Microsoft 365 (O365) Security Architect (NCS/Job/ 3476)

·                Act as Security Architect / SME for Microsoft 365, covering Exchange Online, SharePoint Online, OneDrive, Teams, and Office apps.

·                Design and enforce end‑to‑end O365 security architecture aligned with Zero Trust and least‑privilege principles.

·                Establish security standards, patterns, and governance across the M365 platform.

Identity & Access Security (Entra ID)

·                Design and implement Conditional Access policies for secure access to O365 workloads.

·                Enable phishing‑resistant MFA and Continuous Access Evaluation (CAE) for internal and external users.

·                Design Entra ID controls to restrict privileged access and sensitive data to managed and compliant devices.

·                Govern Entra Application Registrations, permissions, and access lifecycle.

Threat Protection & Monitoring

·                Implement and optimize:

o        Microsoft Defender for Office 365

o        Defender for Identity (as applicable)

o        Defender for Cloud Apps (CASB)

·                Protect against phishing, malware, ransomware, and identity-based attacks.

·                Identify and close security gaps across email, collaboration, and cloud app usage.

Data Protection & Information Security

·                Design and implement Data Loss Prevention (DLP) policies across Exchange, SharePoint, OneDrive, and Teams.

·                Apply Information Protection (sensitivity labels, encryption, retention).

·                Ensure secure sharing and collaboration for internal and external users.

Endpoint, App & Browser Security Integration

·                Integrate Intune app protection and device compliance with O365 access.

·                Roll out secure browser and app protection for Office 365 users.

·                Ensure access to O365 data is based on user, device, app, and risk posture.

Virtual & Cloud Workspace Security

·                Close security control gaps for:

o        App Virtualization

o        Virtual Desktop / AVD / VDI environments

·                Evaluate Windows 365 (W365) fitment and apply O365 security controls accordingly.

Governance & Best Practices

·                Drive adoption of overall Entra ID and O365 security best practices.

·                Conduct security posture reviews and continuous improvement initiatives.

·                Work closely with identity, endpoint, SOC, and compliance teams.