M365 Security Expert

LGI Solutions Santé View all jobs

Montreal, QC
Permanent
Full-time

5 days ago

Company DescriptionWith 40 years of expertise, LGI Healthcare Solutions develops technological software for the healthcare network. We specialize in providing solutions for clinical, financial and material management, performance and analysis, and workforce management, which includes payroll management. Innovation is at the heart of our activities and we partner with our customers to solve crucial issues and ensure the well-being of patients and all members of the health sector. Today, our solutions support 320,000 healthcare professionals and over 6 million patients.At LGI Healthcare Solutions, we value diversity and equal access to employment for all. Should you require specific assistance during the recruitment and integration process, don't hesitate to let us know. It will be our pleasure to accommodate you while respecting the confidentiality of your personal information.Job DescriptionThe Microsoft 365 Security Expert (E5) is part of the Information Security team and reports to the CISO. The role is responsible for defining, implementing, operationalizing, and continuously improving the security posture of the Microsoft 365 environment (E5 licensing).The position acts as a domain expert for M365 security and as a technical reference point for IT teams, operational security, and governance teams. The role combines security architecture, advanced configuration, operations, and continuous improvement.Primary MissionEnsure the protection of identities, endpoints, data, and collaborative M365 environments by applying Zero Trust principles and Microsoft best practices.ResponsibilitiesIdentity and Access Security (Entra ID)

Design and maintain advanced Conditional Access policies (MFA, risk-based access, compliant devices, session controls).
Configure and operate Microsoft Entra ID Identity Protection (user and sign-in risk detection).
Manage M365 RBAC roles and enforce the principle of least privilege.
Implement and maintain Privileged Identity Management (PIM) strategies.
Monitor and continuously improve the identity-related security posture.

Microsoft Defender XDR (E5)

Act upstream of SOC analysis of M365-related security incidents by deploying, configuring, and operating:

Microsoft Defender for Endpoint
Defender for Office 365
Defender for Identity
Defender for Cloud Apps
Ensure signal integration and effective use of the Defender XDR ecosystem.
Collaborate with the SOC to optimize detection and response capabilities.

Microsoft Intune and Endpoint Security

Define and maintain device management strategies using Microsoft Intune, including:

Compliance policies
Security configurations
Update management
Application control
Integrate Intune with Conditional Access features to control access to M365 resources.
Standardize secure configurations for Windows workstations and mobile devices.
Contribute to the strategy for managing corporate devices and BYOD.

SharePoint Online and Teams Security & Governance

Define and enforce security standards for:

SharePoint Online
Microsoft Teams
OneDrive
Control external access and guest management.
Govern permissions, external sharing, and the lifecycle of sites and teams.
Reduce risks related to data sprawl and shadow IT.
Implement controls aligned with collaborative use cases.

Governance, Security Posture, and Continuous Improvement

Continuously analyze and improve the Secure Score and overall security posture.
Translate CISO requirements into concrete technical M365 security controls.
Document configuration and operational standards.
Participate in the development of security policies related to M365 usage.
Contribute to user awareness initiatives focused on collaboration and data-related risks.

Note: Microsoft Purview governance is primarily handled by another Infosec team function related to DLP. However, experience with Purview is considered an asset and may be leveraged as needed.QualificationsRequirements

3 to 7 years of experience in advanced administration and/or security of Microsoft 365.
Strong expertise in the security components of the Microsoft 365 E5 license.
Significant hands-on experience with Microsoft Intune.
Solid understanding of Zero Trust principles.
Proven ability to secure a production M365 environment.
Ability to operate within a governed structure reporting to a CISO.
Structured, risk-based approach with a strong focus on continuous improvement.

Assets (Nice to Have)

Relevant certifications (MS-102, SC-300, SC-400, AZ-500, or equivalent).
Experience in regulated environments or environments with high security requirements.
Knowledge of security challenges related to collaboration, data, and AI within Microsoft 365.

Additional InformationHere are the many benefits to ensure your personal and professional well-being as well as financial health:

Remote, in-office, or hybrid work, with the option of flexible hours to promote balance and performance
Group insurance plan and group RRSP with employer participation in effect from day one
Minimum of 3 weeks vacation + 5 days personal leave per year
Access to a telemedicine service and a complete assistance program for all employees and their family
Access to a leading e-learning platform and hours allocated for training and professional development
More than 40 years of expertise in the health IT field opens the door to many career opportunities
Projects integrating Agile methodology
Employee discount program
An organizational culture rooted in the values of courage, determination, excellence, and collaboration around which we come together to develop technology solutions for the healthcare field.

If you are interested in this position, we would be very happy to tell you more about the role, the team, and life at LGI Healthcare Solutions.

LGI Solutions Santé

Apply Now