Job Description
Job Type: Permanent
Location: Hybrid – Edinburgh, Telford or Birmingham office. Expected 1–2 days per week in the office, subject to business needs.
Closing date: 28/04/2026
Salary and benefits: £45,000 – £60,000 plus an indicative bonus of 16% (up to 32%), private medical cover, 38 days annual leave, excellent pension, 12× salary life assurance, career breaks, income protection, 3× volunteering days and much more.
Role
This is a senior data security role, focused on leading and improving technical data security controls across Microsoft 365, with a primary emphasis on Microsoft Purview, Data Loss Prevention (DLP), and Insider Risk.
You will act as a senior practitioner and delivery lead, responsible for driving data security initiatives, control effectiveness and measurable risk reduction, while supporting a small team of analysts and an engineer. This is not a data engineering or platform role.
Key Responsibilities
- Leading data security initiatives and project delivery, including:
- DLP uplift and optimisation
- Insider Risk capability development
- Microsoft Purview enhancement
- Owning the effectiveness of DLP controls across Microsoft 365:
- Policy design, tuning and optimisation
- Reducing false positives and business friction
- Improving control coverage and outcomes
- Driving Insider Risk use cases:
- Policy development and refinement
- Alert triage and investigation approaches
- Alignment with wider security and governance processes
- Acting as the bridge between operations, engineering and governance:
- Translating regulatory expectations into practical controls
- Ensuring controls are enforceable, measurable and audit‑ready
- Providing data security expertise across the wider technology estate:
- Defining control requirements and expected outcomes
- Assessing control effectiveness and identifying gaps
- Working with relevant teams to ensure appropriate controls are in place
- Supporting and guiding analysts and engineers:
- Setting direction and priorities
- Acting as escalation for complex data security issues
- Working across technologies including:
- Microsoft Purview (DLP, Information Protection, Insider Risk)
- Varonis / Data Access Governance
- Microsoft Defender and Sentinel
- Supporting audit and regulatory activities:
- Producing clear, defensible control evidence
- Articulating control design in a regulated environment
Essential Experience
- Hands on experience with Microsoft Purview (DLP, Information Protection, Sensitivity Labelling)
- Good experience of Insider Risk Management (or closely related capabilities)
- Proven experience leading or delivering data security initiatives or projects
- Owning policy tuning and optimisation
- Able to reduce false positives
- Delivering measurable risk reduction
- Data security within Microsoft 365
- Data leakage risks and user behaviour patterns
- Ability to translate regulatory expectations into operational controls
#J-18808-Ljbffr…