M365 Security Manager

Information Security & Risk Management (ISRM)

Role Overview

The Manager – M365 Security is responsible for the strategic leadership, governance, engineering, and operational security of the firm’s Microsoft 365 ecosystem. This includes Microsoft Defender suite, Purview Compliance & Information Protection, Entra ID, Exchange Online Protection (EOP), SharePoint/OneDrive security, Teams governance, Conditional Access, secure configuration baselines, and M365‑integrated identity/security controls.

This leader oversees global operations across security, compliance, identity protection, data governance, threat detection, policy enforcement, and M365‑centric incident response. The role partners extensively with cloud engineering, network security, SOC, legal, risk, data governance, and M365 platform teams to ensure strong alignment between business objectives and security strategy.

Key Responsibilities

1. Strategy & Governance

Define and execute the enterprise M365 security strategy, ensuring alignment with the broader ISRM program (in line with responsibilities described for senior IT security leadership roles).
Establish and maintain M365 security policies, standards, and baselines across Entra, EOP, Defender, and Purview compliance controls.
Continuously evaluate emerging threats, Microsoft roadmap changes, and regulatory requirements to maintain a strong M365 security posture (referencing ongoing threat research expectations).
Govern sensitive data protection using Microsoft Purview tools, including retention, DLP, information protection, and eDiscovery.

2. M365 Security Engineering & Architecture

Lead engineering and configuration of Defender for Office 365, Defender for Endpoint, Defender for Cloud Apps, Defender for Identity, and related components.
Oversee implementation of Conditional Access, MFA strategy, session controls, and identity‑centric security aligned with IDP and zero trust best practices (as highlighted in M365 recruitment guidelines).
Architect secure configurations for Exchange Online, SharePoint, OneDrive, Teams, and related platform services with governance alignment.
Ensure appropriate telemetry integration with SIEM/SOAR systems and cloud security analytics.

3. Operational Management & Incident Response

Manage M365 threat protection operations, including phishing defense, malware detection, EOP/Defender tuning, alert triage, and escalation workflows (reflecting real M365 incident operational patterns).
Lead M365‑related incident response for credential phishing, OAuth misuse, compromised mailboxes, suspicious Teams activity, and data leakage.
Oversee coordination with external tool vendors, MSSPs/MSPs, and Microsoft support during major incidents.
Maintain operational runbooks, response workflows, and incident documentation.

4. Data Governance & Compliance (Purview)

Manage global deployment and maintenance of data retention schedules, records management, legal hold, classification, and DLP policies in the M365 environment.
Ensure compliance with ISO 27001, GDPR, SOX, HIPAA, and internal data governance policies through M365‑native controls.
Partner with Legal, Compliance, and Data Governance teams for eDiscovery, privacy impact assessments, and policy refinement.

5. Identity & Access Security

Oversee Entra ID security, including conditional access, identity protection, privileged identity management (PIM), and lifecycle governance.
Ensure alignment with secure access principles such as least privilege, continuous access evaluation, and device compliance integration.

6. Collaboration & Cross‑Functional Engagement

Work closely with Cloud Engineering, SOC, Endpoint Security, Network Security, Data Governance, and IT Operations to ensure consistent implementation of M365 security controls.
Provide guidance for M365 onboarding/integration in M&A activities, new business units, and cloud modernisation projects.

7. Leadership & Team Management

Lead and mentor a global team of M365 security engineers, analysts, and compliance specialists (aligned with expectations for senior managerial roles).
Develop training and career progression plans to enhance capabilities in M365 security, governance, and automation.
Promote a culture of security‑first thinking within the M365 platform teams.

Required Qualifications

Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related discipline; Master’s preferred.
10+ years in cybersecurity with deep, hands‑on experience in Microsoft 365 security including Defender, Purview, Entra, Exchange Online, SharePoint/OneDrive, and Teams.
Strong experience in configuration and administration of M365 compliance tools: Purview, Retention Policies, DLP, Audit, Sensitivity Labels.
Proficient in Conditional Access, identity governance, email authentication standards (SPF/DKIM/DMARC), and secure collaboration controls (as highlighted in M365 screening criteria).
Demonstrated leadership in cloud security operations, threat defense, and incident response.
Preferred certifications:
- Microsoft Certified: Cybersecurity Architect (SC‑100)
- Microsoft Security Operations Analyst (SC‑200)
- Microsoft Information Protection Administrator (SC‑400)
- CISSP / CISM or equivalent.

