Data Protection Specialist - Expert
Lehigh Valley Hospital, Allentown, PA, United States
Imagine a career at one of the nation's most advanced health networks.
Be part of an exceptional health care experience. Join the inspired, passionate team at Lehigh Valley Health Network, a nationally recognized, forward-thinking organization offering plenty of opportunity to do great work.
LVHN has been ranked among the "Best Hospitals" by U.S. News & World Report for 23 consecutive years. We're a Magnet(tm) Hospital, having been honored five times with the American Nurses Credentialing Center's prestigious distinction for nursing excellence and quality patient outcomes in our Lehigh Valley region. Finally, Lehigh Valley Hospital - Cedar Crest, Lehigh Valley Hospital - Muhlenberg, Lehigh Valley Hospital- Hazleton, and Lehigh Valley Hospital - Pocono each received an 'A' grade on the Hospital Safety Grade from The Leapfrog Group in 2020, the highest grade in patient safety. These recognitions highlight LVHN's commitment to teamwork, compassion, and technology with an unrelenting focus on delivering the best health care possible every day.
Whether you're considering your next career move or your first, you should consider Lehigh Valley Health Network.
Summary
We are seeking an experienced
Data Protection Specialist - Expert
to design, implement, and manage our organization's data governance, information protection, and compliance capabilities across Microsoft 365. This role will serve as a
hands-on technical lead
for the Microsoft Purview platform, responsible for protecting sensitive data, enabling regulatory compliance, and responding to data risks across the enterprise.
The ideal candidate has deep practical experience with
Microsoft Purview (formerly Microsoft 365 Compliance)
and is comfortable working cross-functionally with
Security, IT, Legal, Compliance, and business stakeholders . This role requires both
strategic design
and
day-to-day operational execution .
Microsoft Purview Strategy & Implementation
Design, implement, and manage Microsoft Purview capabilities, including:
Microsoft Information Protection (MIP)
- sensitivity labels, label policies, auto-labeling, encryption, and rights management Data Loss Prevention (DLP)
- policies for email, SharePoint, OneDrive, Teams, endpoints, and third-party applications Data Lifecycle Management & Records Management
- retention labels, retention policies, and defensible disposal Insider Risk Management
- risk indicators, policies, alerts, and investigation workflows eDiscovery & Audit
- content searches, legal holds, audit log investigations, and evidence collection
Integrate Purview controls across Microsoft 365 workloads including Exchange Online, SharePoint Online, OneDrive, Teams, Defender, and hybrid environments where applicable Serve as the technical subject-matter expert and platform owner for Microsoft Purview Data Classification & Governance
Develop and maintain an enterprise data classification framework aligned with business needs and regulatory requirements Partner with business units to identify and protect sensitive data such as PII, PHI, financial data, and intellectual property Implement scalable data discovery using built-in classifiers, trainable classifiers, and auto-classification policies Ensure data protection controls are effective while maintaining usability and business productivity Generative AI and Agentic AI Governance Compliance, Risk & Incident Response
Translate regulatory requirements (GDPR, HIPAA, HITRUST and industry-specific regulations) into enforceable technical controls Monitor compliance posture using Microsoft Compliance Manager and recommend remediation actions Investigate and respond to DLP incidents, insider risk alerts, and policy violations Support internal and external audits by producing audit logs, reports, and compliance evidence Collaborate with Legal, Compliance, HR, and Security teams during investigations and regulatory inquiries Automation & Operational Excellence
Use PowerShell to automate Purview configuration, reporting, and operational tasks Continuously tune and improve policies to reduce false positives and improve signal quality Develop documentation, runbooks, and operational procedures to support ongoing governance and incident response Minimum Qualifications
7-10 years preferred work experience. 5 years related work experience Hands-on experience designing and managing
Microsoft Purview
in a production enterprise environment Experience implementing and managing:
Sensitivity labels and encryption DLP policies across cloud, endpoint, and SaaS applications Retention and records management policies Insider Risk Management and alert investigations eDiscovery (Standard and/or Premium) and audit logging
Preferred Qualifications
Proficiency with
PowerShell
for automation and reporting Experience in highly regulated industries (e.g., healthcare, financial services, government) Experience integrating Purview with third-party security or governance tools Prior ownership of enterprise DLP or information protection programs Experience implementing and managing DSPM for AI Preferred Qualifications
10 years related work experience to be considered in lieu of degree. Familiarity with MITRE ATT&CK, TTPs (Tactics, Techniques, and Procedures), and advanced persistent threats (APTs). Expertise in securing Azure, AWS, and hybrid environments, including identity and access management Understanding forensic methodologies, malware analysis, and chain-of-custody principles. CISSP - Certified Information Systems Security Professional - ISC2 CISSP (Certified Information Systems Security Professional) CISM - Certified Information Security Manager - Information Systems Audit and Control Association CISM (Certified Information Security Manager)
Physical Demands Lift and carry 25 lbs. frequent sitting/standing, frequent keyboard use, *patient care providers may be required to perform activities specific to their role including kneeling, bending, squatting and performing CPR.
