Microsoft Security SME

About the role  

We are seeking talented Security Engineers / Architects to join our Cyber Security Architecture team within PwC’s UK Security practice. 

You will play a pivotal role in shaping, designing, and implementing secure digital environments for our clients. While your primary focus will be on Microsoft’s E5 security suite, with particular expertise in Microsoft Purview, your remit will extend across a range of enterprise technologies. 

You will help clients uplift their cyber capabilities by leading design and implementation activities across multi-year transformation programmes. As part of PwC’s Security Architecture team, you will contribute to both Microsoft-centric and cross-technology engagements, ensuring our clients achieve resilience and compliance across hybrid and multi-cloud environments. 

You will have: 

• Deep expertise in Microsoft's E5 security suite, with a particular focus on Purview (Information Protection, Data Governance, and Compliance); 

• A strong architectural mindset, with the ability to translate security principles into scalable, practical design patterns. 

• Demonstrable experience delivering enterprise-scale security solutions in complex client environments. 

• Strong understanding of enterprise security architecture principles, and how Microsoft controls integrate with broader platforms and services. 

• Excellent communication skills, with the ability to articulate technical designs to both senior executives and delivery teams. 

• A forward-thinking, curious mindset and the ability to advise beyond Microsoft when client needs demand. 

Experience in AWS, GCP, or other enterprise security ecosystems will be considered highly beneficial. 

What your days will look like: 

• Leading the design and implementation of Microsoft E5 security and compliance capabilities, particularly in Microsoft Purview, Defender, Entra ID, and Sentinel. 

• Acting as a trusted security architect, developing reference architectures and target operating models across Microsoft and non-Microsoft technologies. 

• Integrating Microsoft-native controls within enterprise and multi-cloud architectures. 

• Providing architectural oversight across projects, ensuring alignment with Zero Trust and regulatory frameworks. 

• Guiding and mentor security engineers in implementing secure-by-design principles and automation through DevSecOps practices. 

• Advising clients on data protection, governance, and insider risk strategies using Microsoft Purview. 

• Building artefacts, documentation, and automation (scripts, templates, IaC) that enable sustainable security operations. 

• Collaborating with cross-functional teams across PwC to deliver integrated security solutions that span application, infrastructure, and identity domains. 

The role is for you if:   

You must be able to demonstrate expertise across a strong subset of the following areas: 

• Microsoft Security & Compliance (E5 Suite) 

• Microsoft Purview: Information Protection, Data Lifecycle Management, Insider Risk, eDiscovery, and Compliance Portal configuration. 

• Microsoft Defender Suite: Defender for Endpoint, Identity, Office 365, Cloud, and Cloud Apps. 

• Microsoft Sentinel: Design and onboarding connectors. 

• Microsoft Entra ID (Azure AD): Conditional Access, Identity Governance, PIM, Access Reviews. 

• Defender for Cloud & Azure Security: Key Vault, DDoS Protection, Security Posture Management. 

• Proven experience in designing enterprise security architectures across Microsoft and non-Microsoft platforms. 

• Understanding of Zero Trust, NIST, and Cloud Security Alliance (CSA) frameworks. 

• Experience designing or reviewing security solutions for SaaS ecosystems e.g. Salesforce.