Preferred Qualifications

Experience managing major M365 incidents, cross‑team coordination, and vendor escalations.
Familiarity with modern AI‑based controls and Copilot security considerations (referencing M365 Copilot readiness discussions).
Experience with automation using PowerShell, KQL, Graph API, or M365 security center APIs.
Experience supporting global or multi‑region enterprises.

#LI-KS1

We are Grant Thornton

Grant Thornton Ireland is rapidly approaching 3,000 people, in 9 offices across Ireland, Isle of Man, Gibraltar and Bermuda. With a presence in over 149 countries around the world and a global network of 73,000 people, we bring our clients the local knowledge, national expertise and global presence to help them succeed – wherever they’re located.

At GT, we work as trusted advisors, bringing local knowledge and national expertise, with a global presence, to help businesses succeed – wherever they are located. We make business more personal by investing in building relationships and empowering our clients to make the right decisions for their organisation now and for the future. Whether that is working with the public sector to build thriving communities, with regulators and financial institutions to build trust, or with a diverse range of businesses to help them achieve their goals, Grant Thornton Ireland work hard to support clients to act on the issues that matter.

At GT Ireland we don’t just predict your future, we build it.

A Career at GT

Looking for a more fulfilling role in professional services? One where fresh thinking, collaboration and diversity are valued? At Grant Thornton we do things differently.

What does this mean for you?

A career in a more inclusive working environment, a more collaborative work culture, a more supported, flexible working role, more possibilities to grow and more opportunities to help shape the future for your clients. We respect and value your experience. And we want you to bring your authentic self to work and be at your best. It is how it should be.

Grow with us

At Grant Thornton, we care about our people and work hard to make you feel valued. If you are looking to deepen and develop your skills, knowledge, and experience throughout your career, then that is what you will get, and more.

Our Benefits

Please follow this link for information on our generous benefits package.

Equity, diversity and inclusion
At Grant Thornton, we provide equitable opportunities for all our colleagues. We are a responsible, sustainable business where equity, diversity and inclusion (ED&I) is at the forefront of our workplace culture agenda, and today, we continue to build and develop on our existing ED&I structure and strategy to meet our workplace culture needs. People are at the heart of our business and teams built with varied individuals present diverse viewpoints, which need to be heard and valued.

We are all at our best when we are able to be ourselves and we view integrity and authenticity as integral values to bring to our day-to-day work-life at the firm. We are excited to see the personality and perspectives you will bring to our team because we know we will all benefit from them. Diversity of thought, background and experience enables better decision-making, improves the quality of our delivery, and helps us to meet the needs of our clients. Our firm is built on people and their ideas, so we want to hear all the new perspectives and fresh thinking you have to offer. You form the bedrock of our firm’s best-practice principles and we will champion you as leaders from day one.

Reward and benefits
Our reward and benefits are designed to create an environment where our people can flourish. We are committed to building a culture where our people have access to the necessary benefits to help promote a healthy lifestyle and thrive.

Recognition
We want to create a culture of recognition and celebrating success, by saying thank you to people who surpass our expectations and recognising the right values and behaviours. Our Shout Out recognition scheme is our way of highlighting and promoting achievements. Whether you simply want to say thank you, celebrate a special occasion or give an award for doing something exceptional, you can do all of this and more through the scheme.

Summary

Location

Type

Company links

About this role

Other facts

About Grant Thornton

What you'll do

Ready to join Grant Thornton?

Frequently Asked Questions

What does a M365 Security Manager do at Grant Thornton?

Why join Grant Thornton as a M365 Security Manager?

Is the M365 Security Manager position at Grant Thornton remote?

How do I apply for the M365 Security Manager position at Grant Thornton?