M365 Security Associate Director

Role Overview

6/12 month contract. This includes Microsoft Defender suite, Purview Compliance & Information Protection, Entra ID, Exchange Online Protection (EOP), SharePoint/OneDrive security, Teams governance, Conditional Access, secure configuration baselines, and M365‑integrated identity/security controls.

M365 Security Associate Director

The M365 Security Associate Director is responsible for the strategic leadership, governance, engineering, and operational security of the firm’s Microsoft 365 ecosystem. This role is on a 6/12 month contract.

This leader oversees global operations across security, compliance, identity protection, data governance, threat detection, policy enforcement, and M365‑centric incident response. The role partners extensively with cloud engineering, network security, SOC, legal, risk, data governance, and M365 platform teams to ensure strong alignment between business objectives and security strategy.

• 
  
• Strategy & Governance
  
  • 
    
  • Define and execute the enterprise M365 security strategy, ensuring alignment with the broader ISRM program (in line with responsibilities described for senior IT security leadership roles).
    
  • Establish and maintain M365 security policies, standards, and baselines across Entra, EOP, Defender, and Purview compliance controls.
    
  • Continuously evaluate emerging threats, Microsoft roadmap changes, and regulatory requirements to maintain a strong M365 security posture (referencing ongoing threat research expectations).
    
  • Govern sensitive data protection using Microsoft Purview tools, including retention, DLP, information protection, and eDiscovery.
    
  
  
• M365 Security Engineering & Architecture
  
  • 
    
  • Lead engineering and configuration of Defender for Office 365, Defender for Endpoint, Defender for Cloud Apps, Defender for Identity, and related components.
    
  • Oversee implementation of Conditional Access, MFA strategy, session controls, and identity‑centric security aligned with IDP and zero trust best practices.
    
  • Architect secure configurations for Exchange Online, SharePoint, OneDrive, Teams, and related platform services with governance alignment.
    
  • Ensure appropriate telemetry integration with SIEM/SOAR systems and cloud security analytics.
    
  
  
• Operational Management & Incident Response
  
  • 
    
  • Manage M365 threat protection operations, including phishing defense, malware detection, EOP/Defender tuning, alert triage, and escalation workflows.
    
  • Lead M365‑related incident response for credential phishing, OAuth misuse, compromised mailboxes, suspicious Teams activity, and data leakage.
    
  • Oversee coordination with external tool vendors, MSSPs/MSPs, and Microsoft support during major incidents.
    
  • Maintain operational runbooks, response workflows, and incident documentation.
    
  
  
• Data Governance & Compliance (Purview)
  
  • 
    
  • Manage global deployment and maintenance of data retention schedules, records management, legal hold, classification, and DLP policies in the M365 environment.
    
  • Ensure compliance with ISO 27001, GDPR, SOX, HIPAA, and internal data governance policies through M365‑native controls.
    
  • Partner with Legal, Compliance, and Data Governance teams for eDiscovery, privacy impact assessments, and policy refinement.
    
  
  
• Identity & Access Security
  
  • 
    
  • Oversee Entra ID security, including conditional access, identity protection, privileged identity management (PIM), and lifecycle governance.
    
  • Ensure alignment with secure access principles such as least privilege, continuous access evaluation, and device compliance integration.
    
  
  
• Collaboration & Cross‑Functional Engagement
  
  • 
    
  • Work closely with Cloud Engineering, SOC, Endpoint Security, Network Security, Data Governance, and IT Operations to ensure consistent implementation of M365 security controls.
    
  • Provide guidance for M365 onboarding/integration in M&A activities, new business units, and cloud modernization projects.
    
  
  
• Leadership & Team Management
  
  • 
    
  • Lead and mentor a global team of M365 security engineers, analysts, and compliance specialists.
    
  • Develop training and career progression plans to enhance capabilities in M365 security, governance, and automation.
    
  • Promote a security‑first culture within the M365 platform teams.
    
  
  

• 
  
• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related discipline; Master’s preferred.
  
• 10+ years in cybersecurity with deep, hands‑on experience in Microsoft 365 security including Defender, Purview, Entra, Exchange Online, SharePoint/OneDrive, and Teams.
  
• Strong experience in configuration and administration of M365 compliance tools: Purview, Retention Policies, DLP, Audit, Sensitivity Labels.
  
• Proficient in Conditional Access, identity governance, email authentication standards (SPF/DKIM/DMARC), and secure collaboration controls.
  
• Demonstrated leadership in cloud security operations, threat defense, and incident response.
  
• Preferred certifications:
  
  • 
    
  • Microsoft Certified: Cybersecurity Architect (SC‑100)
    
  • Microsoft Security Operations Analyst (SC‑200)
    
  • Microsoft Information Protection Administrator (SC‑400)
    
  • CISSP / CISM or equivalent
    
  
  

• 
  
• Experience managing major M365 incidents, cross‑team coordination, and vendor escalations.
  
• Familiarity with modern AI‑based controls and Copilot security considerations.
  
• Experience with automation using PowerShell, KQL, Graph API, or M365 security center APIs.
  
• Experience supporting global or multi‑region enterprises.
  

We are Grant Thornton

Grant Thornton Ireland is rapidly approaching 3,000 people, in 9 offices across Ireland, Isle of Man, Gibraltar and Bermuda. With a presence in over 149 countries around the world and a global network of 73,000 people, we bring our clients the local knowledge, national expertise and global presence to help them succeed – wherever they’re located.

At GT, we work as trusted advisors, bringing local knowledge and national expertise, with a global presence, to help businesses succeed – wherever they are located. We make business more personal by investing in building relationships and empowering our clients to make the right decisions for their organisation now and for the future. Whether that is working with the public sector to build thriving communities, with regulators and financial institutions to build trust, or with a diverse range of businesses to help them achieve their goals, Grant Thornton Ireland work hard to support clients to act on the issues that matter.

A Career at GT

Looking for a more fulfilling role in professional services? One where fresh thinking, collaboration and diversity are valued? At Grant Thornton we do things differently. xcfaprz What does this mean for you? A career in a more inclusive working environment, a more collaborative work culture, a more supported, flexible working role, more possibilities to grow and more opportunities to help shape the future for your clients.