Job Specifications
You will work as a senior Microsoft 365 Identity, Security & Collaboration Architect in the Microsoft cloud team of Belgian Defence, located in Peutie (Vilvoorde).
As a highly skilled and experienced architect you will be responsible for the design, implementation, and management of secure collaboration solutions across our Microsoft ecosystem. This role is critical to ensuring our digital workplace remains secure, compliant, and optimized for productivity.
Key Responsibilities
Identity & Access Management (IAM):
Design and lifecycle management of an Active Directory (AD) and Microsoft Entra ID architecture. Define and implement hybrid identity, ensuring seamless integration between on premises AD and cloud-based Entra ID (formerly Azure Active Directory).
Establish and enforce enterprise-wide Zero Trust frameworks, including Conditional Access, MFA, and Identity Protection policies. Design and manage role-based access control (RBAC), Privileged Identity Management (PIM), and identity governance models.
Tiering model: implement and maintain the tiering model in an on premises AD environment.
Manage a PKI environment based on ADCS (Active Directory Certificate Services). Audit the certificate templates and secure/integrate the PKI environment with a hardware security module (HSM).
Establish high-availability, disaster recovery, and monitoring strategies for AD and Entra ID.
Integrate identity solutions with third-party applications and services (including SSO, SCIM provisioning) making use of modern authentication protocols (SAML / OIDC / OAUTH).
Security Operations & Threat Protection:
Deploy, configure, and manage Microsoft Defender XDR (including Defender for Office 365 / for Endpoint / for Identity / for Cloud Apps) to monitor and respond to threats across endpoints, identities, email, and cloud apps.
Collaborate with the SOC team to enhance detection rules and incident response workflows.
Perform vulnerability management by identifying, assessing, and remediating security risks across Microsoft 365, Azure and on prem environments.
Microsoft Teams Administration:
As an MS Teams Administrator: manage settings, policies, and configurations via the Teams Admin Center and PowerShell. Oversee lifecycle management of Teams and associated resources.
As an MS Teams Phone Administrator: setup and configuration, including number provisioning and PSTN integration. Lead migration from legacy telephony systems to Microsoft Teams Phone. Implement and manage Direct Routing configurations with SBCs and carrier services. Design and maintain Auto Attendant and Call Queue workflows to optimize call handling and user experience. Troubleshoot call quality issues and ensure high availability of voice services. Custom reporting on the Teams phone usage.
Manage Microsoft Teams Meeting (MTR) Room Devices: including setup, configuration, firmware updates, and troubleshooting to ensure seamless hybrid meeting experiences.
Automation, investigation & scripting:
Develop and maintain automation scripts using PowerShell and Microsoft Graph API to streamline operations and reporting.
Build and manage workflows using Logic Apps and Azure Automation Accounts to support scalable and repeatable processes.
Apply Kusto Query Language (KQL) for advanced investigations, threat hunting, and telemetry analysis across Microsoft Defender and Sentinel environments.
You have a valid NATO or BEL or EU security clearance (min. SECRET).
About the Company
ITBuilders connects independent working IT professionals to companies for temporary projects of medium to long term.
ITBuilders is not a recruiter for permanent assignments. We only draw up a contract after the best freelancer, the right company and the correct fee have been matched.
As a freelancer you are part of the ITBuilders family. We guide and follow you through the entire process.
ITBuilders koppelt zelfstandig werkende IT professionals aan bedrijven voor tijdelijke projecten van middellange tot lange termijn.
ITBu...
Know more