Microsoft O365 G5 Security

  • TX-71, Austin, TX, USA
  • Contract

Job Description


Enhance O365 security implementing Azure AD and security features available with O365 G5 licensing.

Microsoft O365 G5 Security Requirements

Access and Identity Management:

  • Azure AD and AAD Connect – this includes a full setup of all hardware and software required for the migration of TDI’s existing ADFS environment to a functional Azure AD environment in the Microsoft Azure Cloud. Additionally, hardware specifications, including number of servers, hardware configuration and firewall ports required to be opened is to be provided to TDI.
  • MFA & SSO Authentication - this is in addition to the MFA already implemented in TDI’s environment.
  • Conditional Access
  • Privileged Access Management (PAM) & Just-in-Time (JIT)
  • 3rd Party Applications & Connections
  • RBAC & User Lifecycle
  • B2B & B2C
  • Access Reviews
  • Identity Protection

In addition, the following data protection needs to be setup, configured, and fully implemented.

Data Protection:

  • Data Protection Policy & Controls
  • Data Loss Prevention (DLP)
  • Data Discovery
  • Granular Data Access Management
  • Data Classification
  • Cloud Application Security Broker (CASB)
  • Email Security
  • o Microsoft Threat Protection
  • o Azure Advanced Threat Protection
  • o Cloud App Security

The implementation includes:

  • Contracted staff must develop a migration plan, setup, configure and fully implement the items above for TDI in its entirety. Plan must include:
  • an implementation priority order and timeline.
  • Any dependencies which exist in our environment.
  • Any currently implemented products that will need to be updated.
  • Any new products we will need to implement.

Current Environment:

  • We implemented Office 365 Advanced Threat Protection including:
  • Active Directory Identity Protection
  • User Risk Detection
  • Using conditional access for MFA for AD, Citrix, and VPN
  • Security Compliance Threat Management Policies:
    • Anti-phishing
    • Anti-spam
    • Anti-malware
    • Safelinks
    • Safe attachments

Contracted staff working on this project must be a SME for each product implemented.
Contracted staff must provide TDI with administrator training on each product implemented when handing off the finished product to TDI. This includes the contractor creating any necessary training documentation

Additional Information

All your information will be kept confidential according to EEO guidelines.