Cyber Security Project Manager

Project Manager required to lead the delivery of multiple key initiatives including Privileged Identity Management (Microsoft), Data Classification and Labelling and Data Loss Prevention ,Microsoft Purview, RBAC (I.T Colleagues), and Bring Your Own Device , Intune. You will be responsible for planning, executing, and finalising these projects in line with business goals, security requirements, and compliance standards.

Skills

• Proven experience managing multiple cyber security projects.
• Demonstrable understanding of Microsoft security stack.
• Experience with data classification and labelling tools, particularly Microsoft Purview.
• Excellent stakeholder engagment skills
• ITIL , Prince2 qualifications would be desirable

Responsibilities

• Ensure that all changes follow the change management process.
• Appropriate service transition plans are in place.
• Business Impact Assessments are completed for all project deliverables.
• Recovery plans are produced and satisfies the BC and DR team requirements.
• Ensure that Architect designs are ratified at appropriate technical and design authority forums.

• Lead the end-to-end delivery of the Privileged Idenitity Managment & RBAC capabiliites across the organisation. Collaborate with stakeholders to define RBAC and PIM goals (e.g., just-in-time access, approvals, auditing).

  • Identify the diverse types of data across the organisations M365 environment.
  • Identify any regulatory or business needs for data.
  • Engage with stakeholders to align labels with business and compliance needs.
  • Capture and define policy requirements (e.g., MFA, time limits, approval workflows).
  • Capture training needs (e.g., how to request/activate roles).
  • Identify internal and external resources required to deliver capability.
  • Create communication plans. Create sensitivity labels in Microsoft Purview and define labelling behaviors (e.g., encryption, watermarking, access restrictions).
  • • Define and deploy auto-labelling rules based on content types or keywords.
    • Deploy label policies to test/targeted users or groups.
    • Monitor usage and adjust policies based on feedback to determine label effectiveness.
    • Work with training team to produce guidance on how and when to apply labels and how to manage different data types securely.
    • Integrate logs with Microsoft Sentinel and Managed XDR service provider.
    • Create and co-ordinate a test plan to validate logging and alerting.
    • Create and obtain approval for dashboards and reports for relevant stakeholders.
    • Implement the data classification taxonomy (Public, Internal, Confidential and Highly Confidential) across the organisation
  • Identify data at risk of leakage (e.g., emails, teams’ messages, SharePoint files)
  • Determine common data exfiltration vectors (e.g., USB, email, cloud storage).
  • Define Data Loss Policies in Microsoft Purview
  • Define conditions (e.g., if document contains resident information) and define actions (e.g., block sharing, notify user, alert)
  • Define an approach to roll out policies across the different workspaces (e.g., SharePoint, OneDrive, Teams, Email)
  • Execution
  • Deploy in a test mode to evaluate policy impact, refining rules to reduce false positives and user friction.
  • Monitor policy matches and user overrides and provides recommendations for policy changes.
  • Manage the integration of appropriate logs into Microsoft Sentinel and the Managed XDR service provider.
  • Appropriate teams to be set up to receive appropriate alerting and reporting.
  • Implement appropriate procedures to investigate and respond to potential breaches of policies.
  • Implement an appropriate set of compliance reports for auditing and governance.

  Bring Your Own Device (BYOD)

  • Planning
  • Identify which devices, users and systems are included.
  • Identify security, compliance, and operational risks.
  • Modify BYOD policy.
  • Create a communication and training plan to ensure colleagues understand expectations and how to enroll devices.
  • Create a rollout plan to include pilot and phased deployment with a support strategy.
  • Define an approach to roll out policies across the different workspaces (e.g., SharePoint, OneDrive, Teams, Email)
  • Execution
  • Configure policies for device enrollment, encryption, remote wipe.
  • Deploy test users and support staff and gather feedback.
  • Train colleagues and support staff provide onboarding guides and support documentation.
  • Deploy BYOD program organisation wide monitoring adoption and address issues promptly.
  • Implement an appropriate set of dashboards and alerts to track device status and policy adherence.
  • Obtain feedback from colleagues and support team to identify pain points, refining policies and procedures where appropriate.