Job Specifications
You join the Microsoft Cloud Architecture team and take the lead on identity, security, and collaboration architecture across a large, complex and highly regulated environment. Your focus spans modern identity, Zero Trust, secure collaboration, Microsoft 365 security, Teams (including Teams Phone), and automation.
You design, implement, and govern the core building blocks of a secure digital workplace — ensuring resilience, compliance, and operational excellence:
Identity & Access Architecture
Design and maintain the hybrid identity architecture: Active Directory + Microsoft Entra ID.
Implement Zero Trust principles: Conditional Access, MFA, risk-based policies, Identity Protection.
Manage RBAC, Privileged Identity Management (PIM), and identity governance.
Maintain and secure the tiering model across the on-prem AD environment.
Oversee PKI architecture (ADCS), hardening certificate templates, integrating HSM, and ensuring continuity and auditability.
Ensure high availability, monitoring, DR/BCP, and seamless integration with third-party systems (SSO, SCIM, OIDC, OAuth, SAML).
Security Architecture & Threat Protection
Deploy and operate Microsoft Defender XDR components:
Defender for Endpoint
Defender for Identity
Defender for Office 365
Defender for Cloud Apps
Collaborate with SOC teams to improve detections, alerts, and response playbooks.
Lead vulnerability management across Microsoft 365, Azure, and on-prem environments.
Microsoft Teams & Voice Architecture
Manage all Teams collaboration settings and governance.
Lead architecture and rollout of Teams Phone, including:
PSTN integration
Number provisioning
Direct Routing with SBCs
Auto Attendants, Call Queues
Migration from legacy telephony
Oversee deployment and lifecycle of Microsoft Teams Rooms (MTR) devices.
Troubleshoot voice quality issues and deliver custom usage/telemetry reporting.
Automation, Investigation & Advanced Operations
Develop automation using PowerShell, Microsoft Graph API, Logic Apps, Automation Accounts.
Implement scalable operational workflows and reporting pipelines.
Use KQL for threat hunting, telemetry analysis, and investigations across Sentinel and Defender.
What are we looking for?
Technical Expertise
Senior-level experience with hybrid AD + Entra ID architecture.
Deep knowledge of identity governance, RBAC, PIM, SSO, SCIM.
Strong PKI expertise (ADCS + HSM).
Extensive experience with Zero Trust and endpoint/email identity security.
Strong knowledge of the full Microsoft Defender suite.
Proven experience with Teams and Teams Phone architecture.
Strong scripting skills: PowerShell, Microsoft Graph.
Experience with KQL, Sentinel, or similar SIEM.
Comfortable designing high-availability, security, and DR patterns.
Certifications (strongly preferred)
SC-100: Cybersecurity Architect Expert
SC-300: Identity & Access Administrator Associate
MS-700: Teams Administrator Associate
MS-721: Collaboration Communications Systems Engineer Associate
Languages
Dutch: native
English & French: professional
Other Requirements
Valid NATO/BEL/EU Secret clearance.
What do we offer?
Location: Peutie (Vilvoorde) – Hybrid
Contract: Freelance or Permanent
Languages: Dutch (native), French & English (professional)
Duration: 01/05/2026 - 31/12/2026
Security Clearance: NATO / BEL / EU Secret (minimum required)
About the Company
Pauwels Consulting is a Belgian consultancy firm with more than 1500 experts in engineering, life sciences and IT. We staff, manage and execute projects for leading organizations in Belgium, France, The Netherlands and beyond.
Experts in Engineering, Life Sciences and IT
Our Engineering team helps organizations in the (petro)chemical, civil engineering, industrial production, energy and transport businesses with the design, supervision, support and execution of long-term projects. We are particularly active in the fields o...
Know more