Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Investigate and remediate identity-based attack paths using M365 and Entra Security.
- Company: Join a leading tech firm focused on security and governance.
- Benefits: Flexible freelance contract, competitive pay, and opportunities for skill development.
- Other info: Dynamic role with potential for growth in the cybersecurity field.
- Why this job: Make a real difference in cybersecurity while working with cutting-edge technologies.
- Qualifications: Experience in Microsoft Defender XDR, KQL, and security compliance frameworks.
The predicted salary is between 60000 - 80000 ÂŁ per year.
M365 / Entra Security investigate identity‑based attack paths (DCSync, Golden Ticket, Pass‑the‑Hash) and remediate exposures. Operate Defender for Cloud Apps for SaaS discovery, OAuth app governance, conditional access app control, session policies, and shadow‑IT reporting. Investigate alerts and incidents in the Defender XDR portal using KQL advanced hunting; build custom detections, suppression rules, and automated playbooks.
SIEM and SOAR – Microsoft Sentinel Operate Microsoft Sentinel for the estate: data connectors (M365, Entra, Defender XDR, Azure Activity, Office 365, Threat Intelligence, Syslog/CEF), workspace architecture, retention, and cost optimisation. Author analytics rules (scheduled, NRT, Fusion, Microsoft Security), build watchlists, threat intelligence integrations (TAXII / MISP), and User Entity Behaviour Analytics. Develop KQL detection content aligned to MITRE ATT operate hunting queries, bookmarks, and incident investigation graphs. Build SOAR automation using Azure Logic Apps playbooks for incident enrichment, containment (e.g., disable user, force password reset, isolate device), and notification. Operate the 24/7 Sentinel‑based monitoring stack in collaboration with the NOC analyst function.
Information Protection and Data Governance – Microsoft Purview Design and operate Microsoft Purview Information Protection: sensitivity labels, label policies, auto‑labelling, encryption with rights management, and co‑authoring on encrypted documents. Build and tune Data Loss Prevention policies for Exchange, SharePoint, OneDrive, Teams chat, Endpoint DLP, and Power Platform; manage policy tips, overrides, and incident review. Operate Insider Risk Management policies, content explorer, activity explorer, and communication compliance where in scope. Design retention policies and labels, and records management aligned to the customer's records retention schedules and applicable public‑sector records management frameworks. Operate eDiscovery (Standard and Premium): cases, holds, collections, reviews, custodian management, and chain‑of‑custody documentation. Operate Microsoft Purview Data Map, Data Catalog, and Data Estate Insights for the Microsoft Fabric / Power BI estate, including lineage, classification scans, and Data Loss Prevention for Fabric. Maintain audit and reporting using Purview Audit, Compliance Manager templates (ISO 27001, GDPR, NIS2), and customer‑managed Compliance Manager assessments.
Identity Security and Zero Trust Define and maintain the Conditional Access policy baseline using a documented policy framework (Persona‑based or Microsoft Zero Trust deployment guidance), including emergency / break‑glass access, named locations, and report‑only validation. Operate Entra ID Protection – sign‑in risk, user risk, risk policies, and risk investigation – including alignment with Defender XDR for unified incident view. Govern privileged access via PIM, role‑assignable groups, access reviews, and Just‑In‑Time elevation; co‑own break‑glass account procedures with the AD/Entra Specialist. Operate Entra Permissions Management (CIEM) where licensed, providing visibility of multi‑cloud permission risk.
Compliance and Audit Maintain ISO 27001 control evidence and align with the customer's certification and surveillance audits; act as the technical lead for any audit observation related to the Microsoft estate. Maintain GDPR records of processing, support Data Protection Impact Assessments for new applications, and operate technical and organisational measures (TOMs). Map controls to NIST CSF, NIS2, and Microsoft Secure Score / Identity Secure Score; maintain a target posture and quarterly improvement plan. Produce monthly security KPIs for the SLA report – Secure Score trend, MFA coverage, DLP incidents, phishing simulation results, vulnerability remediation, patch compliance. Prepare quarterly executive risk reports.
