Job Title
Security Specialist - Intermediate
Description
Role Summary
Public Health Ontario is seeking a temporary external security resource for an initial two‑month engagement to provide focused support for an upcoming Microsoft‑led security assessment and related follow‑up activities. This role is intended as a focused, short‑term security support role with a scope centered on improving Microsoft security posture, developing implementation plans, and strengthening access control and RBAC best practices.
The key objective of this role is to work closely with PHO IT and Microsoft to support the Microsoft 365 / Defender security assessment initiative, review findings, and assist with planning and executing prioritized remediation activities.
Job Descriptions
The external resource will support the organization across the following areas:
Microsoft Security Assessment Engagement
· Act as the primary technical liaison to support the Microsoft security assessment initiative, including preparation, coordination, and follow‑up activities.
· Participate in assessment sessions and workshops with Microsoft and internal stakeholders.
· Review assessment findings, recommendations, and deliverables provided by Microsoft.
· Support internal teams in understanding the security gaps, risks, and recommended improvements identified through the assessment.
Microsoft Defender Security Posture Review
· Review the organization’s current Microsoft Defender security score and control posture across relevant workloads.
· Identify priority improvement areas based on Microsoft recommendations and organizational risk context.
· Develop a practical and phased implementation plan to address identified Defender security score gaps.
· Track recommended action items and support execution in collaboration with internal teams.
RBAC and Access Control Best Practices
· Review current role‑based access control (RBAC) configurations across Microsoft 365, Entra ID, and relevant Azure services.
· Assess alignment with Microsoft best practices and least‑privilege principles.
· Identify gaps, over‑privileged roles, or inconsistent access patterns.
· Propose and support implementation of improved RBAC models, role assignments, and governance controls.
Intune Security Management
· Responsibility for assessing, designing, and improving Microsoft Intune security configuration to strengthen endpoint posture across PHO-managed devices
· Implementation and tuning of endpoint security policies, including device compliance policies, configuration profiles, endpoint protection settings, and attack surface reduction controls
· Evaluation and hardening of device enrollment, conditional access integration, and administrative access related to Intune
· Identification of security gaps and risks within existing Intune configurations and development of prioritized remediation and implementation plans
Knowledge, Skills and Experience
· Degree or diploma in Information Security, Computer Science, Information Systems, Engineering, or a related field, or equivalent practical experience.
· Cybersecurity certifications with a focus on Microsoft Azure and Microsoft 365 security are preferred
· Minimum 5 years' experience in roles with Cyber Security and Information Security job responsibilities
· Demonstrated hands‑on experience with Microsoft Defender and Intune and security posture management
· Strong working knowledge of Microsoft Entra ID, Azure RBAC, and role‑based access control design following least‑privilege principles.
· Experience supporting or responding to security assessments, audits, or security posture reviews, including tracking and addressing recommended action items.
· Ability to work closely with internal IT and security teams to implement security best practices in a controlled enterprise environment.
· Strong written and verbal communication skills, with the ability to clearly document findings, recommendations, and implementation approaches.
