Job Description: Security Architect (150 hours)

Seasoned Security Architect to design and deliver an enterprise solution for Microsoft Purview (classification & governance), Data Loss Prevention (endpoint & cloud), Information Rights Management (IRM/AIP), and retention. Responsible for regulatory alignment (GDPR/PCI/HIPAA/etc.), integration with SIEM, MCAS (Microsoft Defender for Cloud Apps), and AIP/MIP Scanner. Must be Spanish-fluent and have 10+ years’ relevant experience. Engagement estimated at 150 hours.

·      Lead solution architecture and implementation plan for Microsoft Purview, Endpoint & Cloud DLP, AIP/IRM, retention/records management.

·      Map regulatory requirements (GDPR, HIPAA, PCI-DSS, local/regional laws) to technical controls and retention rules.

·      Design integrations: Purview ↔ SIEM (Azure Sentinel / Splunk), DLP ↔ MCAS, AIP Scanner ↔ discovery workflows.

·      Define classification taxonomy, sensitivity labels, retention labels, and automated labeling policies.

·      Create architecture diagrams, data flow maps, and threat model for data in motion, at rest, and in use.

·      Produce pilot scope, migration strategy, test plan, runbooks, rollback plan, and cutover checklist.

·      Develop monitoring & alerting plan; map telemetry/events to SIEM use cases and SOC playbooks.

·      Provide playbooks for IR (data exposure, data exfiltration, insider threat) including forensic evidence capture steps.

·      Deliver Spanish-language knowledge transfer: admin guides, runbooks, and at least one training session.

·      Perform risk assessment, gap analysis vs. current controls, and recommended remediation roadmap.

·      10+ years in security architecture, data protection, or related roles.

·      Fluent Spanish (verbal & written).

·      Deep hands-on experience with Microsoft Purview, Microsoft Information Protection (AIP/MIP), Endpoint & Cloud DLP, AIP Scanner/MIP Scanner, Microsoft Defender for Endpoint, and Microsoft Defender for Cloud Apps (MCAS).

·      Experience integrating security tooling into SIEM (Azure Sentinel, Splunk, QRadar) and building detection/use cases.

·      Strong knowledge of retention/records management and implementing retention labels/policies in M365.

·      Knowledge of regulatory frameworks: GDPR, HIPAA, PCI-DSS, local privacy laws; experience doing compliance mappings.

·      Proven experience producing architectural artifacts: diagrams, runbooks, risk registers, test plans.

·      Certifications preferred: CISSP, CISM, MS-500, AZ-500, Microsoft Purview/AIP related certs, or equivalent hands-on experience.

·      Excellent stakeholder skills and ability to present to executive audiences in Spanish.

·      Architecture & Design Package (Diagrams, Data flows, Threat model).

·      Policy Matrix mapping regulatory controls to Purview/DLP/IRM/Retention settings.

·      Label Taxonomy & Policy Definitions (sensitivity + retention labels).

·      Integration Plan (SIEM use cases, MCAS rules, AIP Scanner workflows).

·      Pilot Implementation Plan & Test Cases.

·      Runbooks & Playbooks (IR, admin tasks, classification exceptions) — Spanish and English.

·      Knowledge Transfer: recorded training session(s) + slide deck.

·      Gap & Risk Report with prioritized remediation.

·      Final handover including configuration exports, scripts, and operating procedures.