Security Specialist Microsoft products
Oil & Gas
- Excellent understanding of Microsoft Azure products (e.g. AAD and O365)
- Expert-level knowledge of security principles and technologies
- Experience designing and implementing security solutions covering AAD and O365 for large global organization
- Familiar with market best practices and implementation of RBAC and zero trust methodologies
- In depth knowledge of the services provided by the Microsoft Azure platform as well as an appreciation for the associated architecture and security challenges
- Experience in service management to detect contract value leakage to maximize contract value
- Proven experience in leading reviews or audits and ability to distill findings into recommendations
- Knowledge of continuous improvements frameworks, which focus on improvements of existing systems, rather than (re-)inventing completely new systems
- Must be able to work across architecture, IRM (i.e. Shell security second Line of IT Defense), delivery and operations security challenges, gaps, options to lead the development of earlier described responsibilities
- Proven delivery focus and hands on mentality: being able to incorporate security requirements into agile driven solutions: strong, proven problem-solving skills and the ability to identify, analyze, and resolve problems, driving solutions through to completion
- Analytical mindset combined with presentational skills
- Excellent writing skills, e.g. to document the resulting processes, procedures, security baseline/architecture guidelines, etc.
- Proven stakeholder management skills, to clarify issues and gaps, present and socialize options, and gain agreement and decisions on suggested outcomes.
- Aligned with the general market, our client is on a journey to further embark cloud services, based on market unless strategy.
- Microsoft products, such as AAD and m365, are a vital core element to provide the Shell business its required IT services and productivity tools.
- Reliability, security and affordability are key objectives to be met during this journey. We therefore need to (1) ensure security is adequately embedded to protect our data and IT solutions and (2) fully harvest our investments.
- Define and document processes, procedures, configurations, and controls and capabilities to evidence operations, around
- Administrative access to AAD o Privileged access management, including emergency access to applications and services covered by AAD
- Group and SPN management
- Certificate and secret management
- Federation with other Identity and Access Management (IAM) solutions Processes should cover activities as normal and emergency access request review, approval and provisioning, regular attestation, and normal and emergency revocation.
- Based on well-prepared virtual workshops, perform end to end assessment of our Microsoft product and services portfolio and its security posture to (1) simplify our Microsoft ecosystem and (2) maximize the use of our existing contract with Microsoft
- Provide recommendations to improve our tenant level design, and suggested approach to implement and operate these changes. This should cover people (to improve governance and drive resource optimization), process (e.g. value stream mapping to reduce business demand fulfillment time) and technology.
- Socialize and present above to the steering team for approval
Please send us your recent CV + a cover letter for this role (both in English) together with your availability/planned vacations and all-in hourly rate VAT (BTW) excluded.