[Hiring] Principal Consultant – Azure, IAM & Endpoint Solutions @CrucialLogics

Role Description

The Principal Consultant will lead the architecture, deployment, and optimization of Microsoft security and endpoint management solutions, with deep specialization in:

• Microsoft Active Directory
• On-premise/Entra ID
• Microsoft Defender XDR
• Microsoft Intune
• Azure Infrastructure

This role blends advanced technical expertise, advisory leadership, and presales engagement to deliver secure, scalable, and modern security operations for enterprise clients.

Key Responsibilities

• Presales & Client Engagement:
  • Support presales through client architecture workshops, solution demonstrations, scoping sessions, and proposal development.
  • Translate business requirements into modern security architectures that drive measurable outcomes.
  • Oversee the technical quality of project delivery in collaboration with the Project Manager and actively support Senior and Associate Consultants throughout the solution build and implementation.
• Security Architecture & Solution Design:
  • Architect end-to-end security solutions leveraging Microsoft IAM, Azure, Microsoft Defender, and Microsoft Intune to meet enterprise security and compliance requirements.
  • Lead complex security transformation projects from design through implementation, ensuring high quality outcomes and smooth operational readiness.
• Microsoft IAM (Active Directory/Entra ID):
  • Design identity-centric security controls across Entra ID, Conditional Access, MFA, and identity governance.
  • Align endpoint compliance, risk detections, and real-time signals with Conditional Access policies.
• Microsoft Defender XDR:
  • Implement and tune Microsoft Defender for Endpoint, Identity, Cloud Apps, and Office 365.
  • Configure EDR, threat analytics, attack surface reduction, advanced hunting, and automated remediation.
  • Provide expert guidance on XDR strategy, identity protection, cloud app governance, and cross-domain correlation in Defender.
• Microsoft Intune (Endpoint Security & Management):
  • Deploy, configure, and manage Intune for MDM/MAM across Windows, macOS, iOS, and Android.
  • Build compliance policies, device configuration profiles, app protection policies, and conditional access integrations.
  • Lead modernization initiatives including Autopilot, zero touch provisioning, and cloud-based device governance.
• Azure Infrastructure:
  • Deploy and configure Microsoft Azure infrastructure, including Sentinel (SIEM, SOC) workspaces, data connectors, analytics rules, automation playbooks, and incident response workflows.
• Identity, Access & Conditional Access Leadership & Mentorship:
  • Mentor consultants and analysts across SOC, identity, and endpoint management domains.
  • Provide training sessions to clients or internal teams on Sentinel, Defender, and Intune best practices.
  • Collaborate closely with current Security Service managers to refine SOC processes, ensuring alignment with organizational objectives and evolving threat landscapes.
  • Facilitate the identification and implementation of process improvements to enhance detection, response, and reporting capabilities.
• Operational Excellence:
  • Troubleshoot Sentinel ingestion issues, Defender signal quality gaps, and Intune device management challenges.
  • Deliver clear design documentation, runbooks, and operational handover materials.
  • Assist with lab environments, testing, and lifecycle management of security configurations.

Qualifications

• 10+ years of experience in IT security, SOC operations, endpoint management, or cloud security architecture.
• Deep hands-on expertise with Microsoft IAM, Azure, Sentinel, Microsoft Defender XDR, and Microsoft Intune.
• Strong understanding of infrastructure management and endpoint security, and identity-driven security models.
• Proven ability to architect and lead large-scale security implementations.
• Excellent presales, communication, and client-facing skills.

Preferred Certifications

• AZ-500: Azure Security Engineer
• MD-102 / MD-101: Endpoint Administrator
• SC-200: Microsoft Security Operations Analyst
• SC-300: Identity and Access Administrator
• SC-400: Information Protection Administrator

Preferred Skills

• Experience with MITRE ATT&CK mapping, threat modeling, and detection engineering.
• Familiarity with Microsoft Purview for compliance and DLP (nice-to-have).
• Experience supporting SOC teams and global enterprise security operations.
• Ability to lead multi-region rollouts and complex modernization projects.
• KQL programming
• ARM Templates
• Bicep

Work Conditions

• This job requires working North American business hours with customers and colleagues.
• We’re a project-driven company, and we need to follow the working hours of our Customers (EST).
• Overtime may be required to meet project deadlines.
• Participation in client workshops, presentations, and training sessions is expected.
• Occasional travel may be required to meet clients or internal stakeholders.