Senior Consultant/MS Office 365 Administrator | Forensics and Litigation Consulting
Who We Are
FTI Consulting is the leading global expert firm for organizations facing crisis and transformation. We work with many of the world’s top multinational corporations, law firms, banks and private equity firms on their most important issues to deliver impact that makes a difference. From resolving disputes, navigating crises, managing risk and optimizing performance, our teams respond rapidly to dynamic and complex situations.
At FTI Consulting, you’ll work side-by side with leaders who have shaped history, helping solve the biggest challenges making headlines today. From day one, you’ll be an integral part of a focused team where you can make a real impact. You’ll be surrounded by an open, collaborative culture that embraces diversity, recognition, professional development and, most importantly, you.
Are you ready to make your impact?
About The Role
We are involved in complex, global and high-profile litigation, arbitration and investigations combining end-to-end risk advisory, investigative and disputes expertise to deliver holistic solutions for our clients.
More specifically, we are looking for technical cybersecurity experts with experience in all or some of the following: intelligence collection, incident response, insider threat analysis, network operations, emerging cyber policy, security operations (malware analysis, specialized cloud expertise, forensic experts, penetration testing, and application testing). With offices worldwide, we are able to uncover and analyze critical information wherever a need exists—no matter how intricate the investigation may be.
What You’ll Do
You will support a diverse range of high-impact, technically complex engagements in which clients require rapid engineering recovery and long-term hardening of critical systems. You’ll be responsible for analyzing, re-designing, configuring, and rebuilding enterprise infrastructure and cloud environments in alignment with best practices and client-specific needs.
Your responsibilities will include:
Leading and supporting engagements focused on cybersecurity engineering, infrastructure hardening, and post-breach rebuilds.
Conducting hands-on remediation efforts following advanced persistent threats (APT), ransomware, and other intrusions, including:
Rebuilding Active Directory environments and domain controllers
Reconfiguring or migrating Microsoft 365 (Exchange Online, Entra ID / Azure AD, Intune, Defender, etc.)
Restoring, rebuilding, and re-securing virtualized infrastructure (e.g., VMware, Hyper-V)
Deploying, validating, and tuning EDR tooling across compromised environments
Evaluating and improving cybersecurity controls, governance models, technical standards, and operating procedures, both pre- and post-breach.
Designing secure enterprise network architectures, including segmentation, firewall policy development, secure remote access, and Zero Trust principles.
Documenting and addressing information security, cybersecurity architecture, and systems security engineering requirements throughout the system development lifecycle.
Working closely with clients, including system owners and IT stakeholders, to assess and rebuild systems in alignment with regulatory expectations, cybersecurity frameworks, and threat models.
Performing security reviews, identifying gaps in architecture or controls, and developing actionable remediation roadmaps.
Configuring and securing hybrid or cloud-native environments across Microsoft Azure, AWS, and GCP, including:
Logging, monitoring, and alerting (e.g., Sentinel, CloudTrail, Security Command Center)
Cloud IAM and conditional access policies
Secure storage, compute, and networking
Rebuilding server environments across Windows and Linux platforms with hardened baselines and operational continuity.
Assessing and remediating vulnerabilities in identity and access management systems, including SSO, MFA, and SCIM integrations.
Collaborating with incident response, legal, and compliance teams to align remediation with strategic business needs.
Leading or contributing to the development of new technical service offerings around security modernization and recovery.
Staying abreast of cybersecurity trends, emerging threats, advanced attack techniques, and evolving best practices in enterprise IT and cloud security.
This role is highly technical and hands-on, requiring deep expertise and demonstrated proficiency in the following domains:
Enterprise and Cloud Security Engineering
Microsoft 365 and Entra ID (formerly Azure AD) configuration, migration, and security policy enforcement
Multi-cloud environments (AWS, Azure, GCP) including workload protection, IAM, and secure networking
Virtual private cloud design, peering, routing, VPNs, and logging/monitoring infrastructure
SAML/OAuth2, SSO, and SCIM-based IAM integrations across platforms
Post-Breach Infrastructure Restoration
Domain controller rebuilds and forest recovery
Secure restoration of file shares, print services, and business-critical systems
EDR re-enablement and telemetry validation (e.g., SentinelOne, CrowdStrike, Microsoft Defender for Endpoint)
Virtualized infrastructure rebuild (e.g., VCenter redeployment, snapshot integrity validation, HA restoration)
Core Infrastructure & Network Engineering
Firewall rulebase analysis and reimplementation (e.g., Palo Alto, Fortinet, Cisco ASA)
Network segmentation and isolation strategies post-compromise
Active Directory and DNS/DHCP architecture hardening
Linux and Windows server re-baselining and secure configuration
How You’ll Grow
This is an excellent opportunity for a person with proven, hands-on cybersecurity experience to join a dynamic and growing cybersecurity team. You will have the opportunity to be involved with fascinating, high-paced and high-profile cybersecurity engagements requiring the best talent to provide value to our clients. Alongside this, you will receive coaching and mentoring within the team to develop your experience and confidence. With the ever-evolving cybersecurity landscape, the need for continuous professional development remains at the forefront of the quality of our team and is wholly supported. We will work with you to develop a career path within the FTI Cybersecurity team so you there is a clear progression path, coupled with the right level of support and guidance to achieve the next step in your career at FTI Consulting.
