Looking for an 'A-level' resource contract only because we just don't specialize in this stuff and we wouldn't be able to keep them busy. Probably 6-month initial work-but likely extend. Rate is really not issue at this point, need the BEST resource we can find. Again, A-level—must be able to know the stuff and talk the stuff---build vision with client leadership.
Key skills required:
· Strong understanding of Active Directory, Azure Active Directory, Azure Active Directory Domain Services (keep in mind that AD and Azure AD are NOT the same thing other than their name).
· Strong understanding of security principles such as zero trust, least privilege, just in time access (JIT), just enough access (JEA)
· MIM PAM and PIM. MIM PAM is going to be required to make these happen, and in Azure you'll need someone who understands PIM and licensing models.
· Understanding of conditional access policies, risk-based access, MFA
· Good understanding of core services such as DNS, Kerberos, LDAP, things of that nature
Two certifications to look for:
1. Azure Security Engineer Associate and
2. Azure Solutions Architect Expert.
Someone certified with Office 365 would also be of great benefit since the licensing between the two overlap, so their licensing costs may be less.