Senior Microsoft Security & Compliance Consultant
hackajob · United States · 3 wk ago
RemoteRemoteLegalFull-time
Key Responsibilities
- Serve as a primary technical lead on client engagements involving Microsoft security, compliance, and data protection solutions
- Design and implement data security, governance, and compliance strategies aligned with Microsoft 365 and Azure capabilities
- Advise clients on secure adoption of Microsoft Copilot, including data exposure risks, governance controls, and compliance considerations
- Architect and deploy solutions leveraging tools such as:
- Microsoft Purview (Information Protection, Data Loss Prevention, Insider Risk, eDiscovery, Data Lifecycle Management)
- Microsoft Defender suite
- Microsoft Sentinel (SIEM/SOAR)
- Translate regulatory and compliance requirements into actionable technical solutions (e.g., ISO frameworks, government regulations, internal controls)
- Conduct data discovery, classification, and protection strategy design
- Collaborate with project managers and stakeholders to deliver high-quality outcomes
- Contribute to pre-sales efforts, including solution design, scoping, and level-of-effort estimates
- Create technical documentation, implementation guides, and client training materials
- Act as a subject matter expert (SME) and mentor to other engineers
- Develop and refine repeatable offerings around data security, compliance, and Copilot readiness
- Stay current on evolving Microsoft security, compliance, and AI governance capabilities
Required Knowledge, Skills, and Abilities
- Strong experience with Microsoft Security and Compliance ecosystem, including:
- Microsoft Purview (DLP, Information Protection, Records Management, Insider Risk, eDiscovery)
- Microsoft Defender suite
- Microsoft Sentinel
- Deep understanding of data security concepts, including:
- Data classification and labeling
- Data loss prevention (DLP)
- Insider risk and information governance
- Experience advising on Microsoft 365 Copilot readiness, including:
- Data exposure risks
- Permission and access reviews
- Governance and compliance controls
- Experience with identity and access management, including:
- Microsoft Entra ID (Azure AD)
- Conditional Access and MFA
- Identity governance
- Ability to architect and communicate solutions to both technical and business stakeholders
- Experience mapping compliance requirements to technical implementations
- Strong consulting skills, including:
- Requirements gathering
- Solution design
- Client communication and presentation
- Experience developing documentation and reusable frameworks
- Familiarity with scripting (e.g., PowerShell)
- Demonstrated commitment to continuous learning in security, compliance, and AI governance
Desired Qualifications
- Bachelor's degree in technical field and/or equivalent experience
- 5+ years of experience in Microsoft cloud security and compliance consulting
- Relevant Microsoft certifications, such as:
- SC-401 (Information Security Administrator Associate) - preferred
- SC-400 (Information Protection & Compliance Administrator)
- SC-200 (Security Operations Analyst)
- SC-300 (Identity and Access Administrator)
- Experience supporting State and Local Government or regulated industries
- Familiarity with:
- Data lifecycle and records management
- Privileged Identity Management (PIM) / Privileged Access Management (PAM)
- Enterprise applications and identity integrations
- Strong technical writing and analytical skills
- Ability to manage deliverables across multiple concurrent projects
- Self-motivated with the ability to work effectively in a remote environment