Description
Overview
The Information Technology (IT) team provides business enablement across ResMed, focusing on application, infrastructure, and user productivity solutions with innovation, efficiency and security. The Senior Security Engineer designs, implements, and maintains Microsoft 365 security and compliance solutions, including Microsoft Purview, Information Protection, and DLP. The role safeguards sensitive data, manages external collaboration controls, monitors compliance posture, and continuously improves data protection policies to meet business and regulatory requirements.
Responsibilities
- Designing, configuring, and maintaining Microsoft Purview and Information Protection policies.
- Implementing and tuning DLP rules to prevent unauthorized data sharing.
- Enforcing and validating security baselines across Microsoft 365 collaboration services.
- Managing external collaboration and third-party data access controls.
- Monitoring compliance posture and producing actionable insights.
- Supporting audit and regulatory requirements through evidence gathering and reporting.
- Collaborating with IT, Legal, Risk and Security teams to ensure data protection end to end.
- Maintaining awareness of emerging Microsoft 365 compliance features and threats.
- Participating in incident response, investigations and post-incident data protection reviews.
Core Technical Expertise
- Microsoft 365 Security and Compliance Stack.
- Hands-on experience designing, tuning, and implementing MIP policies, including sensitivity labels, rights management, and encryption controls.
- Proven experience developing and refining DLP policies across Exchange Online, SharePoint, OneDrive, Teams, and endpoint devices.
- Deep practical knowledge of Microsoft Purview features including Data Lifecycle Management, Insider Risk Management, Information Governance, eDiscovery, and Audit.
- Strong working knowledge of external data access management and third-party collaboration controls within Microsoft 365.
- Understanding of Microsoft Entra (Azure AD) governance and conditional access integrations.
Data Security and Compliance Frameworks
- Ability to align Purview and MIP controls with frameworks such as ISO 27001, NIST 800-53, GDPR, HIPAA, CIS and the Australian Privacy Act.
- Experience developing data classification, retention, and protection policies aligned to data governance, lifecycle management and compliance policies.
Automation and Integration
- Experience using PowerShell and Graph API for automation, policy deployment, and reporting.
- Knowledge of SIEM integration for monitoring and incident correlation.
- Design and automate security and compliance processes where possible.
Experience and Background
- Minimum 3–5 years’ experience in enterprise Microsoft 365 environments with a focus on security, compliance, and information protection.
- Demonstrated success in designing, implementing, and maintaining MIP policies, sensitivity labeling, and rights management solutions.
- Hands-on experience managing external sharing, guest access, and third-party collaboration controls.
- Exposure to compliance operations, incident management, or data governance.
- Experience working in regulated or high-assurance environments such as healthcare, finance, or public sector.
Certifications
- SC-401: Administering Information Security in Microsoft 365
- SC-200: Microsoft Security Operations Analyst
- SC-900: Microsoft Security, Compliance, and Identity Fundamentals
- Bonus: CISSP, CCSP or Security+
Soft Skills and Attributes
- Strong analytical ability to translate compliance and business requirements into technical policy enforcement.
- Effective communication and documentation skills with both technical and non-technical stakeholders.
- Proven collaboration with cross-functional global teams including IT, Legal, Risk, and Security Operations.
- High attention to detail with a proactive and continuous improvement mindset.
- Commitment to staying current with Microsoft 365 roadmap developments and evolving data protection standards.
Qualifications and Experience – Preferred
- Bachelor’s degree.
- Minimum of 8 years of related experience.
- Applies functional knowledge and existing methodologies to solve complex problems or execute specialized projects.
- Exercises judgment in selecting methods, techniques and evaluation criteria for obtaining results.
- Determines methods and procedures on new assignments.
Note: This description reflects the responsibilities and requirements of the Senior Security Engineer role at ResMed. It is intended to guide hiring and candidate evaluation.
#J-18808-Ljbffr





