Job Description: Security Architect (150 hours)
Role Summary
Seasoned Security Architect to design and deliver an enterprise solution for Microsoft Purview (classification & governance), Data Loss Prevention (endpoint & cloud), Information Rights Management (IRM/AIP), and retention. Responsible for regulatory alignment (GDPR/PCI/HIPAA/etc.), integration with SIEM, MCAS (Microsoft Defender for Cloud Apps), and AIP/MIP Scanner. Must be Spanish-fluent and have 10+ years relevant experience. Engagement estimated at 150 hours.
Key Responsibilities
- Lead solution architecture and implementation plan for Microsoft Purview, Endpoint & Cloud DLP, AIP/IRM, retention/records management.
- Map regulatory requirements (GDPR, HIPAA, PCI-DSS, local/regional laws) to technical controls and retention rules.
- Design integrations: Purview SIEM (Azure Sentinel / Splunk), DLP MCAS, AIP Scanner discovery workflows.
- Define classification taxonomy, sensitivity labels, retention labels, and automated labeling policies.
- Create architecture diagrams, data flow maps, and threat model for data in motion, at rest, and in use.
- Produce pilot scope, migration strategy, test plan, runbooks, rollback plan, and cutover checklist.
- Develop monitoring & alerting plan; map telemetry/events to SIEM use cases and SOC playbooks.
- Provide playbooks for IR (data exposure, data exfiltration, insider threat) including forensic evidence capture steps.
- Deliver Spanish-language knowledge transfer: admin guides, runbooks, and at least one training session.
- Perform risk assessment, gap analysis vs. current controls, and recommended remediation roadmap.
Required Qualifications & Skills
- 10+ years in security architecture, data protection, or related roles.
- Fluent Spanish (verbal & written).
- Deep hands-on experience with Microsoft Purview, Microsoft Information Protection (AIP/MIP), Endpoint & Cloud DLP, AIP Scanner/MIP Scanner, Microsoft Defender for Endpoint, and Microsoft Defender for Cloud Apps (MCAS).
- Experience integrating security tooling into SIEM (Azure Sentinel, Splunk, QRadar) and building detection/use cases.
- Strong knowledge of retention/records management and implementing retention labels/policies in M365.
- Knowledge of regulatory frameworks: GDPR, HIPAA, PCI-DSS, local privacy laws; experience doing compliance mappings.
- Proven experience producing architectural artifacts: diagrams, runbooks, risk registers, test plans.
- Certifications preferred: CISSP, CISM, MS-500, AZ-500, Microsoft Purview/AIP related certs, or equivalent hands-on experience.
- Excellent stakeholder skills and ability to present to executive audiences in Spanish.
Deliverables
- Architecture & Design Package (Diagrams, Data flows, Threat model).
- Policy Matrix mapping regulatory controls to Purview/DLP/IRM/Retention settings.
- Label Taxonomy & Policy Definitions (sensitivity + retention labels).
- Integration Plan (SIEM use cases, MCAS rules, AIP Scanner workflows).
- Pilot Implementation Plan & Test Cases.
- Runbooks & Playbooks (IR, admin tasks, classification exceptions) Spanish and English.
- Knowledge Transfer: recorded training session(s) + slide deck.
- Gap & Risk Report with prioritized remediation.
- Final handover including configuration exports, scripts, and operating procedures.
