Sr Lead, Cybersecurity Engineering
Job Description
Seeking an individual contributor Sr Lead to drive secure enablement of Microsoft 365 Copilot and enterprise AI capabilities within the Data Protection Control Engineering team. This role is responsible for designing, implementing, and operating AI-related data protection and compliance controls using Microsoft Purview, Defender, and M365 security services. The Sr Lead will act as a hands-on technical expert, partnering across Security, Compliance, Privacy, and M365 teams to reduce AI-driven data risk while enabling productivity at scale.
Key Responsibilities
Serve as hands-on technical lead for Copilot and AI security controls across Microsoft Purview, Defender, and M365.
Configure, deploy, troubleshoot, and operate controls in ENT and ENTUAT environments; support production changes via approved change windows.
Design and implement Copilot-related controls spanning Information Protection labeling, DLP, Endpoint DLP, Insider Risk, Communication Compliance, Data Lifecycle Management, and DSPM for AI.
Review and secure Copilot platform configurations including web grounding, agents, connectors, transcripts, and retention settings.
Develop alerting, monitoring, automation, and operational runbooks to ensure stability and audit readiness.
Act as subject matter expert, providing guidance to engineering, operations, and governance stakeholders.
Track delivery using Azure DevOps and contribute to Copilot readiness, Zero Trust alignment, and governance activities.
Copilot Effort –
Define and implement Copilot-protected file, group, and site labels and prevent unauthorized content ingestion.
Expand browser and endpoint DLP protections, including copy/paste controls and Copilot prompt security.
Establish AI risk use cases, alerting, and operational workflows within Insider Risk and Communication Compliance.
Operationalize DSPM for AI reporting, oversharing remediation, and continuous reassessment of AI data exposure.
Support AI governance processes including risk assessments, decision logs, and stakeholder reporting.
Must-Have AI Security Skills
LLM security fundamentals and threat modeling, including data exposure and indirect prompt injection risks.
Prompt injection and prompt data leakage mitigation techniques.
Agent and connector risk management, including permissions, grounding sources, and least-privilege access.
AI and model governance concepts such as risk assessments, control mapping, and policy alignment.
Monitoring and alerting for abnormal or risky AI usage patterns.
Qualifications
College degree or equivalent experience in cyber security, engineering, or a related field.
Hands-on experience administering Microsoft Purview and Microsoft Defender for Cloud Apps.
Strong knowledge of data governance, DLP technologies, and information security best practices.
Scripting and automation experience (PowerShell, Python, Power Automate).
Experience with ServiceNow incident and change management processes.
Preferred Skills & Certifications
Experience with M365 services (SharePoint Online, Teams, Exchange, Entra ID), Sentinel, Zscaler, or Symantec DLP.
Relevant certifications such as Microsoft Security/Compliance, CISSP, CISM, CISA, or SANS.
Salary Range:
$108,775 - 184,965 USD
Salary range is a good faith estimate of base pay. Northern Trust provides a comprehensive benefits package including retirement benefits (401k and pension), health and welfare benefits (medical, dental, vision, spending accounts and disability), paid time off, parental and caregiver leave, life & accident insurance, and other voluntary and well-being benefits. Northern Trust also provides a discretionary bonus program that may include an equity component.
