Microsoft 365 Security Administrator / Iam Specialist

Microsoft 365 Security Administrator / IAM SpecialistWe are seeking a skilled Microsoft 365 Security Administrator or IAM Specialist to lead a security enhancement project within the CMS network.
The role focuses on designing and implementing conditional access policies, identity governance, and security best practices across Microsoft 365, ensuring only authorized and compliant access to corporate systems.
Key Responsibilities:1.
Identity & Access ManagementPerform a comprehensive cleanup of existing users:
Identify and disable/delete inactive or former users based on a predefined list.Ensure only current employees have active access.Design and configure security groups to manage tiered access:Admins (with tailored conditional access policies)Standard UsersHigh-Risk Users (with additional security policies)Location-specific usersImplement location-specific access control policies:Full app and web access for users in Ireland and IndiaWeb-only access for other regions (with an exception group)Block access from China and RussiaDefine trusted locations based on IP ranges2.
Conditional Access ConfigurationEnforce conditional access rules for desktop apps to allow usage only from compliant (managed) devicesCreate exception groups for legitimate non-compliant access as neededBlock offline access to OneDrive and SharePoint to prevent data leakageEnforce MFA for all users across the organizationEnsure all sign-ins meet security compliance policies3.
Emergency Access & Admin RolesCreate and configure break-glass accounts for emergency access scenariosReview and optimize admin role assignments to follow least-privilege principles4.
Microsoft Purview (Compliance & DLP)Ensure Microsoft Purview is configured correctly:
Information protectionAudit and compliance configurationsRequired Skills and Experience:Proven experience with Microsoft 365 Security & Compliance toolsStrong understanding of Azure Active Directory, conditional access policies, and identity governanceHands-on experience with:Microsoft Defender, Purview, OneDrive, and SharePointCreating and managing security groups and rolesIP-based access policies and location-based controlsFamiliarity with Zero Trust security models and best practicesExperience working with sensitive data environments or regulated industries is a plusRequirementsCertifications (Preferred):Microsoft Certified: Identity and Access Administrator AssociateMicrosoft Certified: Security Administrator AssociateCompTIA Security+ or equivalent security-focused certificationsSoft Skills:Strong communication and documentation skillsAbility to collaborate across security, IT, and compliance teamsStructured approach to problem solving and policy implementation
#J-18808-Ljbffr