Microsoft Office 365 Security Analyst

CANDIDATES MUST BE LOCAL TO THE PHOENIX, AZ MARKET

Please apply directly, thank you!

This is a heavy M365-based security role and will have a large amount of time spent in the Purview platform for data security and retention. Also, we will be looking to ensure our M365 platform is secured with the latest configuration baselines.

This contractor will continue to support the city’s security operations and cloud security functions for all city-wide Microsoft 365 (M365) products. This will include, but is not limited to, data classification and data-loss prevention through Microsoft Purview, Identity and Access Management security through Entra ID, the Microsoft Defender for Cloud Suite, PowerBI security architecture, and AI-based technology used within the M365 platform. The M365 suite is constantly evolving and is currently being developed with new technology granted by the G5 licensing. This decision package will allow the cybersecurity team a dedicated resource to review current M365 security baselines, recommend posture improvements, and work in with various teams to help adopt secure cloud and productivity suite architecture.

MS 365 security engineering and working with other IT teams, such as Infrastructure, Service Desk, etc., pushing out security for M365 modules.

Triage incidents

Write workflows

May help with risk assessments

Other Essential Functions:

1. Monitors alerts and responds to security events by investigating, correlating, triaging, and escalating security events.

2. Assists with maintaining information security processes, products, and systems to mitigate cyber and technology-related risks.

3. Assists with performing technology system security audits and risk assessments.

4. Keeps abreast of latest threats and takes appropriate threat mitigation action (i.e., anti-phishing campaigns, metrics, and communications); recommends and establishes industry best practice security standards and ensures compliance with Citywide policies and standards.

5. Reviews access to information systems and audits role-based access permissions.

Must have Enterprise security experience.

** Heavy knowledge of MS O365 Suite - a generalist with all modules

** Diagramming & Documentation - Network Architecture - Cisco & Palo Alto

** Incident Handling - CrowdStrike

**Security Operations - EDR, Antivirus, handling Phishing incidents, patching systems

** Firewalls - Cisco & Palo Alto - won't do too much in this area

MUST have a good personality to work with the team, be collaborative, provide value, fit in with the company culture, and be an optimistic, solution-oriented self-starter.

** Nice to Have:

Web application security experience.

Knowledge, Skills & Abilities

1. Methods of computer/server systems analysis, design, configuration, installation and troubleshooting, network concepts, protocols and topology management.

2. Intermediate to advanced knowledge of standard security tooling such as EDR, vulnerability scanners, firewall and URL filtering, and security log correlators.

3. Information technology related terminology, creation of standard operating procedures; knowledge of computer control systems and office computer systems integration.

4. Install, configure, and maintain appliances to support current cybersecurity configuration standards, performance notification, traffic monitoring and traffic sniffing; analyze, design, and implement computer control logic and strategies; analyze and repair technology security systems software and technology security systems equipment malfunctions.

5. Application of security principles and practices to provide awareness training to city staff; remote support tools and concepts.

6. Familiarity with mainstream Windows and Linux operating systems, network appliance operating systems, utilities, and commands; hardware configurations including storage, networking, infrastructure, and general computing technologies; SQL databases and mobile device security issues.

7. Knowledge of firewall configurations, maintenance, and troubleshooting; intrusion detection, intrusion prevention methodology; knowledge of backup/recovery procedures and experience with enterprise backup products.

8. Database practices and design including security principles and practices; safeguards for building secure systems; perform security risk and vulnerability testing of networks, operating systems and applications and associated databases.

9. Understand and abide by federal OSHA, state and county regulations and city policies regarding safe work practices.

10. Ability to gather and organize security tool analytics on a repeatable timeline. Research gathered statistics and present meaningful performance indicators for both technical and business-oriented teams.

11. Analytical research methods and techniques including the use of and application of statistical methods and practices; compile reports from a wide variety of sources and transmit data; read and create network diagrams and systems deployment schematics; operate a personal computer and related software or programs.

12. Follow oral and written instructions and communicate technical and non-technical concepts effectively both orally and in writing.

13. Present a positive public image and maintain effective working relationships with other City employees, outside agencies and the public; maintain a professional demeanor during stressful situations.

14. May be required to provide on call support during non-business hours including nights and weekends, as needed.