Microsoft 365 Security and Compliance Contractor
Job Description
Job Description
MS365 Security and Compliance Contractor
Who we are:
InfoStructures, Inc. is an information technology services firm located in Rockville, MD. Since 1988 we have been employing leading-edge technologies and techniques to improve the working lives of others. We are seeking an energetic, highly motivated, qualified Security Analyst/Engineer with the right attitude toward customer service. We place great value in the work our people do and in the difference their efforts make in people’s lives.
What makes us different than other IT services companies? It’s simple: the quality of our services and our attention to detail.
What experience you need: Minimum of 5 years of experience working with Microsoft 365 security and compliance features. Proven track record of managing security and compliance within Microsoft 365 and Azure environments.
· Microsoft Purview Expertise
§ Data discovery, classification, and protection.
§ Compliance Manager configuration and reporting.
· Security Skills:
· Microsoft Defender for Office 365, Endpoint, and Identity.
§ Multifactor Authentication (MFA) and Conditional Access Policies.
§ Threat analytics and incident response.
· Identity and Access Management:
§ Azure AD administration, including Privileged Identity Management (PIM).
§ Single Sign-On (SSO) and federation configurations.
· Collaboration Security:
§ Secure configuration of SharePoint Online, Teams, and OneDrive for Business.
§ External sharing and permissions management.
· Power Platform Security:
§ Secure administration of Power BI, Power Automate, and Power Apps.
§ Data governance for Power Platform environments.
· Automation & Scripting:
§ Proficiency in PowerShell scripting for automation and troubleshooting.
§ Automation of compliance and security monitoring tasks.
· General Microsoft 365 Administration:
§ Tenant-wide settings and user management.
§ Exchange Online protection and message trace/log analysis.
· Regulatory Expertise:
§ Familiarity with compliance frameworks such as NIST, SOC 2, GDPR, HIPAA, and others.
§ Ability to tailor Microsoft tools to meet these requirements.
Additional job requirements:
- Assess client environments for security and compliance gaps and provide actionable recommendations.
- Configure and manage Microsoft Purview tools, including:
§ Data Loss Prevention (DLP) policies.
§ Insider Risk Management.
§ Information Protection and Data Classification.
§ eDiscovery and Audit.
- Implement and maintain Microsoft 365 Security & Compliance Center policies and configurations.
- Provide consultation on regulatory frameworks (e.g., GDPR, HIPAA, CCPA, ISO 27001) and tailor solutions to meet these standards.
- Assist clients with incident response and remediation efforts.
- Provide training and documentation to client teams on Microsoft 365 compliance and security features.
- Stay informed about the latest developments in Microsoft 365, Azure, and compliance/security best practices.
What education/training/certification desired/requested:
· Microsoft Certified: Security, Compliance, and Identity Fundamentals.
· Microsoft Certified: Compliance Administrator Associate.
· Microsoft Certified: Security Operations Analyst Associate.
· Azure Security Engineer Associate or similar certifications.
What you will do
As a Security and Compliance Contractor, you will work with clients to ensure their Microsoft 365 environments are secure, compliant, and optimized for business needs. You will implement and recommend advanced security and compliance features while offering guidance on best practices to protect sensitive data and meet regulatory requirements. You will be working with our internal team to learn environments, create recommendations on changes and perform training on administration to our technical team.
Where you will do it
You will work primarily remote/telework with occasional visits to our Rockville office.
InfoStructures is an Equal Opportunity Employer.