IT Security Analyst , Sr

Stefanini

  • Hyderabad, Telangana
  • Permanent
  • Full-time
  • 1 day ago
Details:Exciting opportunity in Hyderabad! We"re looking for a Microsoft 365 Security specialist with hands-on experience in Purview DLP, Endpoint DLP, and sensitivity label governance.You"ll drive a structured program - from quick-win visibility scans to building a sustainable DLP framework with label-aware access controls, triage runbooks, and pilot-to-production rollouts.If you have 5-8+ years in Microsoft 365 security, proven expertise in Conditional Access/MDCA session controls, and a track record of translating pilot initiatives into enterprise-ready solutions, this role could be for you.What you"ll do (responsibilities)Program architecture & governanceDesign a right‑sized DLP program plan: Scope, milestones, RACI, and stakeholder cadence aligned to Phase 1-3 (Visibility & Quick Wins → Classification Foundations → Label‑Aware Enforcement & Operational Readiness).Produce a DLP Triage Runbook (alert flows, escalation paths, SLAs, remediation steps) and a Governance 'Quick Wins' checklist to sustain operations after the trial.Define and obtain prerequisites: admin access, pilot user/site scope, device‑management alignment (SCCM/Intune), and decision makers for weekly reviews.Policy Management: Develop, implement, and manage DLP policies tailoredto endpoint devices using Microsoft Purview, ensuring data protection andcompliance.Reporting and Analytics: Generate detailed reports on DLP incidents, trends,and system performance using Microsoft Purview for management review.System Maintenance: Perform troubleshooting of endpoint DLP systemswithin Microsoft Purview to ensure optimal performance.Deep understanding of various M365 services, such as SharePoint Online, Teams, OneDrive, and related applications. Which includes managing site collections, libraries, lists, and workflows to optimize user experience.Strong understanding of architecture, security, permissions management, and content organization.Microsoft Purview & classificationCollaborate with business owners to finalize a sensitivity label taxonomy (names, markings, protection settings) and author end‑user guidance.Configure auto‑label policies in simulation, analyze detection accuracy, and tune to reduce false positives before enforcement.Endpoint DLP (OneDrive/SharePoint & Office)Architect and implement Endpoint DLP to control exfiltration paths tied to OneDrive sync and Office apps (e.g., print/copy/upload/USB/network share as appropriate), with targeted pilots and minimal disruption.Establish monitoring, alert routing, and evidence capture for Endpoint DLP incidents; iterate policies from simulation → audit → block with business sign‑off. (Anchored to pilot deliverables and DLP expansion in Phase 3.)Label‑aware access & session controlsImplement label‑aware Conditional Access or Defender for Cloud Apps (MDCA) session controls so access/download behavior respects content sensitivity (e.g., restrict downloads of 'Confidential' content on unmanaged devices while allowing benign access to 'General').Operational readiness & reportingStand up baseline→post‑pilot metrics and simple dashboards for visibility (e.g., sensitive data heatmaps, enforcement events, user impact, false‑positive rate).Run weekly status calls and decision logs; deliver pilot configuration docs for CA/DLP, auto‑label simulation results, and the approved label taxonomy.Job RequirementsDetails:BASIC JOB REQUIREMENTS:
  • Microsoft Purview Information Protection & DLP; Sensitivity Labels (MIP/AIP).
  • Endpoint DLP tied to OneDrive/SharePoint and Office apps.
  • Microsoft Entra ID (Conditional Access), Microsoft Defender for Cloud Apps (session controls).
  • Device‑management alignment with SCCM/Intune; awareness of current Okta MFA with Entra ID federation and status of Azure AD Join to design practical, label‑aware controls in Client"s hybrid identity/device context.
Required qualifications * 5-8+ years in Microsoft 365 security with hands‑on Purview DLP and Endpoint DLP; strong record of pilot‑to‑production rollouts.
  • Proven delivery of sensitivity label taxonomy, auto‑label simulations, and runbook‑driven DLP operations.
  • Deep experience with Conditional Access and MDCA session policies for label‑aware access/download controls.
  • Ability to translate pilot constraints (50 hours / 3 months) into prioritized, measurable outcomes with light‑touch governance.
  • Nice to have :
PowerShell/Graph API automation; KQL; experience aligning CA/Intune device compliance for unmanaged vs. managed user scenarios noted in the environment overview.#LI-RS3Pay Range:Based on Experience

Stefanini

Similar Jobs

  • Technical Product Analyst (Sr. ARCS)

    McDonald's

    • Hyderabad, Telangana
    About McDonalds in India One of the world’s largest employers with locations in more than 100 countries McDonald’s Corporation has corporate opportunities in Hyderabad. Our globa…
    • 23 hours ago
    • Apply easily

  • Design & Creative Senior Analyst

    Inspire Brands Hyderabad Support Center

    • Hyderabad, Telangana
    About Inspire Brands Hyderabad Support Center Inspire Brands is disrupting the restaurant industry through digital transformation and operational efficiencies. The company’s tech…
    • 23 hours ago
    • Apply easily