Location: London / Hybrid (Flexible) Rate: Up to £600/day (Outside IR35) Duration: Initial 6-Month Contract Norton Blake is partnering with a leading enterprise organization to secure a hands-on, process-driven Senior Security & Privacy Operations Analyst for an initial 6-month contract. This is a unique, highly operational role that sits directly at the intersection of cybersecurity and data governance. It is roughly split 2/3 Security Operations and 1/3 Privacy Operations. Crucially, this is not a strategic policy-writing or legal counsel role. The organization already has an established Data Protection Officer (DPO) steering the broader privacy strategy. Instead, you will be the technical engine room—executing day-to-day operations, streamlining workflows, and optimizing the Microsoft security and compliance stack. Security Operations (2/3) Incident Response: Lead and coordinate security incident triage, active investigations, and containment activities across the enterprise estate. SIEM/XDR Engineering: Continually tune and improve analytics rules, alerts, and workbooks within Microsoft Sentinel and Microsoft Defender. Conduct proactive threat hunting initiatives using KQL and intelligence-led techniques. Smarter Data Discovery: Own the operational response for Subject Access Requests (SARs) and deletion requests. You will be expected to use Microsoft Purview's eDiscovery tools to efficiently filter massive data dumps (e.g., Operational DPIAs: Support Data Protection Impact Assessments by diving into the technical context of new tools or data flows, identifying risks, and providing actionable feedback rather than high-level policy governance. Lead investigations into potential data spills, policy violations, or insider risk alerts via Microsoft Purview. SIEM/SOAR: Microsoft Sentinel (Analytics rules, playbooks, KQL) XDR: Microsoft Defender (Endpoint, Office 365, Identity, Cloud Apps) Compliance: Microsoft Purview (eDiscovery, DLP, Insider Risk Management) Logic Apps / Security Automation workflows The Microsoft Expert: Deep, engineering-level experience across Sentinel, Defender, and Purview . Operationally Minded: You thrive on building repeatable workflows, writing standard operating procedures (SOPs), and keeping the operational queue clean. An Analytical Filter: Proven ability to look at massive sets of log or email data and use advanced search/filtering approaches to isolate relevant compliance evidence quickly. Pragmatic Risk Assessor: Strong technical foundation (networks, cloud, or identity) that allows you to quickly assess the actual risk of a system during a DPIA process. If you are a hands-on, process-driven professional who wants a high-impact contract role balancing deep technical security with operational privacy, apply via Norton Blake today.