Service Operations and Control Analyst

Company Overview:
Pearson India is a global leader in providing innovative learning solutions and educational content across various platforms. Our mission is to empower educators and learners worldwide by offering impactful and transformative educational products and services. 

Job Summary:

We are seeking a skilled and experienced Security Operations Specialist to oversee and manage security-related functions within Microsoft 365 (M365) and Azure environments. This role will involve the creation and management of data lifecycle policies, privileged identity management (PIM), data loss prevention (DLP), disaster recovery (DR) processes, and ensuring secure access controls. The ideal candidate will also provide advanced technical support for security incidents and end-user troubleshooting, utilizing tools such as Microsoft Defender and Microsoft Cloud App Security (MCAS).

Key Responsibilities:

• M365 Data Lifecycle Management (DLM): Implement, and manage both static and dynamic data lifecycle policies within M365. Ensure that policies for data retention, secure deletion, and recovery are effectively applied and compliant with organizational and regulatory standards.
• Privileged Identity Management (PIM): Management of the PIM solution, including the creation and maintenance of PIM groups and role assignments. Ensure privileged access is granted on a least-privilege basis and monitor compliance with PIM policies.
• Implementation of PIM for Azure Resources: Implementation of PIM within Azure resources, ensuring secure and compliant management of privileged access to Azure subscriptions, resource groups, and individual resources.
• Data Loss Prevention (DLP): Manage the lifecycle of DLP policies, including testing, implementation, and ongoing optimization. Focus on Microsoft Purview DLP to safeguard sensitive data and prevent unauthorized exposure.
• Data Classification & Sensitivity Labels: Manage data classification policies, apply sensitivity labels, and access controls to protect sensitive information across Microsoft 365 and Azure environments.
• Incident Management & Level 3 Support: Provide Level 3 support for security incidents related to DLP, DR, and PIM. Investigate complex issues, conduct root cause analysis, and implement remediation actions to mitigate risks.
• End-User Security Support: Troubleshoot and resolve security-related issues affecting end users in Azure and M365 environments. Assist with multi-factor authentication (MFA), conditional access policies, and other security features to ensure secure user access.
• Microsoft Defender & MCAS Management: Utilize Microsoft Defender and Microsoft Cloud App Security (MCAS) to monitor and respond to potential security threats. Maintain and optimize configurations to ensure optimal protection across cloud resources.

Qualifications:

• Strong experience in creating and managing M365 Data Lifecycle Management (DLM) policies, including static and dynamic retention, deletion, and recovery policies.
• Hands-on experience managing Privileged Identity Management (PIM) solutions, including the creation and maintenance of PIM groups and role assignments within M365 and Azure environments.
• Proven expertise in implementing PIM for Azure resources and applying role-based access control (RBAC) for Azure subscriptions, resource groups, and resources.
• In-depth knowledge and experience with Microsoft Purview DLP, Enterprise DLP (EDLP), and policy management lifecycle.
• Experience in managing data classification frameworks, applying sensitivity labels, and enforcing access controls within Microsoft 365 and Azure.
• Ability to provide advanced (Level 3) support for security incidents, including DLP, DR, and PIM, and a deep understanding of incident investigation and remediation.
• Proficient in troubleshooting and resolving security-related issues within Azure and M365 environments.
• Experience working with Microsoft Defender and Microsoft Cloud App Security (MCAS) for threat detection and response.

Preferred Qualifications:

• Microsoft certifications related to security, such as Microsoft Certified: Azure Security Engineer Associate, Microsoft Certified: Security, Compliance, and Identity Fundamentals.
• Experience with Microsoft Defender for Identity, Microsoft Defender for Endpoint, and other Microsoft security solutions.