Subject Matter Expert (SME) – Microsoft 365 Security & Compliance

Location: Remote

Employment Type: Full-Time

Seniority Level: Consultant / SME

Overview

Subject Matter Expert (SME) in Microsoft 365 Security & Compliance

ISO 27001, SOC2, NIST, and GDPR

Key Responsibilities

1. Microsoft 365 Security Architecture & Governance

• Design and implement

  Zero Trust

  –aligned security architecture across Exchange, Teams, SharePoint, OneDrive, and Entra ID.
• Define and enforce

  Conditional Access

  , Identity Protection, MFA, Passwordless, and secure authentication policies.
• Lead hardening of Microsoft 365 workloads using Microsoft best practices and CIS benchmarks.

2. Microsoft Purview Security & Compliance

• Configure and optimize:

• Data Loss Prevention (DLP)

• Information Protection (Sensitivity Labels & Policies)

• Information Governance

• Records Management

• eDiscovery (Standard & Premium)

• Communication Compliance

• Insider Risk Management

• Data Lifecycle & Retention Policies

• Ensure compliance controls align with regulatory standards (GDPR, HIPAA, SOX, etc.).

3. Threat Protection & Monitoring

• Implement advanced threat protection solutions:

• Microsoft Defender for Office 365

• Defender for Cloud Apps (MCAS)

• Defender for Identity

• Entra ID Protection

• Defender for Endpoint

  (integration with M365)
• Monitor and triage security incidents, alerts, and identity risks through

  Microsoft 365 Defender

  portal.
• Develop automation and response playbooks using

  KQL

  ,

  Power Automate

  , or

  Sentinel

  where applicable.

4. Compliance & Risk Management

• Conduct security and compliance assessments of Microsoft 365 tenants.
• Develop compliance score improvement initiatives and remediation plans.
• Document and maintain evidence for audits (ISO, SOC2, internal audits).
• Ensure ongoing alignment with security frameworks (NIST CSF, CIS, MITRE).

5. Multi-Tenant & Enterprise Administration

• Provide SME guidance for

  large enterprise tenants

  , mergers, acquisitions, and cross-tenant migrations.
• Ensure secure configuration for:
• Hybrid identities (Entra Connect)
• B2B/B2C collaboration
• Multi-tenant governance
• Secure external sharing
• Provide oversight for privileged access using

  PIM

  and role-based access controls (RBAC).

6. Automation, Reporting & Optimization

• Build custom dashboards and insights using:

• KQL queries

• Graph API

• PowerShell

• Automate compliance tasks, policy monitoring, and audit reporting where possible.
• Continuously monitor tenant drift and implement corrective controls.

7. Advisory & Cross-Functional Leadership

• Serve as the primary advisor to IT leadership, cybersecurity teams, and business stakeholders.
• Conduct security workshops, training sessions, and readiness programs for employees and admins.
• Create documentation, runbooks, SOPs, and reference architectures.

Required Skills & Experience

Technical Skills

• Expert-level knowledge of:

• Microsoft Purview Compliance

• Microsoft 365 Security & Defender suite

• Entra ID (Azure AD) Identity & Access Management

• Conditional Access, PIM, Identity Protection

• E5 security controls

  (and mapping E3 + add-ons for cost optimization)
• Hands-on experience with:

• Graph API

  security endpoints

• Microsoft Secure Score & Compliance Score

• DLP & Sensitivity Labeling

• PowerShell automation

• KQL log queries (Defender, Purview, Sentinel)

Experience

• 5–10+ years in Microsoft 365 security, governance, or compliance roles.
• Experience supporting large global enterprises or multi-tenant MSP environments.
• Direct involvement in regulatory audits (ISO 27001, SOC2, NIST, GDPR).
• Proven experience implementing end-to-end compliance programs.

Soft Skills

• Strong communication and advisory ability.
• Ability to translate complex security topics to non-technical stakeholders.
• Strong documentation and architectural design capabilities.
• Ability to lead workshops, projects, and cross-functional teams.

Preferred Certifications

• SC-300

  — Identity and Access Administrator

• SC-400

  — Information Protection Administrator

• SC-200

  — Security Operations Analyst

• AZ-500

  — Azure Security

• MS-101

  — Microsoft 365 Mobility & Security

• CISM / CISSP

  (bonus)

• ISO 27001 Lead Implementer / Auditor

  (preferred)