Role: Office 365
Location: Austin, TX
Visa Status: USC, GC
REPORTING INSTRUCTIONS
Please ensure your candidate is aware and agrees Remote work may be permitted while COVID-19 safety restrictions set by local, state, or federal government are in place and until such time that the client provides a safe and compliant work environment. The client may require you to resume work onsite with notice. Visits to the work premises may also be necessary to coordinate start-up and work procedures.
POSITION REQUIREMENTS:
Enhance O365 security implementing Azure AD and security features available with O365 G5 licensing.
Microsoft O365 G5 Security Requirements
Access and Identity Management:
- Azure AD and AAD Connect this includes a full setup of all hardware and software required for the migration of TDI's existing ADFS environment to a functional Azure AD environment in the Microsoft Azure Cloud. Additionally, hardware specifications, including number of servers, hardware configuration and firewall ports required to be opened is to be provided to TDI.
- MFA & SSO Authentication - this is in addition to the MFA already implemented in TDI's environment.
- Conditional Access
- Privileged Access Management (PAM) & Just-in-Time (JIT)
- 3rd Party Applications & Connections
- RBAC & User Lifecycle
- B2B & B2C
- Access Reviews
- Identity Protection
In addition, the following data protection needs to be setup, configured, and fully implemented.
Data Protection:
- Data Protection Policy & Controls
- Data Loss Prevention (DLP)
- Data Discovery
- Granular Data Access Management
- Data Classification
- Cloud Application Security Broker (CASB)
- Email Security
- o Microsoft Threat Protection
- o Azure Advanced Threat Protection
- o Cloud App Security
The implementation includes:
- Contracted staff must develop a migration plan, setup, configure and fully implement the items above for TDI in its entirety. Plan must include:
- an implementation priority order and timeline.
- Any dependencies which exist in our environment.
- Any currently implemented products that will need to be updated.
- Any new products we will need to implement.
Current Environment:
- We implemented Office 365 Advanced Threat Protection including:
- Active Directory Identity Protection
- User Risk Detection
- Using conditional access for MFA for AD, Citrix, and VPN
- Security Compliance Threat Management Policies:
- Anti-phishing
- Anti-spam
- Anti-malware
- SafeLink's
- Safe attachments
Contracted staff working on this project must be a SME for each product implemented.
Contracted staff must provide TDI with administrator training on each product implemented when handing off the finished product to TDI. This includes the contractor creating any necessary training documentation.