We are committed to investing and supporting you in your professional development and have developed a range of programs focused on fostering leadership, growth and development opportunities. We aim to promote continuous learning and individual skills development through on-the-job learning, self-guided professional development courses and certifications. You’ll be assigned a dedicated coach to mentor, guide and support you through regular coaching sessions and serve as an advocate for your professional growth.
As you progress through your career at FTI Consulting, we offer tailored programs for critical professional milestones to ensure you are prepared and empowered to take on your next role.
What You Will Need To Succeed
Basic Qualifications
Bachelor’s Degree in Computer Science, Information Security, or a related field.
5+ years of relevant post-graduate experience in cybersecurity engineering, infrastructure remediation, or network security architecture.
Demonstrated experience in post-breach infrastructure restoration, including domain re-establishment, firewall and segmentation redesign, and cloud reconfiguration.
Ability to travel to clients and FTI office(s) as needed.
Applicants must be currently authorized to work in the United States on a full-time basis; this position does not provide visa sponsorship
Preferred Qualifications
Strong technical expertise in:
Microsoft 365 and Entra ID / Azure AD administration and migration
For example: O365 Administrator: Expert Certification
Active Directory, DNS, DHCP, and GPO remediation
Multi-cloud environments (Azure, AWS, GCP)
Network design, firewall configuration (e.g., Palo Alto, Fortinet, Cisco ASA)
Endpoint Detection and Response (EDR) tools such as CrowdStrike, SentinelOne, and Microsoft Defender for Endpoint
Hypervisor administration and recovery (e.g., VMware ESXi, Hyper-V, Proxmox)
Windows and Linux server administration and hardening
Familiarity with identity and access management best practices, including least privilege, RBAC, and Zero Trust architecture.
Cloud and security certifications preferred (e.g., Azure Security Engineer, AWS Security Specialty, CISSP, GCWN, GCIA).
Experience working in or alongside incident response or legal support teams.
Excellent written and verbal communication skills with the ability to convey complex technical topics to non-technical stakeholders.
#LI-LL2
Total Wellbeing
Our goal is to support the wellbeing of you and your families—physically, emotionally, and financially. We offer comprehensive benefits such as the following:
Competitive total compensation, including bonus earning potential
Full package of benefits plans, including medical, dental, and vision coverage along with life and disability insurance
Generous paid time off and holidays
Company matched 401(k) retirement savings plan
Potential for flexible work arrangements
Generous paid parental leave with available planning tools, virtual expert coaching services and flex return support
Family care benefits, including back-up child/elder care
Employee wellness platform
Employee recognition programs
Paid time off for volunteering in your community
Corporate matching for charitable donations most important to you
Make an impact in our communities through company sponsored pro bono work
Professional development and certification programs
Free in-office snacks and drinks
Free smartphone and cellular plan (if applicable)
FTI Perks & Discounts at retailers and businesses
Upscale offices close to public transportation
About FTI Consulting
FTI Consulting, Inc. is the leading global expert firm for organizations facing crisis and transformation, with more than 8,100 employees located in 33 countries and territories. Our broad and diverse bench of award–winning experts advise their clients when they are facing their most significant opportunities and challenges. The Company generated $3.7 billion in revenues during fiscal year 2024. In certain jurisdictions, FTI Consulting’s services are provided through distinct legal entities that are separately capitalized and independently managed. FTI Consulting is publicly traded on the New York Stock Exchange. For more information, visit www.fticonsulting.com and connect with us on Instagram and LinkedIn.
FTI Consulting is an equal opportunity employer and does not discriminate on the basis of race, color, national origin, ancestry, citizenship status, protected veteran status, religion, physical or mental disability, marital status, sex, sexual orientation, gender identity or expression, age, or any other basis protected by law, ordinance, or regulation.
Compensation Disclosure: Actual compensation is determined based on a wide array of relevant factors including market considerations, business needs, and an individual’s location, skills, level of experience, and qualifications