Security Specialist (M365 Security & Compliance)

Overview

Own M365 security posture, governance, and compliance across the agency. Focus on identity, data protection, access control, retention, risk management, and monitoring with federal security standards in mind.

Key Responsibilities

• Configure and manage M365 security suite (Entra ID, Purview, Defender)

• Implement DLP, sensitivity labels, retention, and data governance policies

• Review access controls, roles, permissions, and MFA policies

• Ensure compliance and audit readiness across M365 services

• Monitor security alerts and resolve vulnerabilities

• Collaborate with engineering teams to enforce secure configurations

Required Skills

• 5+ years in M365 security/compliance roles

• Deep knowledge of Entra ID (AAD), MFA, SSPR, conditional access

• Microsoft Purview (DLP, retention, records, governance)

• Experience with M365 compliance center and security center

• Understanding of federal security frameworks (preferred)

• Strong PowerShell for auditing and automation

• Strong communication and documentation skills

Note:

This role does not need .NET or PowerApps development.