Principal Consultant – Azure, IAM & Endpoint Solutions

About CrucialLogics Inc.

We secure your business using native Microsoft technologies you already own.

We apply our Consulting with a Conscience^TM approach in our security philosophy.

• Security should be simple, easy to manage and scalable
• Security does not require a large investment in various point solutions
• Security is easily achieved by properly configuring technologies you already are paying for
• Reduce your attack footprint by reducing overall infrastructure

You will never stop bad actors from targeting you. The goal in security is to put defences in place to detect the attempt before the breach.

Principal Consultant- Azure, IAM & Endpoint Solutions

Remote, Global locations welcome (North American business hours required)

Job Summary:

The Principal Consultant will lead the architecture, deployment, and optimization of Microsoft security and endpoint management solutions, with deep specialization inMicrosoftActive Directoryon-premise/Entra ID,Microsoft Defender XDR,Microsoft Intune,andAzure Infrastructure. This role blends advanced technicalexpertise, advisory leadership, and presales engagement to deliver secure, scalable, and modern security operations for enterprise clients.

Key Responsibilities:

Presales & Client Engagement

• Support presales through clientarchitectureworkshops, solution demonstrations, scoping sessions, and proposal development.

• Translate business requirements into modern security architectures that drive measurable outcomes.

• Overseethetechnicalquality of project delivery in collaboration with the Project Manager and actively supportSenior and Associate Consultantsthroughoutthe solutionBuildandimplementation.

Security Architecture & Solution Design

• Architect end-to-end security solutionsleveragingMicrosoftIAM,Azure,Microsoft Defender, andMicrosoftIntuneto meet enterprise security and compliance requirements.

• Lead complex security transformation projects from design through implementation, ensuringhigh qualityoutcomes and smooth operational readiness.

Microsoft IAM (Active Directory/Entra ID)

• Design identity-centric security controls across Entra ID, Conditional Access, MFA, and identity governance.

• Align endpoint compliance, risk detections, andreal-timesignals with Conditional Access policies.

Microsoft Defender XDR

• Implement and tune Microsoft Defender for Endpoint, Identity, Cloud Apps, and Office 365.

• Configure EDR, threat analytics, attack surface reduction, advanced hunting, and automated remediation.

• Provideexpert guidance on XDR strategy, identity protection, cloud app governance, andcross-domaincorrelation in Defender.

Microsoft Intune (Endpoint Security & Management)

• Deploy, configure, and manage Intune for MDM/MAM across Windows, macOS, iOS, and Android.

• Build compliance policies, device configuration profiles, app protection policies, and conditional access integrations.

• Lead modernization initiatives including Autopilot,zero touchprovisioning, andcloud baseddevice governance.

Azure Infrastructure

• Deploy and configure MicrosoftAzureinfrastruture, includingSentinel(SIEM, SOC)workspaces, data connectors, analytics rules, automation playbooks, and incident response workflows.

Identity, Access & Conditional Access

Leadership & Mentorship

• Mentor consultants and analysts across SOC, identity, and endpoint management domains.

• Provide training sessions to clients or internal teams on Sentinel, Defender, and Intune best practices.

• Collaborate closely with current Security Service managers to refine SOC processes, ensuring alignment with organizationalobjectivesand evolving threat landscapes.

• Facilitate the identification and implementation of process improvements to enhance detection, response, and reporting capabilities.

Operational Excellence

• Troubleshoot Sentinel ingestion issues, Defender signal quality gaps, and Intune device management challenges.

• Deliver clear design documentation, runbooks, and operational handover materials.

• Assistwith lab environments, testing, and lifecycle management of security configurations.

Required Qualifications:

• 10+ years of experiencein IT security, SOC operations, endpoint management, or cloud security architecture.

• Deephands-onexpertisewithMicrosoftIAM, Azure,Sentinel, Microsoft Defender XDR, and Microsoft Intune.

• Strongunderstandinginfrasturemanagement andendpoint security, and identity-driven security models.

• Provenability to architect and lead large-scale security implementations.

• Excellentpresales, communication, and client-facing skills.

Preferred Certifications

• AZ-500: Azure Security Engineer

• MD-102 / MD-101: Endpoint Administrator

• SC-200: Microsoft Security Operations Analyst

• SC-300: Identity and Access Administrator

• SC-400: Information Protection Administrator

Preferred Skills:

• Experience with MITRE ATT&CK mapping, threat modeling, and detection engineering.

• Familiarity with Microsoft Purview for compliance and DLP (nice-to-have).

• Experience supporting SOC teams and global enterprise security operations.

• Ability to lead multi-region rollouts and complex modernization projects.

• KQL programming

• ARM Templates

• Bicep

Work Conditions:

• This jobrequiresworkingNorth Americanbusiness hours withcustomers and colleagues.We’reaproject driven company, andweneed to followthe workinghours ofourCustomers(EST)

• Overtime may berequiredto meet project deadlines.

• Participation in client workshops, presentations, and training sessions is expected.

• Occasional travel may berequiredto meet clients or internal stakeholders.