Imagine a career at one of the nation's most advanced health networks.Be part of an exceptional health care experience. Join the inspired, passionate team at Lehigh Valley Health Network, a nationally recognized, forward-thinking organization offering plenty of opportunity to do great work.LVHN has been ranked among the "Best Hospitals" by U.S. News & World Report for 23 consecutive years. We're a Magnet(tm) Hospital, having been honored five times with the American Nurses Credentialing Center's prestigious distinction for nursing excellence and quality patient outcomes in our Lehigh Valley region. Finally, Lehigh Valley Hospital - Cedar Crest, Lehigh Valley Hospital - Muhlenberg, Lehigh Valley Hospital- Hazleton, and Lehigh Valley Hospital - Pocono each received an 'A' grade on the Hospital Safety Grade from The Leapfrog Group in 2020, the highest grade in patient safety. These recognitions highlight LVHN's commitment to teamwork, compassion, and technology with an unrelenting focus on delivering the best health care possible every day.Whether you're considering your next career move or your first, you should consider Lehigh Valley Health Network.SummaryWe are seeking an experienced Data Protection Specialist - Expert to design, implement, and manage our organization’s data governance, information protection, and compliance capabilities across Microsoft 365. This role will serve as a hands-on technical lead for the Microsoft Purview platform, responsible for protecting sensitive data, enabling regulatory compliance, and responding to data risks across the enterprise.The ideal candidate has deep practical experience with Microsoft Purview (formerly Microsoft 365 Compliance) and is comfortable working cross‑functionally with Security, IT, Legal, Compliance, and business stakeholders. This role requires both strategic design and day‑to‑day operational execution.Microsoft Purview Strategy & ImplementationDesign, implement, and manage Microsoft Purview capabilities, including:Microsoft Information Protection (MIP) – sensitivity labels, label policies, auto‑labeling, encryption, and rights managementData Loss Prevention (DLP) – policies for email, SharePoint, OneDrive, Teams, endpoints, and third‑party applicationsData Lifecycle Management & Records Management – retention labels, retention policies, and defensible disposalInsider Risk Management – risk indicators, policies, alerts, and investigation workflowseDiscovery & Audit – content searches, legal holds, audit log investigations, and evidence collectionIntegrate Purview controls across Microsoft 365 workloads including Exchange Online, SharePoint Online, OneDrive, Teams, Defender, and hybrid environments where applicableServe as the technical subject‑matter expert and platform owner for Microsoft PurviewData Classification & GovernanceDevelop and maintain an enterprise data classification framework aligned with business needs and regulatory requirementsPartner with business units to identify and protect sensitive data such as PII, PHI, financial data, and intellectual propertyImplement scalable data discovery using built‑in classifiers, trainable classifiers, and auto‑classification policiesEnsure data protection controls are effective while maintaining usability and business productivityGenerative AI and Agentic AI GovernanceCompliance, Risk & Incident ResponseTranslate regulatory requirements (GDPR, HIPAA, HITRUST and industry‑specific regulations) into enforceable technical controlsMonitor compliance posture using Microsoft Compliance Manager and recommend remediation actionsInvestigate and respond to DLP incidents, insider risk alerts, and policy violationsSupport internal and external audits by producing audit logs, reports, and compliance evidenceCollaborate with Legal, Compliance, HR, and Security teams during investigations and regulatory inquiriesAutomation & Operational ExcellenceUse PowerShell to automate Purview configuration, reporting, and operational tasksContinuously tune and improve policies to reduce false positives and improve signal qualityDevelop documentation, runbooks, and operational procedures to support ongoing governance and incident responseMinimum Qualifications7-10 years preferred work experience.5 years related work experienceHands‑on experience designing and managing Microsoft Purview in a production enterprise environmentExperience implementing and managing:Sensitivity labels and encryptionDLP policies across cloud, endpoint, and SaaS applicationsRetention and records management policiesInsider Risk Management and alert investigationseDiscovery (Standard and/or Premium) and audit loggingPreferred QualificationsProficiency with PowerShell for automation and reportingExperience in highly regulated industries (e.g., healthcare, financial services, government)Experience integrating Purview with third‑party security or governance toolsPrior ownership of enterprise DLP or information protection programsExperience implementing and managing DSPM for AIPreferred Qualifications10 years related work experience to be considered in lieu of degree.Familiarity with MITRE ATT&CK, TTPs (Tactics, Techniques, and Procedures), and advanced persistent threats (APTs).Expertise in securing Azure, AWS, and hybrid environments, including identity and access managementUnderstanding forensic methodologies, malware analysis, and chain-of-custody principles.CISSP - Certified Information Systems Security Professional - ISC2 CISSP (Certified Information Systems Security Professional)CISM - Certified Information Security Manager - Information Systems Audit and Control Association CISM (Certified Information Security Manager)Physical DemandsLift and carry 25 lbs. frequent sitting/standing, frequent keyboard use, *patient care providers may be required to perform activities specific to their role including kneeling, bending, squatting and performing CPR.Job Description Disclaimer: This position description provides the major duties/responsibilities, requirements and working conditions for the position. It is intended to be an accurate reflection of the current position, however management reserves the right to revise or change as necessary to meet organizational needs. Other responsibilities may be assigned when circumstances require.Lehigh Valley Health Network is an equal opportunity employer. In accordance with, and where applicable, in addition to federal, state and local employment regulations, Lehigh Valley Health Network will provide employment opportunities to all persons without regard to race, color, religion, sex, age, national origin, sexual orientation, gender identity, disability or other such protected classes as may be defined by law. All personnel actions and programs will adhere to this policy. Personnel actions and programs include, but are not limited to recruitment, selection, hiring, transfers, promotions, terminations, compensation, benefits, educational programs and/or social activities.https://youtu.be/GD67a9hIXUYLehigh Valley Health Network does not accept unsolicited agency resumes. Agencies should not forward resumes to our job aliases, our employees or any other organization location. Lehigh Valley Health Network is not responsible for any agency fees related to unsolicited resumes.
