Senior Cybersecurity Expert

Overview:

We are looking for a skilled and proactive Senior Cybersecurity Expert (M365 security, MS Purview) to join our security team. This role combines the definition of the strategy and main goals of different services hosted in the Purview portal with the hands-on technical implementation to make sure we make the most of the tools we have at our disposal.

Having strong knowledge and experience managing the different tools belonging to Microsoft Purview is key, as the central goal of this position will consist of assessing the current usage, define priorities, work with stakeholders and drive implementation to address our gaps in the risk & compliance, data governance and data security areas.

Experience with other solutions belonging to the Microsoft 365 environment is also valued (Microsoft Defender XDR, Entra ID, Intune, etc.).

Tasks and responsibilities:

• You drive conversations and collaboration with all relevant stakeholders, inside and outside of IT, to meet all the necessary requirements to use the different services hosted in Purview. Main stakeholders to consider:

• o HR

• o Legal
• o Compliance
• o Cybersecurity Community
• o Relevant business lines

• o Data owners

• You assess the current usage of tools and services within Microsoft Purview suite (including those not belonging to cybersecurity), identify potential gaps, and collaborate with relevant stakeholders to address these gaps and integrate new tools into Siemens Healthineers where applicable.

• You identify and collaborate with the departments responsible within IT that should act as service owners for the different services hosted in Microsoft Purview.
• You lead the implementation and strategic use of Microsoft Purview as the organizations central data governance solution, providing guidance and alignment across diverse business data owners to ensure consistent data policies, classification, and responsible data stewardship including clear ownership, proper documentation, access control, and data quality standards.
• You support organizational efforts to automate the classification of information using Microsoft Purview, enabling proactive identification and protection of sensitive data across the enterprise through scalable, policy-driven tagging and labelling.
• You take ownership of the Microsoft Purview portal as a whole, ensuring that the permissions granted to different stakeholders are assigned responsibly. It is important to ensure that a proper access control is in place, fulfilling the least privilege principle, conduct access reviews periodically and maintain up to date documentation in this regard.
• You benchmark and select Microsoft Purview products and deploy proofs of concept with relevant stakeholders to decide the new capabilities to be deployed.
• You provide a key role in troubleshooting, problem-solving and end-user support to ensure the seamless operation of our services.
• You ensure that the appropriate licensing is in place for all solutions and collaborate with relevant teams to create a budget forecast if additional licensing is required. Analyze if the current spending of the licenses needed for different services is efficient/really needed for the organization, to optimize our cost.
• You assist in establishing monitoring processes to ensure admin activities align with the least privilege principle, safeguarding the company against risky actions that could indicate potential compromise, and fulfilling audit requirements.
• You coordinate and facilitate discussions with the provider (Microsoft) for Purview-related topics.
• You participate in projects or activities dedicated to improve our security posture in Microsoft 365, in any of the other areas managed by our team (Data Loss Prevention, Insider Risk Management, Defender for Endpoint, Defender for Identity, Defender for Office 365, etc.).

What is in it for you:

• You will benefit from a Hybrid work schedule, allowing you to maintain a healthy work-life balance.
• You will thrive in a multinational environment where you will have the chance to meet and cooperate with colleagues from all over the globe.
• You will be engaged in both hands-on IT/security operations and strategic security improvements.
• You will participate in and lead big security projects, introducing improvements that will make a difference on the daily work of more than 70k employees. Organization, coordination, and communication are key to succeed.
• You will have the chance to constantly increase your knowledge and develop your skills by combining training courses with on-the-job training.
• You will develop a successful career by participating in all relevant stages: Definition, planning, implementation, and supervision.

Qualifications:

• You have 7+ years of relevant work experience in IT, and 5+ years working with Microsoft Compliance/Purview solutions and the field of cybersecurity.
• You have proven experience in Microsoft Purview and the solutions that it hosts (Data Governance, Communication Compliance, Data Lifecycle Management, etc.), with a strong focus on implementation and hands-on configuration. Possession of relevant certifications, such as Microsoft SC-400 or SC-401 is highly valued.
• You have experience designing, deploying, and managing Microsoft Purview policies in complex environments.
• You have knowledge regarding other Microsoft365 security solutions and topics (Microsoft Defender Suite, Microsoft Information Protection, Insider Risk Management)
• You have advanced English, communication, and negotiation skills: clear and concise communication; able to address stakeholders of different backgrounds and technical expertise.

Additionally:

• You enjoy engaging with different teams and facilitating discussions to find solutions that meet stakeholders expectations.
• You have a proactive mindset with a passion for staying ahead of potential security risks.
• You are analytical and work methodically, both autonomously and in a team setting.
• You work or have been working in global distributed teams.
• You are a quick learner and have the aptitude to get into new technologies and architectures.
• You provide guidance and mentorship to other team members, specially on Purview and best practices.
• You are able to drive projects from initiation to completion, ensuring deliverables are met on time and in alignment with business objectives.