Microsoft Purview Enterprise Architect / SME

About The Position

Requirements

• BA/BS in Computer Science, Engineering, Information Systems, or a related field.
• 5+ years of hands-on experience with Microsoft Purview (formerly Microsoft 365 Compliance Center) and/or Microsoft Information Protection
• Demonstrated experience implementing Purview at enterprise scale (10,000+ users or equivalent complexity)
• Deep working knowledge of Purview modules, with production deployment experience: Information Protection (sensitivity labels, MPIP SDK, auto-labeling), Data Loss Prevention (DLP policies, endpoint DLP, cloud app policies), Data Lifecycle Management & Records Management (retention, disposition), eDiscovery (Standard and Premium, Advanced workflows), Insider Risk Management, Communication Compliance, Audit (Standard and Premium, Graph API integration), Purview Data Map / Data Catalog (Azure Purview)
• Proficiency with PowerShell for compliance administration (Security & Compliance Center cmdlets, Exchange Online cmdlets, Search-UnifiedAuditLog)
• Hands-on experience with Microsoft Graph API for Purview-related workloads
• Strong understanding of Microsoft 365 identity and access (Azure AD / Entra ID, conditional access, RBAC for compliance roles)
• Experience working in regulated industries (government, financial services, healthcare, legal) with real compliance requirements.
• PL‑900 (required prior to start date).

Nice To Haves

• Experience deploying Purview in GCC, GCC High, or DoD environments
• Familiarity with Azure Information Protection (AIP) classic client migration and AIP unified labeling
• Experience integrating Purview with SharePoint, Teams, and Exchange in hybrid or on-premises configurations
• Background in legal operations or records management program design
• Familiarity with NIST SP 800-171, CMMC 2.0, FedRAMP Moderate/High control requirements
• Experience using Logic Apps, Power Automate, or Azure Functions to extend Purview workflows (e.g., disposition review automation, alert routing)
• Prior consulting, advisory, or professional services experience in a client-facing capacity
• Certifications (preferred) – Microsoft Certified: Information Protection and Compliance Administrator Associate (SC-400), Microsoft Certified: Security Operations Analyst Associate (SC-200), Microsoft Certified: Azure Security Engineer Associate (AZ-500), Microsoft 365 Certified: Enterprise Administrator Expert (MS-102)

Responsibilities

• Lead end-to-end design and deployment of Microsoft Purview across enterprise Microsoft 365 and Azure environments
• Architect sensitivity label taxonomies, label policies, and auto-labeling strategies across Exchange, SharePoint, OneDrive, Teams, and Microsoft 365 Apps
• Design and implement data loss prevention (DLP) policies across workloads including Endpoint DLP, M365 services, and cloud app integrations
• Configure and manage Microsoft Purview Information Protection (MPIP) at scale, including label inheritance, label persistence, and co-authoring support
• Implement Purview Data Lifecycle Management and Records Management, including retention labels, retention policies, event-based retention, and disposition workflows
• Deploy and tune Insider Risk Management policies, including policy templates, indicators, and alert triage workflows
• Configure Communication Compliance policies aligned to regulatory and HR requirements
• Stand up and maintain eDiscovery (Standard and Premium) workflows including holds, collections, review sets, and export
• Integrate Purview Audit (Standard and Premium) with SIEM platforms and build audit log search strategies using PowerShell and the Graph API
• Implement Purview Data Map and Data Catalog (formerly Azure Purview) for hybrid and multi-cloud data asset discovery and classification
• Serve as the primary Purview SME, advising stakeholders on Microsoft 365 compliance posture and roadmap
• Assess current-state environments and produce gap analyses, architecture decision records (ADRs), and remediation roadmaps
• Provide expert guidance on regulatory compliance requirements (FINRA, SEC, HIPAA, FedRAMP, CMMC, ITAR, etc.) as they relate to Purview configuration
• Advise on licensing strategy across Microsoft 365 E3/E5 Compliance, Purview add-ons, and Azure Purview SKUs
• Translate legal and compliance requirements into technical controls and policy configurations
• Evaluate third-party tools and integrations (e.g., Varonis, Netwrix, Saviynt) against native Purview capabilities
• Develop and deliver training programs for administrators, compliance officers, legal teams, and end users
• Create runbooks, standard operating procedures (SOPs), and reference documentation for Purview operations
• Mentor junior engineers and IT staff on Purview concepts, best practices, and day-to-day operations
• Conduct knowledge transfer sessions and workshops to build internal capability and reduce long-term dependency on external SME

Benefits

• 15 days PTO including paid parental, military, and bereavement leave
• Eleven (11) paid Federal holidays, five of which are floating holidays (as designated by the company’s holiday schedule each year)
• Health and Dental Insurance (including 100% employer paid premiums for employee coverage under the HDHP health plan)
• Life Insurance, STD/LTD term disability coverage, with employer paid premiums
• 401 (k) plan with a match that is 100% vested after you complete two years of service
• FSA/DFSA/HSA flexible benefit plans
• Annual Tuition & Professional Development Reimbursement benefit