Job Description: SCOPE OF THE PROJECT:
Seeking a highly motivated individual to work as serve as the subject matter expert and primary technical lead of the the primary technical lead and administrator of the Microsoft Purview environment. The person in this role will manage and administer the compliance (purview) portal in M3NA and collaborate with analysts architects managers and others across different departments including records management security collaboration and IT.
The ideal candidate will have the following skills to be successful in this position:
Three (3) or more years developing compliance solutions using Microsoft 3NA apps and services primarily Purview Information Protection. A deep understanding of the Microsoft 3NA (M365) Purview compliance architecture and administration and data compliance tools implementation.
Sound understanding of Microsoft Purview Data Loss Prevention Insider Risk Management Information Protection Data Lifecycle Management Audit Compliance Manager Data security Data Governance and Risk and Compliance.
Experience in defining and implementing retention policies and retention labels in Microsoft Purview and developing learning materials and procedures for the user and support audience.
The ability to design and build data classification strategies utilizing sensitive information types manual and automatic labelling across M3NA and other endpoints
The ability to manage the full life cycle of eDiscovery and content search requests
Experience with Data Governance in relation to Microsoft Purview.
Experience driving End User adoption leveraging Microsoft 3NA services.
The ability to design and build data classification strategies utilizing sensitive information types manual and automatic labelling across M3NA and other endpoints
An understanding of all components that comprise the Purview Secure Score and Purview Compliance Score
Troubleshooting an environment with multiple layers of applicable security policies across M365 Azure and other technologies
Proactively learning new ways to solve technical challenges and monitor M3NA roadmap changes
The ability to manage multiple tasks and competing priorities in a busy work environment.
Document procedures and processes for a secure infrastructure
Nice to have skills:
PowerShell scripting
Microsoft certifications
Mentoring and training junior team members
Under general supervision the contractor will serve as an engineer reporting directly to a functional manager. Contractor will be a team member that ensures the stability and integrity of data and server services through monitoring maintenance support and optimization of all server infrastructure. This individual has 24/7 oncall responsibilities shared with the group.
DAILY DUTIES / RESPONSIBILITIES:
NonTechnical
Effectively interact and communicate with peer to Directorlevel IT professionals.
Provide feedback to team regarding product issues enhancements and new features.
Must have initiative drive and be a selfstarter.
Ability to ask pertinent questions of others.
Proactively seek to identify communicate and implement process related improvements.
Effectively manage multiple tasks and activities concurrently and able to provide periodic status updates to key stakeholders
Collaborate extensively with peers and management to resolve client issues while actively contributing to a growing knowledge network that improves the effectiveness of our team and the information available to our stakeholders.
Prioritize numerous issues of varying severity and effectively manage the resolution of all issues within accepted service levels. This includes ownership of the data entered into the Helpdesk system and appropriately updating both stakeholder and appropriate employees of status of all issues on a timely basis.
Good customer skills be attentive to detail and responsive to customer tickets.
Comfortable working across teams with various stakeholders and internal customers to collaboration and drive the adoption of security tooling that support improvements to the organizational security posture.
Able to translate leadership objectives into technical requirements and communicate those crossfunctional teams.
Technical
Develop workaround solutions as appropriate.
Perform equipment and software upgrades
Maintain familiarity with current computer and network products
Adhere to corporate information security guidelines and promote information security among coworkers
Strong understanding of security protocols cryptography authentication authorization network fundamentals and cloud security.
Performs other duties and special projects as assigned.
Design implement and maintain the organizations MS Purview and M365. Provide an architectural framework for information system development maintenance and enhancement efforts.
Architect and implement GRC tools and process workflows.
Guide risk & compliance activities to include assessing systems against policies and standards
REQUIRED SKILLS (RANK IN ORDER OF IMPORTANCE):
Deep technical proficiency in cybersecurity governance frameworks compliances tools secure system architecture.
