IT Information Protection Analyst (Hybrid)
About the role
The Information Protection Analyst serves as the technical subject matter resource for the IT Data Governance and Information Management Program. This role translates governance and business requirements into enforceable technical configurations, policies, labels, rules, and monitoring practices to strengthen the protection of unstructured data across the environment.
Responsibilities
- Configure, implement, and maintain Microsoft Purview controls to support data governance, records management, and information protection objectives.
- Partner with business analysts, program leadership, cybersecurity, records, compliance, and infrastructure teams to translate governance requirements into technical policies and control designs.
- Establish and administer labels, rules, policy configurations, monitoring approaches, and exception handling processes related to sensitivity, retention, access, sharing, download/copy restrictions, and information protection.
- Provide technical support and subject matter expertise for SharePoint, Microsoft 365 collaboration environments, and related repositories as they relate to unstructured data governance and protection controls.
- Perform assessments of repositories, configurations, permissions, and usage patterns to identify risks, gaps, and enhancement opportunities.
- Monitor policy performance, investigate issues, track exceptions, and support remediation of control weaknesses or process breakdowns.
- Develop and maintain technical standards, implementation procedures, support guides, and evidence required for audit, compliance, and operational sustainability.
- Support discovery events, regulatory requests, cyber incidents, and internal/external audits by helping identify data locations, protections, control posture, and technical evidence.
- Participate in tabletop exercises, simulations, and readiness activities to improve organizational preparedness for information discovery and incident scenarios.
- Produce operational reporting and dashboards showing policy coverage, control adoption, exceptions, trends, and unresolved risks.
- Conduct on-the-spot reviews and environment assessments to validate control design and operating effectiveness.
- Recommend technical improvements, automation opportunities, and control enhancements to improve protection, usability, and governance maturity.
Requirements
This role requires a bachelor’s degree in Information Technology, Cybersecurity, Information Systems, Computer Science, or a related discipline, or equivalent experience. Three to five years of relevant experience in Microsoft 365 administration, information protection, collaboration technologies, security controls, or related technical governance roles is preferred. Experience implementing or supporting Microsoft Purview, SharePoint security/configuration, or comparable information protection technologies is also preferred. Experience supporting compliance reviews, audits, technical assessments, or security-related remediation activities is beneficial.
Qualifications
- Strong working knowledge of Microsoft Purview, including information protection, labeling, governance-related capabilities, and policy administration.
- Strong knowledge of SharePoint Online, Microsoft 365 collaboration controls, document permissions, content handling, and administrative considerations.
- Understanding of unstructured data governance, records retention, access control, data handling restrictions, and audit/compliance support needs.
- Ability to configure technical controls based on documented business and governance requirements.
- Experience monitoring policy effectiveness, troubleshooting issues, and validating technical control operation.
- Strong analytical and documentation skills, including creation of standards, procedures, assessment findings, and technical evidence.
- Familiarity with PowerShell, reporting tools, dashboards, or automation approaches is preferred.
- Strong communication skills and ability to explain technical control concepts to non-technical stakeholders.
Skills
- Technical knowledge/skill: Strong working knowledge of Microsoft Purview, including information protection, labeling, governance-related capabilities, and policy administration.
- Technical knowledge/skill: Strong knowledge of SharePoint Online, Microsoft 365 collaboration controls, document permissions, content handling, and administrative considerations.
- Technical knowledge/skill: Understanding of unstructured data governance, records retention, access control, data handling restrictions, and audit/compliance support needs.
- Technical knowledge/skill: Ability to configure technical controls based on documented business and governance requirements.
- Technical knowledge/skill: Experience monitoring policy effectiveness, troubleshooting issues, and validating technical control operation.
- Technical knowledge/skill: Strong analytical and documentation skills, including creation of standards, procedures, assessment findings, and technical evidence.
- Technical knowledge/skill: Familiarity with PowerShell, reporting tools, dashboards, or automation approaches is preferred.
- Technical knowledge/skill: Strong communication skills and ability to explain technical control concepts to non-technical stakeholders.
Benefits
Eversource offers a competitive total rewards program. The annual salary range for this position is $94,810.00 - $105,340.00. This position is eligible for a potential incentive. Eversource supports work-life balance by offering hybrid schedules for certain roles. Eligibility is based on job responsibilities, operational needs, nature of work, and team dynamics. Current guidelines require employees to work at least three days in the office, including Tuesdays and Wednesdays, with the third day set by the employee and supervisor based on department needs. These guidelines apply to roles approved for remote work and are subject to change based on managerial discretion and work performance. All applicants must be able to work up to five days in the office if needed (for example: emergencies, training, or other business needs) or should the policy change. The Information Protection Analyst will support assessments, control validation, issue remediation, spot reviews, and ongoing monitoring to ensure the organization's information protection capabilities are operating effectively and aligned to policy, business requirements, and risk expectations.
Pay
$94,810.00 - $105,340.00 per year
Schedule
Hybrid schedule is offered for certain roles. Employees are required to work at least three days in the office, including Tuesdays and Wednesdays, with the third day set by the employee and supervisor based on department needs. These guidelines apply to roles approved for remote work and are subject to change based on managerial discretion and work performance.