Security Consultant

About The Position

Requirements

• Minimum of 4 years of experience in cybersecurity.
• Background in security consulting or managed security services.
• Hands-on capability in core security platforms.
• Ability to translate technical findings into business risk.
• Strong client communication.
• SIEM/XDR delivery and operations, particularly Microsoft Sentinel and Microsoft Defender XDR.
• Kusto Query Language (KQL) for detection, investigation, and reporting (SPL is a plus).
• SOAR and automation concepts and process design.
• Identity and endpoint security fundamentals (e.g., Entra ID, Identity Protection, Defender for Endpoint).
• Strong client-facing communication: security report analysis, remediation recommendations, and executive-ready storytelling.
• BS or MS in Computer Science / Engineering or significant demonstratable experience in Microsoft Cloud Security.
• Microsoft: AZ-900 Certification (must be attained within 6 months after hire if not held at time of hire).
• Microsoft: SC-300 Certification (must be attained within 6 months after hire if not held at time of hire).
• Microsoft: AZ-500 Certification (must be attained within 6 months after hire if not held at time of hire).
• ISC: CISSP Certification (must be attained within 6 months after hire if not held at time of hire).

Nice To Haves

• Working knowledge of Microsoft security platform components (Defender for Office 365, Defender for Identity, Defender for Cloud Apps, Defender for Cloud, Intune, Entra ID).
• Managed Detection and Response (MDR) experience in a managed services model.
• Vulnerability management tooling and process (e.g., Qualys) and remediation strategy development.
• Scripting/automation using PowerShell, Python, and/or Azure CLI.
• Microsoft Purview (IRM, DLP, Insider Risk) and governance concepts.
• CrowdStrike Endpoint/Identity/XDR experience.
• Cloud security exposure beyond Microsoft (AWS/GCP) and related security services.
• Experience with Azure DevOps and process-driven delivery.
• Microsoft Foundry, Microsoft 365 Copilot, and Microsoft Security Copilot familiarity.
• Preferred certifications: ISC2 CISSP; Microsoft SC-200; and/or certifications such as CEH, CCSP, CISM.

Responsibilities

• Lead security strategy development and roadmap planning aligned to business priorities.
• Produce and deliver executive security reporting (risk, trends, outcomes, and next steps).
• Provide security assessments, vulnerability management guidance, and awareness program support as part of managed services and professional services engagements.
• Own solution implementation and program onboarding, including documentation, handoffs, and acceptance criteria.
• Implement and manage SIEM/XDR architecture (e.g., Microsoft Sentinel and Microsoft Defender XDR) including configuration, tuning, and workflows.
• Maintain solution health and integrations (connectors, data sources, agents, and alert fidelity).
• Perform account/permission management and governance for security solutions.
• Provide guidance and escalation support for Security Specialists; coordinate incident and service issue escalations to resolution.
• Support presales meetings, proof-of-value/proof-of-concept efforts, and security program cost & scope modeling.
• Deliver vendor and ProArch workshops; contribute to presentations, webinars, and approved marketing initiatives.
• Research and evaluate emerging technologies; contribute to solution design and service evolution.
• Deliver services using ProArch standard playbooks, templates, quality gates, and reporting packs.
• Improve programs through automation and security engineering (where appropriate) to increase repeatability and reduce manual effort.
• Outstanding Written, Verbal, Technical, Non-Technical, communication & presentation skills.
• Self-directed with the ability to prioritize and handle multiple tasks concurrently, and of high quality.
• Proven collaborator. Experience in mentoring and guiding a highly technical team.
• Eager learner continually improving skill sets, earning certifications, and gaining industry knowledge.
• Skilled in leading a conversation with client to drive security strategy and program improvement.
• Exceptional analytical skills.
• A well understood English dialect is a must.
• Ability to prioritize effectively and handle shifting priorities professionally.
• Produce and review reports to support project deliverables.
• Ongoing training and professional certifications are part of the job requirements.
• Create clearly stated remediation recommendations based on industry best practice.
• Successfully interface with clients, both internally and externally.
• Document and explain technical details in concise and clear manner.
• Manage personal schedule and project tasks.
• Provide weekly time accounting and monthly expense reports.
• Travel within upstate NY and occasionally out of state, as required.

Benefits

• Career Pathways
• flexible work schedules