Microsoft Copilot and AI Governance Operate the security envelope for Microsoft 365 Copilot and Copilot Studio including SharePoint sharing hygiene, sensitivity‑label‑aware grounding, restricted SearchableContent, and Copilot interaction audit log review. Define and enforce a Responsible AI policy aligned with Microsoft's Responsible AI Standard – fairness, reliability, safety, privacy, security, inclusiveness, transparency, and accountability.
Mandatory Technical Skills Microsoft Defender XDR (full stack) and Microsoft Sentinel – analytics, hunting (KQL), incident management, and SOAR playbook authoring. Microsoft Purview – Information Protection, DLP, Insider Risk, Records Management, eDiscovery, Audit, and Compliance Manager. Entra ID security – Conditional Access, MFA, PIM, Identity Protection, External Identities, and Permissions Management. Zero Trust architecture per Microsoft Zero Trust deployment guidance; ability to lead a Zero Trust roadmap discussion with senior stakeholders. ISO 27001:2022 control set; GDPR Articles 5, 6, 9, 25, 28, 30, 32–34; awareness of NIS2 and applicable national cybersecurity guidance. KQL (Kusto Query Language) – fluent across Defender Advanced Hunting, Sentinel, and Log Analytics. PowerShell automation across Microsoft Graph Security, ExchangeOnlineManagement, and Compliance modules.
Desirable Technical Skills Threat hunting using Sigma rules, MITRE ATT.
M365 / Entra Security & Governance Specialist (Freelance/Contract) employer: Data Controller, VE Ltd
Contact Detail:
Data Controller, VE Ltd Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land M365 / Entra Security & Governance Specialist (Freelance/Contract)
✨Tip Number 1
Network, network, network! Get out there and connect with folks in the M365 and security space. Attend meetups, webinars, or even online forums. You never know who might have a lead on a freelance gig or contract opportunity!
✨Tip Number 2
Show off your skills! Create a portfolio or a GitHub repository showcasing your projects related to M365, Entra, and security governance. This gives potential clients a taste of what you can do and sets you apart from the competition.
✨Tip Number 3
Don’t just apply for jobs; tailor your approach! When reaching out to potential clients, mention specific skills from the job description, like KQL or Microsoft Sentinel. This shows you’ve done your homework and are genuinely interested in the role.
✨Tip Number 4
Apply through our website! We’ve got loads of opportunities that might be perfect for you. Plus, applying directly helps us see your application faster and gives you a better chance to shine!
We think you need these skills to ace M365 / Entra Security & Governance Specialist (Freelance/Contract)
Some tips for your application 🫡
Tailor Your CV: Make sure your CV is tailored to the M365 / Entra Security & Governance role. Highlight relevant experience and skills that match the job description, especially around Microsoft Defender XDR, Sentinel, and KQL.
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you're passionate about security and governance in the M365 environment. Mention specific projects or experiences that relate to the responsibilities outlined in the job description.
Show Off Your Technical Skills: Don’t hold back on showcasing your technical skills! Be specific about your experience with tools like Microsoft Purview, Azure Logic Apps, and any relevant compliance frameworks. This will help us see how you can hit the ground running.
Apply Through Our Website: We encourage you to apply through our website for a smoother application process. It helps us keep track of your application and ensures you don’t miss out on any important updates from us!
How to prepare for a job interview at Data Controller, VE Ltd
✨Know Your Tech Inside Out
Make sure you’re well-versed in Microsoft Defender XDR, Sentinel, and Purview. Brush up on KQL and be ready to discuss how you've used these tools in past roles. The more specific examples you can provide, the better!
✨Understand the Zero Trust Framework
Familiarise yourself with Zero Trust principles and how they apply to identity security. Be prepared to explain how you would implement a Conditional Access policy or manage privileged access using PIM. This shows you’re not just knowledgeable but also practical.
✨Showcase Your Problem-Solving Skills
Prepare to discuss real-world scenarios where you’ve investigated identity-based attack paths or remediated exposures. Use the STAR method (Situation, Task, Action, Result) to structure your answers and highlight your analytical skills.
✨Stay Updated on Compliance Standards
Be ready to talk about ISO 27001, GDPR, and NIS2 compliance. Understand how these regulations impact security governance and be prepared to discuss how you’ve ensured compliance in previous roles. This will demonstrate your awareness of the bigger picture in security management.