Sr. Project Consultant - Security

Arctiq•Nashville, TN

23h•Hybrid

About The Position

Arctiq is a leader in professional IT services and managed services across three core Centers of Excellence: Enterprise Security, Modern Infrastructure and Platform Engineering. Renowned for our ability to architect intelligence, we connect, protect, and transform organizations, empowering them to thrive in today's digital landscape. Arctiq builds on decades of industry expertise and a customer-centric ethos to deliver exceptional value to clients across diverse industries. The Senior Project Consultant – Identity & M365 Security is a customer-facing technical leader responsible for delivering complex identity-centric security, Microsoft 365 security, and security migration projects for mid-market and enterprise clients. This role blends hands-on technical expertise with consultative delivery, guiding customers through assessment, design, migration, and implementation of Microsoft Entra ID and Microsoft 365 security solutions across hybrid, cloud, and legacy environments. The consultant serves as a trusted security advisor, ensuring solutions are secure, scalable, and aligned with Microsoft best practices, Zero Trust principles, and long-term modernization strategies. Most engagements are delivered remotely, with occasional onsite travel for project kickoffs, critical milestones, or customer workshops.

Requirements

Bachelor’s degree (or equivalent experience) in Computer Science, Engineering, or a related technical field
6–10 years of experience delivering Microsoft identity, security, and modernization solutions (hybrid and cloud)
Proven experience with: Entra ID security architecture, Conditional Access, MFA/password-less, PIM
Proven experience with: Microsoft Defender XDR (Endpoint, Office 365, Identity, Cloud Apps) deployments and tuning
Proven experience with: Microsoft Purview fundamentals (labels, DLP, retention) and governance concepts
Proven experience with: Security migrations from third-party EDR/email security tools (e.g., Carbon Black, CrowdStrike, Mimecast, Postini)
Proven experience with: Hybrid identity integration (AD DS Entra ID) and legacy authentication remediation
Microsoft Entra ID (Azure AD) Security & Identity Protection
Zero Trust Access (MFA, Conditional Access, Passwordless, PIM)
Hybrid Identity & Legacy Security Modernization (AD DS Entra ID)
Third-Party Security Migrations (e.g., Carbon Black, CrowdStrike, Mimecast, Postini, Okta) to Microsoft
Microsoft 365 Security (Defender XDR, Purview) and Email/Collaboration Protection

Nice To Haves

Microsoft Certifications (any combination preferred): Microsoft Cybersecurity Architect
Microsoft Certifications (any combination preferred): Microsoft Certified: Azure Solutions Architect Expert
Microsoft Certifications (any combination preferred): Microsoft 365 Certified: Enterprise Administrator Expert
Relevant Exams: SC-100, SC‑300 AZ‑104, AZ‑305, AZ‑700, AZ‑500

Responsibilities

Entra ID tenant architecture, configuration, and security hardening
Conditional Access design (baseline + phased rollout), including device, location, and risk-based controls
MFA strategies (number matching, passwordless, and phishing-resistant MFA) and rollout planning
Identity Protection policies (user/sign-in risk) and investigation workflows
Privileged Identity Management (PIM) for roles and privileged users; least privilege implementation
Identity governance concepts (access reviews, entitlement management concepts, lifecycle controls)
Hybrid identity integration using Entra Connect or Cloud Sync; legacy auth remediation (basic auth/legacy protocols)
Microsoft Defender XDR: Defender for Endpoint, Defender for Office 365, Defender for Identity, Defender for Cloud Apps
Email security: anti-phishing, impersonation protection, Safe Links/Safe Attachments, quarantine policies, mail flow
Endpoint hardening: security baselines, ASR rules, device control, web protection
Microsoft Purview: sensitivity labels, DLP, retention, audit, and compliance reporting
Security posture management: Secure Score improvement planning and executive reporting
Plan and execute migrations from third-party EDR and email security platforms to Microsoft security controls
EDR examples: Carbon Black, CrowdStrike, and similar tools (policy translation, onboarding/offboarding, tuning)
Email security examples: Mimecast, Postini, Proofpoint or similar (policy mapping, connectors, cutover, decommission)
Feature mapping and coexistence planning; build cutover/runback plans and post-migration stabilization
Active Directory security assessments, remediation, and hardening; privileged access models
Defender for Identity sensor deployment and tuning; audit and logging improvements
Deliver projects aligned to approved Statements of Work (SOWs), ensuring scope, schedule, and quality objectives are met
Lead technical execution across on‑prem, hybrid, and cloud Microsoft solutions
Follow established project delivery and quality methodologies
Participate in customer kickoff meetings, technical workshops, and solution reviews
Actively manage technical risks, issues, and dependencies; escalate when required
Troubleshoot and resolve complex technical challenges during implementation
Identify scope risks and support change management discussions
Maintain accurate project documentation and technical deliverables
Provide regular project status updates to Project Managers and leadership
Enter project activities, service tickets, time reporting, and expenses accurately and on time
Support internal collaboration with Sales, Architecture, and Managed Services teams
Perform additional duties as assigned