Key skills
CloudCyber SecurityPowerShellAIRisk ManagementChange ManagementCommunicationCollaboration
About this role
Role Overview
- Own the end-to-end lifecycle, strategy, roadmap, and operational excellence of Microsoft Purview data compliance services.
- Maintain and update support models, standard operating procedures (SOPs), and governance documentation for all in-scope compliance services.
- Ensure these services meet SLAs, deliver value to the business, and evolve with organizational needs.
- Oversee the development, rollout, and ongoing management of Nokia’s information protection and data loss prevention policies.
- This includes coordinating with the Security and Legal & Compliance teams on sensitivity label taxonomy, DLP rules, retention policies, and other compliance measures.
- Ensure that classification, labeling, and DLP policies consistently safeguard sensitive data across email, collaboration platforms, endpoints, and cloud services, all in accordance with Nokia’s data governance requirements.
- Working closely with Legal & Compliance team to ensure smooth run of the Nokia’s eDiscovery and legal hold processes in Microsoft Purview.
- Support and oversee the implementation of the Purview’s Insider Risk Management and Communication Compliance solutions to detect and address potential data leaks, insider threats, or code-of-conduct violations.
- Act as the primary interface to Nokia’s Security, Privacy, and Legal & Compliance teams for all matters related to Microsoft 365 data protection.
- Drive adoption and readiness for Microsoft’s compliance roadmap changes impacting Purview and related M365 workloads.
- Collaborate with peer M365 Service Owners (Exchange, SharePoint, OneDrive, Teams, etc.), as well as Identity & Access Management, Security Operations, Data Governance, and IT Solution Architecture teams, to deliver integrated compliance controls across services.
Requirements
- Bachelor’s or master’s degree in computer science, Information Systems, Cybersecurity, or a related field; relevant security/compliance certifications are an advantage (e.g., SC-400, MS-500, CISSP, CISM) with 10+ years of experience in enterprise IT, security, risk, or compliance roles, including hands-on delivery and operations of Microsoft 365 compliance capabilities in a large, global environment.
- Proven expertise with Microsoft Purview (Microsoft 365 Compliance), including Information Protection (Sensitivity Labels), DLP, Records Management/Retention, eDiscovery (Standard & Premium), Audit, Insider Risk Management, and Communication Compliance.
- Strong understanding of Microsoft 365 architecture and data flows across Exchange Online, SharePoint, OneDrive, Teams, and endpoints; ability to design and operate integrated compliance controls across workloads.
- Experience supporting eDiscovery and legal hold processes, partnering effectively with Legal, HR, and Cybersecurity teams.
- PowerShell scripting/automation skills to manage and report on compliance configurations at scale (e.g., bulk policy changes, reporting, and audit log extraction/analysis); Power Platform experience is a plus.
- Experience with operational excellence: incident/problem management, root-cause analysis, change management, and service governance (e.g., SLAs, KPIs, runbooks, documentation) for compliance platforms.
- Familiarity with Microsoft 365 Copilot and Copilot Studio/Agents from a compliance and governance perspective, including applying Purview controls (labeling, DLP, retention, auditing) to AI-assisted content and automated workflows.
Tech Stack
- Cloud
- Cyber Security
Benefits
- Competitive salary
- Health insurance
- Retirement plans
- Paid time off
- Flexible work arrangements
- Professional development opportunities