Security Specialist

A Security Specialist is a client-focused position that works with ProArch customers to maintain a comprehensive security program. Security Specialists will leverage ProArch’s security tools to detect and prevent cyber threats to ProArch’s customers. Additionally, responsibilities include implementation, monitoring security controls, and incident response. The Security Specialist will be part of a select group of industry-recognized experts who work on unique security solutions associated with next-generation technologies and emerging security threats. Ongoing training and professional certifications are part of the job requirements.

JOB RESPONSIBILITIES

• Initial setup and deployment of security solutions and operational technology security measures.
• Creating and delivering detailed reports and maintaining technical documentation.
• Conducting security training sessions and assessments to enhance security awareness and identify vulnerabilities.
• Provide expert advice, guidance, and ad-hoc consulting services to address specific security needs.
• Ongoing configuration, maintenance, and management of security solutions and systems.
• Delivering presentations, conducting proof-of-concepts, and engaging with the public through various platforms.
• Focuses on enhancing and optimizing security programs and processes.
• Implementation & Management of Microsoft Security Solutions, Security Information & Event Management (SIEM), and Extended Detection & Response (XDR) security architecture.
• Solution research & design, emerging technology evaluation.
• Solution configuration management.
• Ticket Queue management and supporting customers through ticket ownership.
• Account & permission management, provisioning, governance for security solutions.
• Microsoft or other 3rd party vendor Security workshops.
• Incident Response investigation, writing, delivery, as appropriate.

Requirements

This position requires that the applicant be a professional leader. ProArch is looking for a candidate who can fulfill the following:

• Outstanding Written, Verbal, Technical, Non-Technical, communication & presentation skills.
• Self-directed with the ability to prioritize and handle multiple tasks concurrently, and of high quality.
• Proven collaborator. Experience in mentoring and guiding a highly technical team.
• Eager learner continually improving skill sets, earning certifications, and gaining industry knowledge.
• Skilled in leading a conversation with client to drive security strategy and program improvement.
• Exceptional analytical skills.
• A well-understood English dialect is a must.
• Ability to prioritize effectively and handle shifting priorities professionally.
• Produce and review reports to support project deliverables.
• Ongoing training and professional certifications are part of the job requirements.
• Create clearly stated remediation recommendations based on industry best practice.
• Successfully interface with clients, both internally and externally.
• Document and explain technical details in concise and clear manner.
• Manage personal schedule and project tasks.
• Provide weekly time accounting and monthly expense reports.
• Travel within upstate NY and occasionally out of state, as required.

TECHNICAL SKILLS
Candidate should have a minimum of 2 years of experience in cybersecurity with additional background in Security Consulting. To be successful, this position will require the candidate to have expertise in the following areas:

• Familiarity with Security Information and Event Management (SIEM) systems, particularly Microsoft Sentinel and Extended Detection & Response (XDR) solutions, such as Microsoft Defender XDR.
• Familiarity with how SOAR (Security Orchestration and Automated Response) works and ability to provide workflows which can be used for automating SOC responses.
• Incident Handling, take technical investigation ownership of incidents and coordinate response efforts.
• Industry knowledge and experience in Managed Detection and Response (MDR) technologies.
• Deep experience in advanced Microsoft Cloud Security implementation, advisory, and assessment.
• Microsoft Security and Compliance including:
• Defender for Endpoint

• Defender for Office 365
• Defender for Identity
• Defender for Cloud Apps
• Defender for Cloud
• Defender XDR
• Defender for IoT
• Entra ID Identity Protection
• Entra ID & Intune
• Microsoft Sentinel
• Microsoft Purview, IRM, DLP, Insider Risk

• Experience with CrowdStrike Endpoint, Identity, XDR is highly desirable.
• Vulnerability Management tools, such as Qualys.
• Security Awareness Training using tools such as KnowBe4.
• Experience in analyzing and creating remediation strategies for vulnerability management programs, security architecture reviews, cloud security reviews in a Managed Security Services Model.
• Implement and maintain security solutions, tools, and IT Policies and standards.
• Experience with major Identity Provider and related security solutions, such as Microsoft Entra ID, Identity Protection, Active Directory, Defender for Identity.
• Demonstratable knowledge in Microsoft and other vendor-based licensing.
• Experience in Policy and Device Management solution like MEM, Intune, Azure Arc, GPO.
• Experience with Azure DevOps is desirable.
• Advanced knowledge of Kusto Query Language (KQL). Splunk Processing Language (SPL) knowledge is a good to have.
• Experience in Scripting languages like AZCLI, PowerShell and Python.
• Experience in Power Automate and Logic Apps.
• Good to have non-Microsoft Cloud Security knowledge like GCP, AWS, etc.
• Experience in public speaking, building client relationships, security report analysis and delivery.
• Experience in handling highly technical, project-based, and process-driven questions from customers.
• Experience in data analysis, logging, fine-tuning and cost reduction solutions.
• Experience developing and improving security tools onboarding and validation process.
• Experience analyzing network topologies, security architectures, security solutions, tools, and IT Policies and standards to find gaps between in-place programs and industry best practices.
• Knowledge of Authentication and Authorization mechanisms, Identity Access Management, user provisioning best practices.

EXPERIENCE
BS or MS in Computer Science / Engineering or significant demonstratable experience in Microsoft Cloud Security.

2-4 years of experience in Cybersecurity Consulting/Microsoft M365 Implementation.

Must have the following Microsoft Certifications. If not held at time of hire, must be attained within 6 months after hire.

• AZ-900
• SC-300

Certifications such as AZ-500, SC-200, SC-401, CISSP, CCSP, CISM or others are highly desirable.