Data Loss Prevention (DLP) Architect – Microsoft Purview

We are seeking a Data Loss Prevention (DLP) Architect with 5+ years of experience to lead the architecture, design, and technical governance of a Microsoft Purview DLP implementation for a large enterprise environment. The scope focuses on enabling unified detection, protection, and control of sensitive data across endpoints and Microsoft 365 workloads, including Office 365, OneDrive, SharePoint, and Microsoft Teams, while validating and optimizing existing email DLP. You will work in a structured, phased delivery model (assessment → design → pilot → enterprise rollout), collaborating closely with the Project Manager, Compliance Analyst, DLP Engineer, Data Governance Lead, and Trainer. This role is client‑facing and requires strong consulting discipline, the ability to translate risk and compliance needs into actionable DLP controls, and the ability to scale policies safely through monitoring, tuning, and enforcement.

• Architecture & Solution Design

  • Own the end‑to‑end DLP architecture using Microsoft Purview, aligned to the client’s Microsoft 365, Azure, and Defender ecosystem.
  • Define the DLP policy framework aligned to business data taxonomy/classification, sensitivity labels, and compliance requirements.
  • Produce high‑quality consulting deliverables (HLD/LLD, implementation approach, policy design, exception model, test strategy, cutover plan, and operational runbooks).

• 2) DLP Assessment, Discovery & Requirements

  • Lead kickoff and discovery workshops with Security, Compliance, Legal, HR, IT, and business stakeholders to clarify objectives, risk appetite, and success criteria.
  • Review existing DLP posture (including current email DLP baseline rules) and assess gaps, overlaps, and improvement opportunities.
  • Support data discovery and classification alignment activities (including leveraging existing foundations created by related information governance initiatives).

• 3) Policy Engineering, Configuration & Tuning Strategy

  • Define and guide configuration of Purview DLP policies across M365 workloads and endpoints (monitoring, alerts, user notifications, overrides/justifications, blocking actions).
  • Drive a monitor > tune > enforce approach:
    • Start in monitoring/audit mode to validate detections and reduce false positives.
    • Tune rule conditions, thresholds, exclusions, and user experience prompts.
    • Progressively enable blocking/enforcement for high‑confidence scenarios.
  • Guide the implementation of classification mechanisms used by DLP:
    • Sensitivity labels and label behaviors.
    • Sensitive Information Types (SITs), including out‑of‑the‑box and (where needed) custom SITs.
    • Trainable classifiers (where relevant and justified).

• 4) Workstream Leadership Across “Data In Use / In Transit / At Rest”

  • Provide technical leadership across parallel DLP workstreams:
    • Data in use (endpoint/user actions).
    • Data in transit (sharing/exfiltration scenarios).
    • Data at rest alignment (policy tuning based on discovery/classification outputs and stored content visibility).
  • Ensure consistent control coverage and reporting across endpoints and Microsoft 365 collaboration workloads.

• 5) Pilot Execution & Enterprise Rollout in Waves

  • Design and govern a controlled pilot phase (scope, success metrics, stakeholder readiness, feedback loop).
  • Support enterprise rollout in controlled waves/batches (e.g., by Business Unit), ensuring readiness, risk mitigation, and minimal business disruption.
  • Ensure scale‑readiness for large endpoint populations (e.g., ~10,000 endpoints), partnering with engineering teams on prerequisites and onboarding.

• 6) Alerting, Incident Response & Integration (Security Operations)

  • Define the DLP alert strategy and operational workflow:
    • Alert severity and triage model.
    • Evidence requirements.
    • Escalation paths and resolution SLAs.
    • Reporting and governance cadence.
  • Integrate DLP operations with broader security tooling and processes where applicable (e.g., extending incidents/alerts into broader incident management platforms and dashboards).

• 7) Adoption, Training Enablement & Aftercare

  • Partner with the Trainer and Service Desk stakeholders to ensure:
    • Service desk readiness for incident triage and user support.
    • End‑user enablement (including microlearning approaches embedded into M365 user experience).
    • Clear user messaging that balances security and productivity.
  • Lead aftercare and optimization post go‑live:
    • Evaluate initial configuration effectiveness.
    • Refine policies/labels.
    • Validate and expand blocking rules.
    • Drive measurable improvements in signal quality and policy adoption.
  • Contribute to optional transition pathways toward managed DLP operations (continuous monitoring and policy optimization).

• 5+ years of experience in information protection, data security, DLP, compliance security, or security architecture.
• Strong hands‑on expertise designing and implementing Microsoft Purview DLP across Microsoft 365 workloads (Exchange/Email, SharePoint, OneDrive, Teams) and endpoints.
• Proven experience designing DLP policies aligned to:
  • Sensitive data types and classification.
  • Business process risk.
  • Regulatory/compliance requirements and internal controls.
• Strong understanding of policy lifecycle: requirements > design > monitoring > tuning > enforcement > operations/continuous improvement.
• Technical proficiency with relevant Microsoft security/compliance tooling, including:
  • Microsoft Purview compliance portal / M365 Compliance capabilities.
  • PowerShell for configuration/administration and reporting support.
  • Endpoint and device management concepts (e.g., Intune‑based deployment readiness).
• Strong stakeholder management and consulting delivery skills:
  • Workshop facilitation.
  • Clear written documentation.
  • Executive‑ready communication.
  • Ability to work across global teams and client environments.

• Microsoft security/compliance certifications (e.g., SC‑400, SC‑100, SC‑200, AZ‑500) or equivalent proven experience.
• Experience integrating DLP operations into broader SOC processes and dashboards (e.g., Sentinel and/or Microsoft Defender incident workflows).
• Experience with adjacent Microsoft Purview capabilities such as Insider Risk Management, Data Lifecycle Management/Retention, Records Management, and eDiscovery (where relevant to the operating model).
• Experience implementing DLP at enterprise scale (multi‑country / multi‑business unit rollouts; large endpoint estates).
• Familiarity with regulatory frameworks and privacy requirements relevant to global organizations (e.g., GDPR and other regional data protection obligations).
• Experience introducing automation for triage/reporting (e.g., Power Automate) and operational reporting (e.g., Power BI).

• Client‑first mindset with the ability to operate as a trusted advisor in complex security and compliance environments.
• Strong collaboration across roles (PM, engineering, compliance, governance, training) with clear ownership and follow‑through.
• Pragmatic, risk‑based approach: delivers meaningful protection while minimizing business disruption.
• High standards of consulting professionalism: structured documentation, repeatable methods, clear governance, and measurable outcomes.
• Continuous improvement orientation: uses telemetry, incidents, and feedback to refine policies and improve signal quality over time.
• Resilient and adaptable in fast‑paced delivery environments with multiple stakeholders and evolving requirements.

• Analytical Thinking
• Security Architecture

Together, as owners, let’s turn meaningful insights into action.

Life at CGI is rooted in ownership, teamwork, respect and belonging. Here, you’ll reach your full potential because…

You are invited to be an owner from day 1 as we work together to bring our Dream to life. That’s why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company’s strategy and direction.

Your work creates value. You’ll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise.

You’ll shape your career by joining a company built to grow and last. You’ll be supported by leaders who care about your health and well‑being and provide you with opportunities to deepen your skills and broaden your horizons.

Come join our team—one of the largest IT and business consulting services firms in the world.