Company Overview:
Arctiq is a leader in professional IT services and managed services across three core Centers of Excellence: Enterprise Security, Modern Infrastructure and Platform Engineering. Renowned for our ability to architect intelligence, we connect, protect, and transform organizations, empowering them to thrive in today's digital landscape. Arctiq builds on decades of industry expertise and a customer-centric ethos to deliver exceptional value to clients across diverse industries.
Job Summary:
The Senior Project Consultant – Identity & M365 Security is a customer-facing technical leader responsible for delivering complex identity-centric security, Microsoft 365 security, and security migration projects for mid-market and enterprise clients.
This role blends hands-on technical expertise with consultative delivery, guiding customers through assessment, design, migration, and implementation of Microsoft Entra ID and Microsoft 365 security solutions across hybrid, cloud, and legacy environments.
The consultant serves as a trusted security advisor, ensuring solutions are secure, scalable, and aligned with Microsoft best practices, Zero Trust principles, and long-term modernization strategies. Most engagements are delivered remotely, with occasional onsite travel for project kickoffs, critical milestones, or customer workshops.
Core Responsibilities:
Microsoft Entra ID & Identity Security (Primary)
- Entra ID tenant architecture, configuration, and security hardening
- Conditional Access design (baseline + phased rollout), including device, location, and risk-based controls
- MFA strategies (number matching, passwordless, and phishing-resistant MFA) and rollout planning
- Identity Protection policies (user/sign-in risk) and investigation workflows
- Privileged Identity Management (PIM) for roles and privileged users; least privilege implementation
- Identity governance concepts (access reviews, entitlement management concepts, lifecycle controls)
• Hybrid identity integration using Entra Connect or Cloud Sync; legacy auth remediation (basic auth/legacy protocols)
Microsoft 365 Security & Compliance
- Microsoft Defender XDR: Defender for Endpoint, Defender for Office 365, Defender for Identity, Defender for Cloud Apps
- Email security: anti-phishing, impersonation protection, Safe Links/Safe Attachments, quarantine policies, mail flow
- Endpoint hardening: security baselines, ASR rules, device control, web protection
- Microsoft Purview: sensitivity labels, DLP, retention, audit, and compliance reporting
• Security posture management: Secure Score improvement planning and executive reporting
Third-Party Security Migration Experience (Required)
- Plan and execute migrations from third-party EDR and email security platforms to Microsoft security controls
- EDR examples: Carbon Black, CrowdStrike, and similar tools (policy translation, onboarding/offboarding, tuning)
- Email security examples: Mimecast, Postini, Proofpoint or similar (policy mapping, connectors, cutover, decommission)
• Feature mapping and coexistence planning; build cutover/runback plans and post-migration stabilization
Hybrid & On-Prem Security (Supporting)
- Active Directory security assessments, remediation, and hardening; privileged access models
- Defender for Identity sensor deployment and tuning; audit and logging improvements
Essential Duties & Responsibilities
- Deliver projects aligned to approved Statements of Work (SOWs), ensuring scope, schedule, and quality objectives are met
- Lead technical execution across on‑prem, hybrid, and cloud Microsoft solutions
- Follow established project delivery and quality methodologies
- Participate in customer kickoff meetings, technical workshops, and solution reviews
- Actively manage technical risks, issues, and dependencies; escalate when required
- Troubleshoot and resolve complex technical challenges during implementation
- Identify scope risks and support change management discussions
- Maintain accurate project documentation and technical deliverables
- Provide regular project status updates to Project Managers and leadership
- Enter project activities, service tickets, time reporting, and expenses accurately and on time
- Support internal collaboration with Sales, Architecture, and Managed Services teams
- Perform additional duties as assigned
Requirements:
- Bachelor’s degree (or equivalent experience) in Computer Science, Engineering, or a related technical field
- 6–10 years of experience delivering Microsoft identity, security, and modernization solutions (hybrid and cloud).
- Proven experience with:
- Entra ID security architecture, Conditional Access, MFA/passwordless, PIM
- Microsoft Defender XDR (Endpoint, Office 365, Identity, Cloud Apps) deployments and tuning
- Microsoft Purview fundamentals (labels, DLP, retention) and governance concepts
- Security migrations from third-party EDR/email security tools (e.g., Carbon Black, CrowdStrike, Mimecast, Postini)
- Hybrid identity integration (AD DS ↔ Entra ID) and legacy authentication remediation
- Microsoft Entra ID (Azure AD) Security & Identity ProtectionZero Trust Access (MFA, Conditional Access, Passwordless, PIM)Hybrid Identity & Legacy Security Modernization (AD DS ↔ Entra ID)
- Third-Party Security Migrations (e.g., Carbon Black, CrowdStrike, Mimecast, Postini, Okta) to Microsoft
- Microsoft 365 Security (Defender XDR, Purview) and Email/Collaboration Protection
How will you stand out?
- Microsoft Certifications (any combination preferred):
- Microsoft Cybersecurity Architect
- Microsoft Certified: Azure Solutions Architect Expert
- Microsoft 365 Certified: Enterprise Administrator Expert
- Microsoft Certified: Azure Security Engineer Associate
Relevant Exams:
- SC-100, SC‑300
- AZ‑104, AZ‑305, AZ‑700, AZ‑500
Arctiq is an equal opportunity employer. If you need any accommodations or adjustments throughout the interview process and beyond, please let us know. We celebrate our inclusive work environment and welcome members of all backgrounds and perspectives to apply.
We thank you for your interest in joining the Arctiq team! While we welcome all applicants, only those who are selected for an interview will be contacted.
