Microsoft Purview Consultant

We are seeking an experienced Microsoft Purview Consultant to support enterprise compliance, governance, and data protection initiatives within Microsoft 365 and Azure environments. This is a contract role and can be performed remotely. The successful candidate must be able to attend virtual meetings during business hours CST. This role requires a candidate with strong technical expertise in Microsoft Purview, in particular with Information Protection, Data Loss Prevention, and Data Lifecycle Management. They need to combine this expertise with strong understanding of Microsoft 365 security and compliance architecture. The consultant will work closely with stakeholders to assess compliance posture, design and implement Purview solutions, and ensure alignment with U.S. regulatory and industry frameworks such as CCPA, GLBA, HIPAA, and PCI DSS.

• Lead the deployment and configuration of Microsoft Purview solutions, including (1) Information Protection (Sensitivity Labels, Encryption, and DLP), (2) Data Lifecycle Management and Records Management, (3) Insider Risk Management and Communication Compliance, (4), eDiscovery (Standard & Premium) and Audit capabilities, and (5) Compliance Manager and regulatory score optimization
• Translate regulatory and internal governance requirements into practical technical controls within Microsoft 365.
• Conduct stakeholder workshops to define data protection objectives, classification schemes, and compliance boundaries.
• Integrate Purview with Microsoft Defender, Entra ID (Azure AD), and Power Platform for unified risk and compliance visibility.
• Create detailed configuration documentation, governance playbooks, and end-user enablement materials.
• Perform compliance assessments and support remediation activities to close security and governance gaps.
• Provide best-practice recommendations for securing and monitoring sensitive retail, payment, and customer data across cloud and hybrid environments.

• 5+ years of hands-on experience with Microsoft 365 Security & Compliance solutions.
• 3+ years of specialized experience with Microsoft Purview, including Information Protection, DLP, Data Lifecycle, and Insider Risk modules.
• Strong understanding of Microsoft Defender, Entra ID, and related security and governance tools.
• Demonstrated experience with U.S. data protection and privacy regulations, especially CCPA, HIPAA, GLBA, and PCI DSS.
• Proven ability to develop and implement compliance policies, labeling frameworks, and retention schedules.
• Experience working with or advising enterprise-scale organizations (preferably retail, consumer goods, or e-commerce).
• Excellent communication, documentation, and client-facing consulting skills.
• Proficiency with PowerShell and KQL for reporting, compliance automation, or investigation is a plus.

• Microsoft Certifications such as (1) SC-400 : Microsoft Information Protection Administrator, (2) SC-100 : Microsoft Cybersecurity Architect Expert, and (3) SC-900 : Microsoft Security, Compliance, and Identity Fundamentals
• Prior experience in the retail industry or with consumer data governance.
• Familiarity with Zero Trust and data-centric security models.