Job Description

M365 Security Manager

Information Security & Risk Management (ISRM)

The Manager – M365 Security is responsible for the strategic leadership, governance, engineering, and operational security of the firm’s Microsoft 365 ecosystem This includes Microsoft Defender suite, Purview Compliance & Information Protection, Entra ID, Exchange Online Protection (EOP), SharePoint/OneDrive security, Teams governance, Conditional Access, secure configuration baselines, and M365‑integrated identity/security controls.

This leader oversees global operations across security, compliance, identity protection, data governance, threat detection, policy enforcement, and M365‑centric incident response. The role partners extensively with cloud engineering, network security, SOC, legal, risk, data governance, and M365 platform teams to ensure strong alignment between business objectives and security strategy.

Key Responsibilities

1. Strategy & Governance

• Define and execute the enterprise M365 security strategy, ensuring alignment with the broader ISRM program (in line with responsibilities described for senior IT security leadership roles).
• Establish and maintain M365 security policies, standards, and baselines across Entra, EOP, Defender, and Purview compliance controls.
• Continuously evaluate emerging threats, Microsoft roadmap changes, and regulatory requirements to maintain a strong M365 security posture (referencing ongoing threat research expectations).
• Govern sensitive data protection using Microsoft Purview tools, including retention, DLP, information protection, and eDiscovery.

2. M365 Security Engineering & Architecture

• Lead engineering and configuration of Defender for Office 365, Defender for Endpoint, Defender for Cloud Apps, Defender for Identity, and related components.
• Oversee implementation of Conditional Access, MFA strategy, session controls, and identity‑centric security aligned with IDP and zero trust best practices (as highlighted in M365 recruitment guidelines).
• Architect secure configurations for Exchange Online, SharePoint, OneDrive, Teams, and related platform services with governance alignment.
• Ensure appropriate telemetry integration with SIEM/SOAR systems and cloud security analytics.

3. Operational Management & Incident Response

• Manage M365 threat protection operations, including phishing defense, malware detection, EOP/Defender tuning, alert triage, and escalation workflows (reflecting real M365 incident operational patterns).
• Lead M365‑related incident response for credential phishing, OAuth misuse, compromised mailboxes, suspicious Teams activity, and data leakage.
• Oversee coordination with external tool vendors, MSSPs/MSPs, and Microsoft support during major incidents.
• Maintain operational runbooks, response workflows, and incident documentation.

4. Data Governance & Compliance (Purview)

• Manage global deployment and maintenance of data retention schedules, records management, legal hold, classification, and DLP policies in the M365 environment.
• Ensure compliance with ISO 27001, GDPR, SOX, HIPAA, and internal data governance policies through M365‑native controls.
• Partner with Legal, Compliance, and Data Governance teams for eDiscovery, privacy impact assessments, and policy refinement.

5. Identity & Access Security

• Oversee Entra ID security, including conditional access, identity protection, privileged identity management (PIM), and lifecycle governance.
• Ensure alignment with secure access principles such as least privilege, continuous access evaluation, and device compliance integration.

6. Collaboration & Cross‑Functional Engagement

• Work closely with Cloud Engineering, SOC, Endpoint Security, Network Security, Data Governance, and IT Operations to ensure consistent implementation of M365 security controls.
• Provide guidance for M365 onboarding/integration in M&A activities, new business units, and cloud modernisation projects.

7. Leadership & Team Management

• Lead and mentor a global team of M365 security engineers, analysts, and compliance specialists (aligned with expectations for senior managerial roles).
• Develop training and career progression plans to enhance capabilities in M365 security, governance, and automation.
• Promote a culture of security‑first thinking within the M365 platform teams.

Required Qualifications

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related discipline; Master’s preferred.
• 10+ years in cybersecurity with deep, hands‑on experience in Microsoft 365 security including Defender, Purview, Entra, Exchange Online, SharePoint/OneDrive, and Teams.
• Strong experience in configuration and administration of M365 compliance tools: Purview, Retention Policies, DLP, Audit, Sensitivity Labels
• Proficient in Conditional Access, identity governance, email authentication standards (SPF/DKIM/DMARC), and secure collaboration controls (as highlighted in M365 screening criteria).
• Demonstrated leadership in cloud security operations, threat defense, and incident response.
• Preferred certifications:
  • Microsoft Certified: Cybersecurity Architect (SC‑100)
  • Microsoft Security Operations Analyst (SC‑200)
  • Microsoft Information Protection Administrator (SC‑400)
  • CISSP / CISM or equivalent.

Preferred Qualifications

• Experience managing major M365 incidents, cross‑team coordination, and vendor escalations.
• Familiarity with modern AI‑based controls and Copilot security considerations (referencing M365 Copilot readiness discussions).
• Experience with automation using PowerShell, KQL, Graph API, or M365 security center APIs.

• Experience supporting global or multi‑region enterprises.

#LI-KS1

We are Grant Thornton
Grant Thornton Ireland is rapidly approaching 3,000 people, in 9 offices across Ireland, Isle of Man, Gibraltar and Bermuda. With a presence in over 149 countries around the world and a global network of 73,000 people, we bring our clients the local knowledge, national expertise and global presence to help them succeed – wherever they’re located.

At GT, we work as trusted advisors, bringing local knowledge and national expertise, with a global presence, to help businesses succeed – wherever they are located. We make business more personal by investing in building relationships and empowering our clients to make the right decisions for their organisation now and for the future. Whether that is working with the public sector to build thriving communities, with regulators and financial institutions to build trust, or with a diverse range of businesses to help them achieve their goals, Grant Thornton Ireland work hard to support clients to act on the issues that matter.

At GT Ireland we don’t just predict your future, we build it
A Career at GT
Looking for a more fulfilling role in professional services? One where fresh thinking, collaboration and diversity are valued? At Grant Thornton we do things differently.

What does this mean for you?
A career in a more inclusive working environment, a more collaborative work culture, a more supported, flexible working role, more possibilities to grow and more opportunities to help shape the future for your clients. We respect and value your experience. And we want you to bring your authentic self to work and be at your best. It is how it should be.

Grow with us
At Grant Thornton, we care about our people and work hard to make you feel valued. If you are looking to deepen and develop your skills, knowledge, and experience throughout your career, then that is what you will get, and more.
Our Benefits
Please follow this link for information on our generous benefits package.