Job Description Disclaimer: This position description provides the major duties/responsibilities, requirements and working conditions for the position. It is intended to be an accurate reflection of the current position, however management reserves the right to revise or change as necessary to meet organizational needs. Other responsibilities may be assigned when circumstances require.
Lehigh Valley Health Network is an equal opportunity employer. In accordance with, and where applicable, in addition to federal, state and local employment regulations, Lehigh Valley Health Network will provide employment opportunities to all persons without regard to race, color, religion, sex, age, national origin, sexual orientation, gender identity, disability or other such protected classes as may be defined by law. All personnel actions and programs will adhere to this policy. Personnel actions and programs include, but are not limited to recruitment, selection, hiring, transfers, promotions, terminations, compensation, benefits, educational programs and/or social activities.
https://youtu.be/GD67a9hIXUY
Lehigh Valley Health Network does not accept unsolicited agency resumes. Agencies should not forward resumes to our job aliases, our employees or any other organization location. Lehigh Valley Health Network is not responsible for any agency fees related to unsolicited resumes.
Work Shift: Day Shift
Address: 515 Hamilton St
Primary Location: Three City Center
Position Type: Onsite
Union: Not Applicable
Work Schedule: Monday-Friday; 8:00a-4:30p
Department: 1004-13061 CSS-Info Services Telecommunications
Be part of an exceptional health care experience. Join the inspired, passionate team at Lehigh Valley Health Network, a nationally recognized, forward-thinking organization offering plenty of opportunity to do great work.
LVHN has been ranked among the "Best Hospitals" by U.S. News & World Report for 23 consecutive years. We're a Magnet(tm) Hospital, having been honored five times with the American Nurses Credentialing Center's prestigious distinction for nursing excellence and quality patient outcomes in our Lehigh Valley region. Finally, Lehigh Valley Hospital - Cedar Crest, Lehigh Valley Hospital - Muhlenberg, Lehigh Valley Hospital- Hazleton, and Lehigh Valley Hospital - Pocono each received an 'A' grade on the Hospital Safety Grade from The Leapfrog Group in 2020, the highest grade in patient safety. These recognitions highlight LVHN's commitment to teamwork, compassion, and technology with an unrelenting focus on delivering the best health care possible every day.
Whether you're considering your next career move or your first, you should consider Lehigh Valley Health Network.
Summary
We are seeking an experienced
Data Protection Specialist - Expert
to design, implement, and manage our organization's data governance, information protection, and compliance capabilities across Microsoft 365. This role will serve as a
hands-on technical lead
for the Microsoft Purview platform, responsible for protecting sensitive data, enabling regulatory compliance, and responding to data risks across the enterprise.
The ideal candidate has deep practical experience with
Microsoft Purview (formerly Microsoft 365 Compliance)
and is comfortable working cross-functionally with
Security, IT, Legal, Compliance, and business stakeholders . This role requires both
strategic design
and
day-to-day operational execution .
