Microsoft Cloud Security Lead & SOAR Architect

Position Summary

We are seeking a highly skilled and advanced technical cybersecurity professional, preferably a Microsoft MVP (Most Valuable Professional) to our Global Security Operations and Engineering team. The successful candidate will lead technical security initiatives, with a particular focus on Microsoft Cloud Security covering the full scope, i.e., to plan (architect), implement (build), and manage the security platforms and tools in use at WSP, especially the SOAR capabilities, including automation for the SOC using Microsoft security tools (Microsoft Sentinel, Defender, etc).

An important part of this role would be to coach and build the overall knowledge and capabilities within the team. And so, naturally, the incumbent would be an integral member of the team and would also get some good insight into other technology platforms, e.g. AD auditing solutions, PAM, our Threat Intelligence platforms etc. This position can be located at any WSP USA office location.

Candidates MUST have:

• Demonstrable, current, and verifiable technical skills with the Microsoft security tools, especially MS Sentinel, Defender, LogicApp.

• Robust experiences with EntraID, AD, e.g., and creating and managing complex role creations, assignments and permissions

• Experiences with Purview.

• A proven, recent, and verifiable track record in improving and maturity existing security implementations and configurations in the Microsoft Cloud landscape

• Substantial expertise implementing SIEM/ SOAR automations, developing and finetuning the SIEM detection rules to reduce manual efforts, including SIEM log ingestion, connector options, and cost analysis for current and future needs

• Solid current experiences in securing the attack landscape in a Microsoft environment, and hardening the existing systems in the enterprise hybrid landscape (end-user devices, servers, etc); skills and experiences with other vendors and services would be an added advantage

• Substantial expertise about the overall security landscape, including Threat and Vulnerability Management, and the ability to guide on their remediation.

• Deep knowledge of EntraID, including identity protection, conditional access, zero trust architecture and advanced threat detection

• Cyber professional at heart, tracking and mitigating emerging cyber threats against the company (e.g. zero-day exploits, APTs etc).

• Experiences with other concepts and systems like Privileged Account Management, Key Management (certificates, keys, ciphers, etc.).

• Ability to lead security systems integration, e.g., defining the architecture to work with ticketing systems, e.g. integrating Defender to create–manage the tickets and communications in ServiceNow

• Knowledge of extracting relevant data, creating security reports etc. would be a definite advantage.

• Solid abilities to lead and plan the architecture, deliveries, and even more importantly coach and teach other members of the technical team to high levels of technology excellence

What you can expect to do:

• Work with a globally distributed team, taking inputs from the business, SOC, and management to roll out systems and troubleshoot (Tier-3) support for security issues

• Lead-guide the local Service Desk/ OSS teams with knowledge bases to resolve tickets at first instance for issues relating to security software and configurations

• Develop the automation (including playbooks, SOAR), scripts to monitor system-health, as well as management the SOC tools in use

• Extract data from systems and build reports for management; PowerBI skills would be an advantage

• Knowledge transfer and sharing

• Monitor and respond to feedback from the customers (employees and business stakeholders)

• Bring a problem-solving and solutions-mindset, coordinate with the IT teams as needed

• Finance/Budgetary Responsibilities

• Provide feedback on tooling and identify additional needs

• Plan for expanse of security tools to cover ongoing needs

• Evaluation of license usage and potential growth

Required Qualifications:

• Previous experiences in security tools and systems administration, including experience as a security administrator for security platforms

• Knowledge and experience in SIEM and Microsoft platforms (Microsoft Azure ecosystems), other vendor security systems are good experiences as well (e.g. CyberArk, Akeyless)

• Good knowledge of EDR systems e.g. MS Defender, KQL etc. (or alternatively the willingness to learn them)

• Planned and meticulous approach to deliveries.

• Knowledge and/or willingness to learn about advanced security capabilities, including integrations with other systems

• 10+ years of related experience with at least 4+ years of specialization ininformation technology roles, and security experiences with Microsoft solutions.

• Bachelor's degree or equivalent in Information Technology, Computer Science, Engineering, data sciences, or related field

• Strong analytical skills with a keen eye for detail and accuracy.

Preferred

• Master’s degree in information technology, Computer Science, Engineering, data sciences, or related field

WSP Benefits:

WSP provides a comprehensive suite of benefits focused on a providing health and financial stability throughout the employee’s career. These benefits include coverage related to medical, dental, vision, disability, and life; retirement savings; paid sick leave; paid vacation (or other personal time); paid parental leave; and paid time off for purposes of bereavement, voting, and/or attendance at naturalization proceedings.

Compensation:

Expected Salary (all locations): $122,700.00 - $218,680.00

WSP USA is providing the compensation range that the company in good faith believes it might pay and offer for this position, based on the successful applicant’s education, experience, knowledge, skills, abilities in addition to internal equity and specific geographic location. WSP USA reserves the right to ultimately pay more or less than the posted range and offer additional benefits and other compensation, depending on circumstances not related to an applicant’s sex or other status protected by local, state, and/or federal law.

Expected Salary (Colorado only): $122,700.00 - $205,260.00

WSP USA is providing the compensation range that the company in good faith believes it might pay and/or offer for this position within the state of Colorado, based on the successful applicant’s education, experience, knowledge, skills, and abilities in addition to internal equity and specific geographic location. WSP USA reserves the right to ultimately pay more or less than the posted range and offer additional benefits and other compensation, depending on circumstances not related to an applicant’s sex or other status protected by local, state, and/or federal law.

#LI-AB3

About WSP

WSP USA is the U.S. operating company of WSP, one of the world's leading engineering and professional services firms. Dedicated to serving local communities, we are engineers, planners, technical experts, strategic advisors and construction management professionals. WSP USA designs lasting solutions in the buildings, transportation, energy, water and environment markets. With more than 15,000 employees in over 300 offices across the U.S., we partner with our clients to help communities prosper.

WSP provides a flexible and agile workplace model while meeting client needs. Employees are also afforded a comprehensive suite of benefits including medical, dental, vision, disability, life, and retirement savings focused on providing health and financial stability throughout the employee’s career.

At WSP, we want to give our employees the challenges they seek to grow their careers and knowledge base. Your daily contributions to your team will be essential in meeting client objectives, goals and challenges. Are you ready to get started?

WSP USA (and all of its U.S. companies) is an Equal Opportunity Employer Race/Age/Color/Religion/Sex/Sexual Orientation/Gender Identity/National Origin/Disability or Protected Veteran Status.

The selected candidate must be authorized to work in the United States.

NOTICE TO THIRD PARTY AGENCIES:

WSP does not accept unsolicited resumes from recruiters, employment agencies, or other staffing services. Unsolicited resumes include any resume or hiring document sent to WSP in the absence of a signed Service Agreement where WSP has expressly requested recruitment/staffing services specific to the position at hand. Any unsolicited resumes, including those submitted to hiring managers or other business leaders, will become the property of WSP and WSP will have the right to hire that candidate without reservation – no fee or other compensation will be owed or paid to the recruiter, employment agency, or other staffing service.