|
REQUIRED SKILLS
|
Role Summary
The Senior Identity, Access & Security Monitoring Consultant leads discovery, assessment, and strategic planning initiatives focused on modernizing identity and access in hybrid‑to‑cloud environments, with deliberate alignment to future security monitoring and SIEM adoption.
This role serves as the primary technical and advisory lead during assessment engagements, working closely with infrastructure, security, endpoint, and leadership teams to evaluate the current identity posture, reduce legacy dependencies, and define a cloud‑first identity roadmap aligned to business risk, security objectives, and operational maturity.
In addition to deep identity expertise, this consultant brings situational awareness of Microsoft Sentinel and SIEM fundamentals, ensuring that identity and endpoint design decisions made during modernization efforts are structured to support future security analytics, detection, and response capabilities—without assuming responsibility for SOC operations or hands‑on SIEM implementation.
Core Responsibilities
Identity & Access Strategy (Primary Focus)
- Lead end‑to‑end identity discovery and assessment activities across hybrid and cloud environments
- Evaluate Active Directory, Entra ID (Azure AD), authentication flows, and legacy dependencies
- Define modernization strategies transitioning from hybrid to cloud‑first identity architectures
- Design and rationalize authentication models, including modern authentication, MFA, and SAML/OIDC integrations
- Develop Conditional Access strategies aligned to security posture, user experience, and risk tolerance
- Assess privileged access models, identity risk exposure, and access governance concepts
- Align identity architecture with endpoint management and device compliance strategies (e.g., Intune)
- Translate technical findings into executive‑ready insights, roadmaps, and prioritized recommendations
- Independently lead advisory and assessment engagements, acting as the primary client‑facing authority
Security Monitoring & Sentinel Alignment (Supporting Capability)
- Apply working knowledge of Microsoft Sentinel architecture, purpose, and SIEM concepts to identity design decisions
- Understand how identity‑related telemetry (Entra ID sign‑in logs, audit logs, Conditional Access outcomes) supports detection and investigation use cases
- Maintain awareness of high‑value Sentinel data sources, including endpoint signals (Defender for Endpoint), network, firewall, and VPN logs
- Consider downstream analytics, incident workflows, and SOAR potential when advising on identity and endpoint architecture
- Provide high‑level guidance on Sentinel readiness, sequencing, and phased adoption strategies
- Understand Sentinel licensing fundamentals, including ingestion‑based pricing and data retention considerations
- Advise on how current identity and endpoint decisions can reduce future SIEM blind spots and rework
Note: This role does not include hands‑on Sentinel deployment, rule creation, automation development, or SOC operations.
Core Skills & Experience
- Enterprise identity architecture: Active Directory, Entra ID (Azure AD)
- Hybrid‑to‑cloud identity transformations and modernization programs
- Authentication and authorization models (modern vs. legacy, MFA, SAML, OIDC)
- Conditional Access strategy and policy design
- Privileged access concepts and identity risk management
- Integration with endpoint management and device compliance (Intune)
- Ability to communicate complex technical findings to executive and business stakeholders
- Experience leading identity advisory or assessment engagements independently
- Working knowledge of Microsoft Sentinel, SIEM fundamentals, and security telemetry
- Understanding of how identity, endpoint, and network signals contribute to detection and response strategies
|
Never miss an opportunity! Create an alert based on the job you applied for.
