This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more.

Role Description

The Principal Consultant will lead the architecture, deployment, and optimization of Microsoft security and endpoint management solutions, with deep specialization in:

• Microsoft Active Directory
• On-premise/Entra ID
• Microsoft Defender XDR
• Microsoft Intune
• Azure Infrastructure

This role blends advanced technical expertise, advisory leadership, and presales engagement to deliver secure, scalable, and modern security operations for enterprise clients.

Key Responsibilities

• Presales & Client Engagement:
  • Support presales through client architecture workshops, solution demonstrations, scoping sessions, and proposal development.
  • Translate business requirements into modern security architectures that drive measurable outcomes.
  • Oversee the technical quality of project delivery in collaboration with the Project Manager and actively support Senior and Associate Consultants throughout the solution build and implementation.
• Security Architecture & Solution Design:
  • Architect end-to-end security solutions leveraging Microsoft IAM, Azure, Microsoft Defender, and Microsoft Intune to meet enterprise security and compliance requirements.
  • Lead complex security transformation projects from design through implementation, ensuring high quality outcomes and smooth operational readiness.
• Microsoft IAM (Active Directory/Entra ID):
  • Design identity-centric security controls across Entra ID, Conditional Access, MFA, and identity governance.
  • Align endpoint compliance, risk detections, and real-time signals with Conditional Access policies.
• Microsoft Defender XDR:
  • Implement and tune Microsoft Defender for Endpoint, Identity, Cloud Apps, and Office 365.
  • Configure EDR, threat analytics, attack surface reduction, advanced hunting, and automated remediation.
  • Provide expert guidance on XDR strategy, identity protection, cloud app governance, and cross-domain correlation in Defender.
• Microsoft Intune (Endpoint Security & Management):
  • Deploy, configure, and manage Intune for MDM/MAM across Windows, macOS, iOS, and Android.
  • Build compliance policies, device configuration profiles, app protection policies, and conditional access integrations.
  • Lead modernization initiatives including Autopilot, zero touch provisioning, and cloud-based device governance.
• Azure Infrastructure:
  • Deploy and configure Microsoft Azure infrastructure, including Sentinel (SIEM, SOC) workspaces, data connectors, analytics rules, automation playbooks, and incident response workflows.
• Identity, Access & Conditional Access Leadership & Mentorship:
  • Mentor consultants and analysts across SOC, identity, and endpoint management domains.
  • Provide training sessions to clients or internal teams on Sentinel, Defender, and Intune best practices.
  • Collaborate closely with current Security Service managers to refine SOC processes, ensuring alignment with organizational objectives and evolving threat landscapes.
  • Facilitate the identification and implementation of process improvements to enhance detection, response, and reporting capabilities.
• Operational Excellence:
  • Troubleshoot Sentinel ingestion issues, Defender signal quality gaps, and Intune device management challenges.
  • Deliver clear design documentation, runbooks, and operational handover materials.
  • Assist with lab environments, testing, and lifecycle management of security configurations.

Qualifications

• 10+ years of experience in IT security, SOC operations, endpoint management, or cloud security architecture.
• Deep hands-on expertise with Microsoft IAM, Azure, Sentinel, Microsoft Defender XDR, and Microsoft Intune.
• Strong understanding of infrastructure management and endpoint security, and identity-driven security models.
• Proven ability to architect and lead large-scale security implementations.
• Excellent presales, communication, and client-facing skills.

Preferred Certifications

• AZ-500: Azure Security Engineer
• MD-102 / MD-101: Endpoint Administrator
• SC-200: Microsoft Security Operations Analyst
• SC-300: Identity and Access Administrator
• SC-400: Information Protection Administrator

Preferred Skills

• Experience with MITRE ATT&CK mapping, threat modeling, and detection engineering.
• Familiarity with Microsoft Purview for compliance and DLP (nice-to-have).
• Experience supporting SOC teams and global enterprise security operations.
• Ability to lead multi-region rollouts and complex modernization projects.
• KQL programming
• ARM Templates
• Bicep

Work Conditions

• This job requires working North American business hours with customers and colleagues.
• We’re a project-driven company, and we need to follow the working hours of our Customers (EST).
• Overtime may be required to meet project deadlines.
• Participation in client workshops, presentations, and training sessions is expected.
• Occasional travel may be required to meet clients or internal stakeholders.