- Salary: £NEG
- Education Requirements - none but degree preferred or commercial exposure
- Experience Requirements - Expert
- Industry - Technology
- Location: Leeds
- Qualifications - Any MS or Security Relevant Quals
- Responsibilities - see below list within spec
- Skills - see below list within spec
- Work Hours - The role will initially require 3 days in the office per week but normal working practises will apply post Covid.
We are looking to hire an experienced Microsoft Information Security Data Specialist to join an existing Information Security team. The role of the Microsoft Information Security Data Specialist will be to work closely with our business teams and assist them in the adoption of Microsoft 365 security solutions and security best practices.
Principal Duties, Responsibilities & Accountabilities:
The successful candidate will be responsible for the configuration and administration of Microsoft 365 security solutions, supporting technical support teams and maintenance of the Microsoft 365 security platform.
- Develop and enhance security policies, processes, procedures and technical controls to strengthen security capabilities and resilience to cyber threats
- Take a proactive role in identifying security risks, mitigations and opportunities to strengthen resilience to cyber-attacks and security incidents
- Participate in the design and implementation of systems and applications to ensure that proposed solutions comply with the company’s IT Security policies
- Assist with security incident management and response activities
- Interact with the IT team to provide and share technical issue resolution knowledge and deployment/adoption processes best practices
- Configuration and maintenance of Microsoft 365 security solutions including Azure Information Protection, Data Loss Protection, Rights Management and Cloud App Security Broker, ensuring alignment to both business requirements and security best practices
- Implementation of an automatic information classification process, that will tag documents with the correct classification, based on content, either at creation or retrospectively
- Creation and maintenance of an Information Asset Register
- Creation and implementation of Data Loss Prevention rules that protect information from being transferred using unauthorised methods or to inappropriate recipients
- Develop end user and technical guidance for utilising and supporting Microsoft Cloud Security solutions, for example, OneDrive, Teams, OneNote, Outlook etc.
- Provide analysis of information security risk and issues of non-compliance
- Employ previous experience and industry best practices to monitor, enhance and report on security posture, including dashboard reports and management information
- Gather and use cyber threat intelligence to provide greater insight into cyber threats, to enable a faster, more targeted response and to identify new risks, along with proactive, best practice methods to mitigate them
- Deep technical knowledge and experience in implementing and maintaining Microsoft Cloud Security solutions, Microsoft Azure Security technologies, including the broader areas of Microsoft Windows security and Microsoft Enterprise, Mobility and Security suite within an enterprise environment
- Comprehensive experience and in-depth knowledge of enterprise information security and standards including Cyber Essentials, ISO 27001, 27002 etc. Data Protection Act and the General Data Protection Regulation
- Strong experience in Information Security governance, risk and compliance
- Experience with data sovereignty requirements and options to comply
- Microsoft automation technologies, including PowerShell
- Relevant work experience focused on Information Security and the implementation and/or use of Microsoft 365 solutions, typically as part of projects or large programmes of workDetailed knowledge of
- Information Classification principles and best practice
- Data Loss Prevention implementation and support
- Information Asset Management
- Microsoft Security Suite especially Information Classification and DLP
- Experience in managing and securing information stored in; OneDrive, Teams, OneNote, Yammer, etc.
- Experience administering O365, Exchange, Azure Active Directory, Teams, OneDrive and SharePoint environment
We believe this is an excellent opportunity for candidates who have an in-depth technical knowledge of Microsoft 365 security solutions and experience in implementing and maintaining them within an enterprise environment.
This role will suit experienced security professionals who are looking to be an integral part of the design and delivery of Microsoft 365 security solutions and who enjoy working in a busy environment for a fast-moving global business.