Senior Cybersecurity Consultant – Microsoft Federal

Preferred Cybersecurity Consulting & Microsoft Security Platform Expertise

The ideal candidate will possess strong hands‑on technical expertise across the Microsoft Security portfolio and demonstrated experience contributing to the design, implementation, and operationalization of cybersecurity solutions within classified or mission‑sensitive federal environments. This role emphasizes solution delivery, technical depth, and collaborative architecture support, with opportunities to grow as a trusted advisor to customer security teams.

Microsoft is on a mission to empower every person and every organization on the planet to achieve more. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. Growth mindset encourages each of us to lean in and learn what matters most to our customers, to create the foundational knowledge that enables us to make customer-first decisions in everything we do. In doing so, we create life-changing innovations that impact billions of lives around the world. You can help us achieve our mission.

The Senior Consultant supports security architects and customer leadership by applying Microsoft security capabilities—particularly those aligned to Zero Trust principles—to meet mission, compliance, and operational requirements. Candidates should be comfortable working across identity, endpoint, cloud, data, and security operations domains while executing defined architectural patterns and best practices.

Preferred Focus: Zero Trust
Experience or demonstrated knowledge of Zero Trust Architecture (ZTA) concepts—including identity‑centric security, device trust, least privilege access, continuous verification, and data protection—is strongly preferred. Familiarity applying Zero Trust principles using Microsoft technologies within federal or regulated environments is highly valued.

Desired experience includes hands‑on delivery or solution design in one or more of the following Microsoft security areas:

Identity & Access Security

Microsoft Entra ID (Azure AD), Conditional Access, Privileged Identity Management (PIM), Identity Governance, hybrid identity (Entra Connect), certificate‑based authentication (CBA), and integration with enterprise PKI or federal ICAM patterns. Experience implementing identity controls that support Zero Trust access decisions is preferred.

Endpoint & Device Security

Microsoft Intune, Microsoft Defender for Endpoint (MDE), endpoint detection and response (EDR), attack surface reduction (ASR), MDM/MAM, and secure device posture enforcement aligned with Zero Trust device trust models.

Threat Protection & SOC Enablement

Microsoft Defender XDR and Microsoft Sentinel (SIEM/SOAR), including log ingestion, KQL‑based detection, basic threat hunting, incident response workflows, and security automation/playbooks. Experience supporting SOC operations and integrating Microsoft tooling with existing enterprise processes is desirable.

Cloud Security & Workload Protection

Microsoft Defender for Cloud, Defender for Cloud Apps (CASB), Azure workload protection, and security monitoring for IaaS/PaaS resources. Familiarity with container security, infrastructure‑as‑code (IaC) security, or DevSecOps integrations is a plus.

Information Protection & Data Security

Microsoft Purview Information Protection, Data Loss Prevention (DLP), Insider Risk Management, and compliance capabilities supporting sensitive or regulated data environments.

Security Posture & Compliance Support

Secure Score, vulnerability and exposure management, and continuous monitoring activities aligned to NIST RMF, DoD STIGs, or similar federal cybersecurity frameworks.

Compliance & Federal Experience

Candidates should have experience supporting (not necessarily owning) alignment of Microsoft security solutions to federal security and risk requirements such as NIST 800‑53, RMF, Zero Trust Architecture (ZTA), Executive Order 14028, or agency‑specific ATO processes. Experience contributing to control implementation, security documentation, or assessment activities supporting Authorization to Operate (ATO) efforts is strongly preferred.

Successful candidates will demonstrate the ability to:

Execute customer‑facing technical engagements by translating mission, security, or compliance requirements into well‑defined Microsoft security solutions

Deliver and configure multi‑domain security technologies across identity, endpoint, cloud, data, and security operations under established architectures

Participate in architecture reviews, design discussions, and threat modeling sessions, providing practical, implementation‑focused input

Integrate Microsoft security services into hybrid or multi‑cloud mission environments following approved patterns

Mentor junior consultants through knowledge sharing, implementation guidance, and peer reviews

Contribute to reusable delivery assets, documentation, and reference implementations within the Microsoft Security consulting practice

Certifications

Relevant Microsoft certifications such as SC‑200, SC‑300, AZ‑500, and progress toward SC‑100 are desirable. Equivalent industry certifications (e.g., CISSP, CCSP, GIAC) arealso valued.

Technology Consulting IC4 - The typical base pay range for this role across the U.S. is USD $100,000 - $193,800 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $126,100 - $204,000 per year.

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here:
https://careers.microsoft.com/us/en/us-corporate-pay

This position will be open for a minimum of 5 days, with applications accepted on an ongoing basis until the position is filled.

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance with religious accommodations and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.