Microsoft Security SME at PwC UK

You will have: 

• Deep expertise in Microsoft's E5 security suite, with a particular focus on Purview (Information Protection, Data Governance, and Compliance); 
• A strong architectural mindset, with the ability to translate security principles into scalable, practical design patterns. 
• Demonstrable experience delivering enterprise-scale security solutions in complex client environments. 
• Strong understanding of enterprise security architecture principles, and how Microsoft controls integrate with broader platforms and services. 
• Excellent communication skills, with the ability to articulate technical designs to both senior executives and delivery teams. 
• A forward-thinking, curious mindset and the ability to advise beyond Microsoft when client needs demand. 
• Experience in AWS, GCP, or other enterprise security ecosystems will be considered highly beneficial. 

Key Responsibilities 

• Leading the design and implementation of Microsoft E5 security and compliance capabilities, particularly in Microsoft Purview, Defender, Entra ID, and Sentinel. 
• Acting as a trusted security architect, developing reference architectures and target operating models across Microsoft and non-Microsoft technologies. 
• Integrating Microsoft-native controls within enterprise and multi-cloud architectures. 
• Providing architectural oversight across projects, ensuring alignment with Zero Trust and regulatory frameworks. 
• Guiding and mentor security engineers in implementing secure-by-design principles and automation through DevSecOps practices. 
• Advising clients on data protection, governance, and insider risk strategies using Microsoft Purview. 
• Building artefacts, documentation, and automation (scripts, templates, IaC) that enable sustainable security operations. 
• Collaborating with cross-functional teams across PwC to deliver integrated security solutions that span application, infrastructure, and identity domains. 

Skills and experience 

You must be able to demonstrate expertise across a strong subset of the following areas: 

• Microsoft Security & Compliance (E5 Suite) 
• Microsoft Purview: Information Protection, Data Lifecycle Management, Insider Risk, eDiscovery, and Compliance Portal configuration. 
• Microsoft Defender Suite: Defender for Endpoint, Identity, Office 365, Cloud, and Cloud Apps. 
• Microsoft Sentinel: Design and onboarding connectors. 
• Microsoft Entra ID (Azure AD): Conditional Access, Identity Governance, PIM, Access Reviews. 
• Defender for Cloud & Azure Security: Key Vault, DDoS Protection, Security Posture Management. 
• Proven experience in designing enterprise security architectures across Microsoft and non-Microsoft platforms. 
• Understanding of Zero Trust, NIST, and Cloud Security Alliance (CSA) frameworks. 
• Experience designing or reviewing security solutions for SaaS ecosystems e.g. Salesforce.