Information Security Analyst II

The Position

The Information Security Systems Analyst is responsible for the day-to-day administration, operation, and continuous improvement of the organization's Microsoft Purview platform, serving as the primary subject matter expert for data governance, data loss prevention (DLP), and information protection. This role operates at the intersection of information security, data governance, and regulatory compliance, ensuring that sensitive data - including intellectual property, clinical trial data, and personally identifiable information - is properly classified, protected, and governed in accordance with applicable regulations and internal policies. In addition to Purview-focused responsibilities, this analyst contributes to broader information security operations including troubleshooting endpoints, working in Microsoft 365, and Intune.

Responsibilities

• The analyst will serve as the hands-on operational owner of Microsoft Purview, managing the platform on a daily basis across its core functional areas:
• Information Protection & Data Classification - Administer and maintain Microsoft Purview sensitivity labels, label policies, and auto-labeling configurations. Develop and refine classification taxonomies appropriate to pharmaceutical data types, including research data, regulatory submissions, and patient data. Review and tune auto-classification rules to minimize false positives and ensure accurate labeling across Microsoft 365 and connected data sources.
• Data Loss Prevention - Build, maintain, and continuously tune DLP policies across Exchange, SharePoint, OneDrive, Teams, and endpoints. Investigate DLP policy matches and alerts, differentiate true policy violations from false positives, and work with business stakeholders to refine rules without disrupting legitimate business workflows. Document DLP incidents and escalate confirmed violations per the incident response process.
• eDiscovery & Content Search - Support legal hold requests and eDiscovery collections. Work with Legal and HR to scope, execute, and export content searches accurately and in accordance with chain-of-custody requirements.
• Insider Risk Management - Administer Purview Insider Risk Management policies, review alerts, and coordinate with HR, Legal, and Security leadership on confirmed or suspected insider risk cases. Maintain strict confidentiality in handling all insider risk data.
• Audit & Reporting - Generate and interpret Purview audit logs, compliance reports, and dashboard analytics. Provide regular reporting to management on DLP incidents, label adoption rates, policy effectiveness, and compliance posture. Identify trends and recommend adjustments to policies and configurations.
• Platform Administration & Health Monitoring - Monitor the health and performance of the Purview platform, apply configuration changes and updates in alignment with change management processes, and stay current on Microsoft feature releases relevant to Purview. Manage connector integrations with third-party data sources as required.
• Maintain clear documentation (runbooks, diagrams, standards, exceptions) and contribute to a knowledge base.
• Triage security alerts and escalate as necessary.

Requirements

• Bachelor's degree in Information Security, Information Technology, Computer Science, or a related field, or equivalent practical experience
• 3+ years of experience in Information Security, IT compliance, or data governance role
• Demonstrated hands-on experience administering Microsoft Purview or its predecessor Microsoft 365 Compliance Center, including at least two of the following areas: sensitivity labels, DLP, retention policies, eDiscovery, or Insider Risk Management
• Experience working within or supporting a regulated industry environment
• Strong analytical and problem-solving skills with the ability to investigate alerts, interpret audit logs, and distinguish signal from noise
• Effective written and verbal communication skills, with the ability to explain technical concepts to non-technical stakeholders

Preferred

• Microsoft certifications relevant to security and compliance, such as SC-401
• Experience with Microsoft Defender for Cloud Apps (MCAS) and its integration with Purview
• Prior experience in the pharmaceutical, biotech, or life sciences sector
• Experience supporting eDiscovery or legal hold workflows in collaboration with Legal teams
• Exposure to SIEM tools, endpoint detection and response (EDR) platforms, or identity and access management systems
• Comfortable working across functional teams including Legal, Compliance, HR, and IT, and possesses the judgment to handle sensitive data and insider risk information with appropriate discretion.