Job description

Responsibilities

Security SMEs will work with client security team and other project workstreams to define, document and assist with configuration of applicable Security controls for a Dynamics 365 ERP implementation. The Security Architect will lead this effort, providing direction to the offshore SME. The following activities will be in scope for the security workstream:

Conduct up to six (6) workshops/ interviews with appropriate client security stakeholders with a focus on business and Security requirements, Identity and Access Management, Data Protection and Security monitoring. Workshops will cover the following:
Business and Security Requirements
Review of Policies, Procedures, Standards & Guidelines
Identify key stakeholders & decision approval processes.
Review Data Governance & Privacy Requirements
Discuss any security gaps
Identity and Access Management
RBAC Modelling
Identify Security Groups
Identify Roles including Custom Roles
Identify Personas and Access Requirements
Discuss As-Is Conditional Access and MFA
Data Access & Protection
Gather Encryption requirements
Discuss keys, secrets & certificate management (Key Vault)
Discuss Data Encryption/ Tokenization/ Masking/ Anonymization
Security Monitoring
Discuss Security Logging
Discuss SIEM Integration Design