Key Responsibilities:
- Design, implement, and manage Microsoft Zero Trust solutions including Conditional Access, Defender for Identity, Microsoft Entra, and related technologies.
- Support and optimize ZTNA policies across hybrid and cloud environments.
- Collaborate with security architects and network engineers to enforce least privilege access and micro-segmentation.
- Monitor and respond to ZTNA-related incidents and alerts.
- Integrate ZTNA with SIEM/SOAR platforms for enhanced visibility and automation.
- Work with Cisco networking teams to align ZTNA policies with network segmentation and firewall rules.
- Conduct regular assessments of access controls and recommend improvements.
- Document architecture, configurations, and operational procedures.
- Perform regular ServiceNow updates and manage problem tickets effectively.
- Work cross-functionally with Endpoint, Network, and other technical teams to ensure seamless integration and issue resolution.
- Lead proactive case management with vendors to drive timely resolution and continuous improvement.
- Demonstrate leadership and attention to detail in all aspects of project execution and operational support.
Required Skills & Experience:
- Proven experience with Microsoft GSA and Zero Trust frameworks.
- Strong understanding of networking protocols (TCP/IP, DNS, DHCP, VPN, etc.).
- Experience with Microsoft Defender suite, Azure AD Conditional Access, and Microsoft Entra ID.
- Familiarity with Cisco networking technologies (e.g., ASA, Firepower, ISE, AnyConnect).
- Solid problem-solving and analytical skills.
- Background in enterprise security operations or network security.
- Experience with ServiceNow for ticketing and workflow management.
- Strong cross-team collaboration and communication skills.
Preferred Qualifications:
- Microsoft certifications (e.g., SC-100, SC-300, AZ-500).
- Cisco certifications (e.g., CCNA Security, CCNP Security) are a plus.
- Experience in large-scale enterprise or government environments.
- Knowledge of NIST, MITRE ATT&CK, or other security frameworks.