Information & Data Loss Prevention Consultant

This is a remote position.

Description:

A project to design, configure, deploy, and stabilize the Microsoft 365 Azure Information Protection/Data Loss Prevention (AIP-DLP) elements. An experienced technical resource is requested to advise and technically lead the phases of Discovery, defining Technical Governance and Standards, Classification and Labeling, and configuring both AIP and DLP to protect and monitor documents.

Would like a consultant experienced with the design, developing technical governance and standards, configuration, deployment, and stabilization of AIP-DLP to join the technical project team.

• Office365 Azure Information Protection/Data Loss Prevention Technical SME:
  
• Architecture experience with Designing & Implementing Data Governance Frameworks across AIP/MIP/DLP
  
• Experience working within Project/Delivery Management Methodologies (SDLC, Hybrid Waterfall),
  
• Experience working in a cross functional team, with the ability to lead/drive the scope of work in ambiguous client facing situations and requests,
  
• Experience in a wide range of security tools & technologies, Cloud Security, Security Architecture modelling, Cloud security framework development etc.
  
• Experience in conducting cloud security assessments against best practices/standards.
  
• Experience in creating as built artifacts and standards.
  
• Creation of daily, weekly and incident reports
  
• Weekly time tracking and approval
  
• Weekly report submitted to Project Manager indicating labor hours expended and remaining hours relative to the project schedule and contract.
  
• Work in collaboration with technical SMEs and Administrators, Project management and Change Management team members during working hours 7am-4pm PDT Monday-Friday.
  
• Attend daily 8:30am PST Stand Ups & Attend daily site validation and working sessions.
  
• Provide & respond to frequent daily communications and status requests from site owners, PMs, Change Managers.
  
• Attend and actively participate in end user site validation sessions along with   business site owners, Technical SMEs, PMs, Change Management team members.
  

Responsibilities

• Assessment of current state of information protection policies, standards, and implementation.
  
• Lead gap analysis of current state to target state.
  
• Contribute to the documentation in to form of standards and designs to meet business requirements.
  
• Leveraging AIP and Microsoft 365 DLP design, configuration and deployment technical expertise, work with the supporting technical team to complete the following:
  

Discovery Phase

- Connect Cloud apps to Defender

- Scan files via App connector

- Investigate/analyze files

- Evaluate accessibility /status

- Validate site permissions have been migrated over correctly

- Sign off on pre-validation session quality

Technical Governance and Standards development- advise the following:

- Develop initial data governance and standards

- Socialize w. stakeholders and business groups

- Integrate into classify and label next steps

Classify & Label

- Integrate sensitive information definitions.

- Enable MS Purview Info protection integration

- Create policies to identify sensitive info

- Label sensitive info.

Protect

- Enable file policy governance actions

- Enable alerts and notifications

- Enable monitoring

- Enable automatic sensitivity labels

Monitor

- Creation of daily, weekly and incident reports

- Enable the daily check of dashboards

- Enable the Investigation of file incidents

- Enable the ability to fine tune policies and alerts

- Advise best practices for overall AIP-DLP continuous improvement.

Requirements

KEY SKILLS AND QUALIFICATIONS

• 6+ years’ Architecture experience with Designing, Implementing, Remediating Microsoft 365 Data Protection technologies in Highly Regulated Industries (Public Utilities, Financial Services, Healthcare, Government, etc).
  
• Experience in below technologies:
  
• Data Loss Prevention
  
• Document Fingerprints
  
• Sensitive Information Types
  
• Microsoft Information Protection/Azure Information Protection
  
• Classification & Labelling
  
• Data Retention & Deletion
  
• Azure Rights Mgmt Services & Information Rights Management
  
• AIP Client Viewer
  
• Legal/Litigation Holds
  
• Office 365 Message Encryption
  
• SharePoint/OneDrive Online Preservation Policies and Disposition Reviews
  
• Excellent interpersonal skills, including collaboration, facilitation, and negotiation.
  
• Ability to lead work effort with little day to day supervision. Ability to work through ambiguity and escalate issues to maintain project momentum.