Microsoft Purview Strategy & Implementation
Design, implement, and manage Microsoft Purview capabilities, including:
Microsoft Information Protection (MIP)
- sensitivity labels, label policies, auto-labeling, encryption, and rights management Data Loss Prevention (DLP)
- policies for email, SharePoint, OneDrive, Teams, endpoints, and third-party applications Data Lifecycle Management & Records Management
- retention labels, retention policies, and defensible disposal Insider Risk Management
- risk indicators, policies, alerts, and investigation workflows eDiscovery & Audit
- content searches, legal holds, audit log investigations, and evidence collection
Integrate Purview controls across Microsoft 365 workloads including Exchange Online, SharePoint Online, OneDrive, Teams, Defender, and hybrid environments where applicable Serve as the technical subject-matter expert and platform owner for Microsoft Purview Data Classification & Governance
Develop and maintain an enterprise data classification framework aligned with business needs and regulatory requirements Partner with business units to identify and protect sensitive data such as PII, PHI, financial data, and intellectual property Implement scalable data discovery using built-in classifiers, trainable classifiers, and auto-classification policies Ensure data protection controls are effective while maintaining usability and business productivity Generative AI and Agentic AI Governance Compliance, Risk & Incident Response
Translate regulatory requirements (GDPR, HIPAA, HITRUST and industry-specific regulations) into enforceable technical controls Monitor compliance posture using Microsoft Compliance Manager and recommend remediation actions Investigate and respond to DLP incidents, insider risk alerts, and policy violations Support internal and external audits by producing audit logs, reports, and compliance evidence Collaborate with Legal, Compliance, HR, and Security teams during investigations and regulatory inquiries Automation & Operational Excellence
Use PowerShell to automate Purview configuration, reporting, and operational tasks Continuously tune and improve policies to reduce false positives and improve signal quality Develop documentation, runbooks, and operational procedures to support ongoing governance and incident response Minimum Qualifications
7-10 years preferred work experience. 5 years related work experience Hands-on experience designing and managing
Microsoft Purview
in a production enterprise environment Experience implementing and managing:
Sensitivity labels and encryption DLP policies across cloud, endpoint, and SaaS applications Retention and records management policies Insider Risk Management and alert investigations eDiscovery (Standard and/or Premium) and audit logging
Preferred Qualifications
Proficiency with
PowerShell
for automation and reporting Experience in highly regulated industries (e.g., healthcare, financial services, government) Experience integrating Purview with third-party security or governance tools Prior ownership of enterprise DLP or information protection programs Experience implementing and managing DSPM for AI Preferred Qualifications
10 years related work experience to be considered in lieu of degree. Familiarity with MITRE ATT&CK, TTPs (Tactics, Techniques, and Procedures), and advanced persistent threats (APTs). Expertise in securing Azure, AWS, and hybrid environments, including identity and access management Understanding forensic methodologies, malware analysis, and chain-of-custody principles. CISSP - Certified Information Systems Security Professional - ISC2 CISSP (Certified Information Systems Security Professional) CISM - Certified Information Security Manager - Information Systems Audit and Control Association CISM (Certified Information Security Manager)
Physical Demands Lift and carry 25 lbs. frequent sitting/standing, frequent keyboard use, *patient care providers may be required to perform activities specific to their role including kneeling, bending, squatting and performing CPR.
Job Description Disclaimer: This position description provides the major duties/responsibilities, requirements and working conditions for the position. It is intended to be an accurate reflection of the current position, however management reserves the right to revise or change as necessary to meet organizational needs. Other responsibilities may be assigned when circumstances require.
Lehigh Valley Health Network is an equal opportunity employer. In accordance with, and where applicable, in addition to federal, state and local employment regulations, Lehigh Valley Health Network will provide employment opportunities to all persons without regard to race, color, religion, sex, age, national origin, sexual orientation, gender identity, disability or other such protected classes as may be defined by law. All personnel actions and programs will adhere to this policy. Personnel actions and programs include, but are not limited to recruitment, selection, hiring, transfers, promotions, terminations, compensation, benefits, educational programs and/or social activities.
https://youtu.be/GD67a9hIXUY
Lehigh Valley Health Network does not accept unsolicited agency resumes. Agencies should not forward resumes to our job aliases, our employees or any other organization location. Lehigh Valley Health Network is not responsible for any agency fees related to unsolicited resumes.
Work Shift: Day Shift
Address: 515 Hamilton St
Primary Location: Three City Center
Position Type: Onsite
Union: Not Applicable
Work Schedule: Monday-Friday; 8:00a-4:30p
Department: 1004-13061 CSS-Info Services Telecommunications