M365 Security Consultant

M365 Security Consultant (Outside IR35)

Day Rate: £550 p/d Contract Length: 3–6 months (initial 3-month engagement with possible extension)Location: Remote – MUST be based in the UK Engagement: Outside IR35 Start: ASAP

We are seeking a highly capable, delivery-focused M365 Security Consultant to execute a series of time-boxed security improvement phases across device management, identity, access, and multiple site security.

This role is not advisory or architectural only—the contractor must deliver hands-on implementation of security controls aligned to:

  • CIS Critical Security Controls v8 – IG2
  • CIS Benchmarks
  • NIST Cybersecurity Framework – Tier 3 (Repeatable)

Key Responsibilities

Mobile Device Management (MDM)

  • Design MDM setup for corporate and BYOD devices.
  • Define required MDM/MAM/Conditional Access configuration aligned to CIS IG2.
  • Implement and enforce:
    • Corporate and BYOD MDM policies
    • Separate compliance & Conditional Access policies
    • MAM controls and approved application enforcement
  • Deploy applications via Company Portal.
  • Document configuration, exceptions, and operational guidance.
  • Ensure security and compliance visibility/reporting is operational.

Identity, SSO & MFA

  • Assess current identity and authentication controls.
  • Define scope and implementation plan for SSO and MFA.
  • Implement SSO/MFA policies and Conditional Access configurations.
  • Enforce authentication policies with evidence of operation.
  • Deliver operational documentation and testing evidence.

Device Hardening &  “Bricks & Morter” Security

  • Define device hardening baselines aligned to CIS Benchmarks.
  • Implement and enforce the hardening baseline using technical controls.
  • Conduct multiple site location security and architecture review.
  • Deliver and implement actionable security remediation.
  • Evidence compliance and enforcement.

Required Experience

Technical Expertise

  • Proven hands-on experience implementing Intune/Endpoint Manager for Corporate + BYOD environments.
  • Strong capability implementing MAM, Conditional Access, App Protection Policies, and Zero Trust aligned controls.
  • Solid experience with Azure AD / Entra ID, MFA, SSO, and identity governance.
  • Practical delivery of security hardening aligned to CIS Benchmarks.
  • Experience working with retail or distributed site/store environments (desirable).

Security Framework Knowledge

  • Deep understanding of:
    • CIS Controls v8 (IG2)
    • CIS Benchmarks
    • NIST CSF (Tier 3 maturity)

Delivery Profile

  • Must be a hands-on implementer (not advisory or consultancy only).
  • Able to work in fast-paced, time-boxed delivery cycles.
  • Comfortable with weekly milestone reporting and governance.
  • Capable of documenting exceptions, justifications, and compensating controls.

Key Deliverables

  • MDM current-state assessment and CIS-aligned configuration design.
  • Implemented MDM, MAM, and Conditional Access policies in production.
  • Fully implemented and enforced MFA and SSO.
  • Auth, device, and application compliance reporting.
  • Enforced CIS-aligned device hardening baseline.
  • Implemented store security improvements.
  • Complete technical documentation, evidence of implementation, and handover materials.
  • Documented control exceptions with technical justification.
Apply Now
Apply Now

Job Details

Company
Amtis professional Ltd
Location
West Midlands, England, United Kingdom
Employment Type
Contractor
Salary
£550 - £575 per day
Posted