technical staff can acquire deep technical security certifications (GSE GXPN GREM GCFA OSCP etc)
- An entrepreneurial and agile working environment where you will be challenged stimulated and supported in driving new initiatives (either through internal innovation or by improving our service offering) without losing sight of having fun!
- Regular team-building and fun events throughout the year;
- Our commitment to coach and counsel you and help you grow; each employee receives a personal coach within the team whose role is to ensure your well-being and helps you grow in your career!
- Flexible working hours working from home and even the possibility to work from abroad;
- Flex Income Plan
- 32 paid leave days
Disclaimer on the Use of AI Tools in the Application Process
Please be aware that the creation and submission of application documents (e.g. CV cover letter case studies etc.) using AI-powered tools is only permitted to a limited extent.
Our expectations:
Application documents must authentically reflect your own qualifications personality and motivation.
The use of AI for supportive purposes (e.g. spell-checking improving wording) is acceptable.
Fully generated application documents created by AI without personal adaptation or review are not permitted.
Under no circumstances may NVISO information data or documents be uploaded to or processed by external AI tools.
We reserve the right to exclude applications from the selection and interview process that are clearly created primarily or exclusively by AI and show no recognizable personal input.
The purpose of this policy is to ensure a fair and transparent recruitment process and to obtain an authentic impression of our applicants.
Key Skills
About Company
We are a young team of cyber security professionals who decided to do things differently. With innovation rooted in our foundations, we offer services that are up against the modern adversary and that help you Prevent, Detect & Respond to cyber attacks. Curious for more? Say hell ... View more
