Job Description
Insight Global is looking for a Microsoft Purview Cloud DLP Engineer to join a M365 team within a leading global company. In this individual contributor role, you will own the implementation, and ongoing tuning of the Data Loss Prevention program within the Microsoft Purview ecosystem. You will work closely with security, compliance, and IT teams to protect sensitive data across Microsoft 365, cloud workloads and business applications. This company is an enterprise scale (~20K users, ~2PB data, thousands of SharePoint sites).
Responsibilities:
-Configure Purview to apply data sensitivity labels to documents and create Data Loss Prevention (DLP) rules that enforce policies based on those labels, controlling what actions can be performed on the data.
- Deploy, tune and maintain DLP policies in Microsoft Purview covering Exchange Online, SharePoint, OneDrive, and Teams at scale in their M365 environment
- Deploy and support anomaly detection and user quarantine in M365, for example detect suspicious mass data downloads and suspend the user account until the activity is validated
- Triage and investigate DLP policy alerts, refine rules and policies by testing and tuning to reduce false positives, and escalate confirmed incidents
- Develop playbooks with the security team to escalate confirmed incidents
- Build and maintain automation workflows using Power Automate and PowerShell to streamline DLP operations, alert handling, and reporting
- Define and manage sensitive information types (SITs), trainable classifiers, and sensitivity labels in alignment with data classification standards
- Collaborate with business stakeholders to understand data flows and translate requirements into effective DLP controls
- Produce regular metrics and dashboards on policy coverage, incident trends, and program health for security leadership
- Maintain documentation for DLP policies, runbooks, and change management records
- Stay current with Microsoft Purview product updates and assess impact to existing configurations
- Participate in change advisory and risk reviews for DLP policy modifications
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.
Required Skills & Experience
- 3–5 years of hands-on experience with Microsoft DLP, with at least 2 years within Microsoft Purview (formerly Microsoft 365 Compliance Center)
- Experience with mid size company (with couple thousand users)
- Experience building and tuning DLP policies across M365 workloads (Exchange, SharePoint, OneDrive, Teams, Endpoint DLP)
- Proficiency with Power Automate for security and compliance workflows
- Hands on experience with Microsoft Purview concepts including sensitivity labels, SITs, trainable classifiers, adaptive protection, and the Unified Labeling platform
- Ability to translate data protection requirements into technically sound DLP configurations
Nice to Have Skills & Experience
+ Scripting experience with PowerShell for automation
+ Experience with Microsoft Purview Information Protection (MIP), and Insider Risk Management
+ Familiarity with Microsoft Graph API for compliance-related automation
+ Microsoft certifications such as SC-400 (Microsoft Information Protection Administrator) or SC-200
+ Exposure to eDiscovery, audit log review, or communication compliance within Purview
Benefit packages for this role will start on the 1st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.