Senior Consultant - Microsoft Purview & M365 Compliance Governance
Proactive Technology Management · Ferndale, MI · 2 mo ago
HybridInformation TechnologyContract
About the role
The role involves leading a 90-day governance engagement for a Fortune-class regulated enterprise client, focusing on Microsoft Purview and M365 compliance. The engagement is split into two phases: Discovery & Assess (30 days) and Implement & Govern (60 days).
Responsibilities
- Inventory the client's M365 information protection posture, including sensitivity labels, DLP policies, retention framework, audit configuration, classification accuracy, and Copilot AI exposure.
- Map current state against PTM and Microsoft baselines, quantify risk and ROI of remediation, and deliver a prioritized governance backlog.
- Stand up a label taxonomy and auto-labeling policy, deploy or tune DLP across various platforms, operationalize retention, records management, and audit, configure Purview-for-Copilot DSPM-for-AI controls, and wire the estate into Azure Monitor and Log Analytics.
- Work closely with a Power Platform CoE / ALM specialist to ensure coordination and coherence between the two lanes.
- Deliver a complete inventory of Purview, DLP, retention, and audit configuration, with a risk-ranked gap analysis against PTM and Microsoft reference architectures.
- Create a sensitivity label taxonomy that the business understands, with manual labeling guidance and auto-labeling policies tuned for low false-positive rates.
- Deploy DLP policies across Exchange, SharePoint, OneDrive, Teams, and Endpoint, operationalizing retention, records management, and audit.
- Configure Microsoft Purview Audit configuration (Standard or Premium tier as scoped), audit log retention, and export pipeline to the client's downstream SIEM.
- Implement Microsoft Compliance Manager assessment selection, improvement-action plan, and executive reporting cadence.
- Configure Purview for Copilot governance, including DSPM-for-AI configuration, sensitivity-aware grounding rules, prompt and response auditing, and red-team reviews of high-exposure agents.
- Design and implement Azure Monitor and Log Analytics observability, including diagnostic settings on M365 audit and DLP signals, KQL workbooks for label coverage, DLP incident rate, retention drift, and AI prompt-risk indicators, alert rules on policy drift, and an executive dashboard reporting against the value metric agreed during Discovery.
- Author and present architecture artifacts to a CTO-level audience, such as C4 diagrams, SADs, SDDs, and milestone roadmaps.
- Use a discovery toolkit like Lean UX, BPMN, or Event Storming to translate ambiguous client problems into a prioritized backlog with measurable outcomes.
- Ensure every label, DLP rule, and retention policy ships with tests proving its functionality and alerts firing when it stops working.
- Work in a Maker-Checker culture, welcoming second pairs of eyes on critical decisions and giving the same in return.
Requirements
- 5+ years of experience delivering Microsoft Purview / M365 information protection in enterprise or mid-market environments, with at least 2 full lifecycles of label taxonomy design and deployment.
- Experience with Microsoft Purview Information Protection, including label taxonomy design, manual labeling, auto-labeling policies (client-side and service-side), label-driven encryption, and rights management.
- Experience with Microsoft Purview Data Loss Prevention across Exchange, SharePoint, OneDrive, Teams, and Endpoint DLP, including policy authoring, simulation mode, incident triage, exception workflow, and tuning to keep false-positive rate inside a defensible band.
- Experience with data classification using built-in, custom keyword, custom regex, exact-data-match, and trainable classifiers, including the data-engineering work to seed and validate them.
- Experience with Microsoft Purview Audit (Standard and Premium), including audit log search, export, retention, and downstream SIEM integration.
- Hands-on experience with SailPoint solutions, specifically Hands-on experience implementing, configuring, and maintaining SailPoint solutions (e.g., IdentityIQ, IdentityNow).
- Experience with Microsoft Compliance Manager, including assessment selection, improvement actions, control implementation evidence, and executive reporting.
- Experience with Purview for Copilot, including DSPM-for-AI configuration, sensitivity-aware grounding, prompt and response auditing for Microsoft Copilot for M365 and Copilot Studio agents.
- Knowledge of Microsoft Entra ID, including conditional access, sensitivity-label-bound access policies, and the binding between identity, label, and DLP enforcement.
- Working knowledge of Power Platform DLP, enabling the M365 and Power Platform DLP surfaces to compose coherently.
- Experience with Azure Monitor and Log Analytics, including workspace design, diagnostic settings for M365 audit and Purview signals, KQL fluency, workbook authoring, alert rules, and action groups.
- Experience with Microsoft Sentinel integration for governance signals and audit-log SIEM tier, including connector deployment, analytic rule authoring, and incident workflow.
- Experience with Power BI dashboards that report a value metric a non-technical executive can act on (label coverage, DLP incident rate, retention drift, AI prompt-risk).
- Experience with regulated frameworks such as HIPAA, HITRUST, SOC 2, ISO 27001, FDA 21 CFR Part 11, GDPR, GLBA, and the documentation discipline they require.
- Prior experience in regulated environments (medical device, life sciences, healthcare, or financial services).
- Experience as a subcontractor or partner-of-partner, representing PTM cleanly inside multi-vendor delivery teams and within the end client's governance forums.
Preferred
- Microsoft certifications: SC-400 (Information Protection & Compliance Administrator), SC-100 (Cybersecurity Architect Expert), SC-200 (Security Operations Analyst), SC-300 (Identity & Access Administrator).
- Hands-on with Microsoft Priva for privacy management, data subject requests, and privacy risk policies.
- Experience with eDiscovery (Standard and Premium), including case management, custodian holds, advanced indexing, and review-set culling.
- Experience with Insider Risk Management and Communication Compliance policy design.
- Experience with regulated frameworks such as HIPAA, HITRUST, SOC 2, ISO 27001, FDA 21 CFR Part 11, GDPR, GLBA, and the documentation discipline they require.
- Prior experience in regulated environments (medical device, life sciences, healthcare, or financial services).
- Experience as a subcontractor or partner-of-partner, representing PTM cleanly inside multi-vendor delivery teams and within the end client's governance forums.
Benefits
- Possibility of contract-to-hire.