3 years of experience in Governance Risk and Compliance sector of Information Security / Cybersecurity
Ability to engage diverse audiences of varying technical and nontechnical skill levels to generate engagement with those stakeholders and ensure alignment between technical requirements and organizational objectives.
2 years experience with Microsoft Purview or comparable enterprise GRC tool.
Experience navigating complex business environments and build relationships with other teams to persuade stakeholders with effective value for technical adoption of security initiatives.
Practical experience with applying DIS200 NIST NA053 and ISO 27XXX
REQUIRED EDUCATION/CERTIFICATIONS:
A bachelors degree in information technology systems computer science or related field and four years of experience in information technology systems or related area.
PREFERRED SKILLS (RANK IN ORDER OF IMPORTANCE):
MS PURVIEW ADMINISTRATION
WORKING IN A DISA SECURE ENVIRONMENT
STRONG UNDERSTANDING OF DATA PROTECTION PRINCIPLES ENCRYPTION ACCESS CONTROL & RETENTION
MASTERING PRINCIPLES OF RISK ASSESSMENTS AND THREAT MODELING
CREATING POLICIES GOVERNANCE AND PROTECTION
M3NA SUITE EXPERIENCE
EFFECTIVE TIME MANAGEMENT SKILLS INCLUDING MULTITASKING
COMMUNICATION SKILLS
COMPLIANCE MANAGER SKILLS
PREFERRED EDUCATION/CERTIFICATIONS:
.
Multiple Industry Certifications in field.
Additional Sills: REQUIRED SKILLS (RANK IN ORDER OF IMPORTANCE): Deep technical proficiency in cybersecurity governance frameworks compliances tools secure system architecture. 3 years of experience in Governance Risk and Compliance sector of Information Security / Cybersecurity Ability to engage diverse audiences of varying technical and nontechnical skill levels to generate engagement with those stakeholders and ensure alignment between technical requirements and organizational objectives. 2 years experience with Microsoft Purview or comparable enterprise GRC tool. Experience navigating complex business environments and build relationships with other teams to persuade stakeholders with effective value for technical adoption of security initiatives. Practical experience with applying DIS200 NIST NA053 and ISO 27XXXPREFERRED SKILLS (RANK IN ORDER OF IMPORTANCE): MS PURVIEW ADMINISTRATION WORKING IN A DISA SECURE ENVIRONMENT STRONG UNDERSTANDING OF DATA PROTECTION PRINCIPLES ENCRYPTION ACCESS CONTROL & RETENTION MASTERING PRINCIPLES OF RISK ASSESSMENTS AND THREAT MODELING CREATING POLICIES GOVERNANCE AND PROTECTION M3NA SUITE EXPERIENCE EFFECTIVE TIME MANAGEMENT SKILLS INCLUDING MULTITASKING COMMUNICATION SKILLS COMPLIANCE MANAGER SKILLS
Skills: | Category | Name | Required | Importance | Level | Last Used | Experience | |
Administrative | Verbal Communication Skills | No | 1 | Advanced | Currently Using | 2 4 Years | |
Administrative | Written Communication Skills | No | 1 | Advanced | Currently Using | 2 4 Years | |
Miscellaneous | Time Management | No | 1 | Advanced | Currently Using | 2 4 Years | |
Network Security | Cybersecurity | No | 1 | Advanced | Currently Using | 2 4 Years | |
Network Security | IRS Safeguard Computer Security Evaluation Matrix (SCSEM) | No | 1 | Advanced | Currently Using | 2 4 Years | |
Network Security | risk/vulnerability assessments | No | 1 | Advanced | Currently Using | 2 4 Years | |
Packaged Applications | Microsoft | No | 1 | Advanced | Currently Using | 2 4 Years | |
Specialties | IRS Safeguard Review | No | 1 | Advanced | Currently Using | 2 4 Years | |
Specialties | NIST Security | No | 1 | Advanced | Currently Using | 2 4 Years | |