- Monitor and help draft the policies and use cases to be onboarded and uploaded to Microsoft Purview Insider Risk Management (IRM) platform. Create policies with customisable templates on IRM platform.

- Explore features on enabling adaptive protection and data connectors to enhance the insights obtained from IRM.

- Explore how the insights from Purview IRM can be leveraged to drive Collaborate on investigations - Work with teams across security, human resources, and legal departments with integrated investigation workflows.

- Manage and be the SME for the Insider Risk management settings including detection groups, priority user groups, policy indicators etc. Learn about Insider Risk Management settings | Microsoft Learn

- Build, maintain and develop the policy template requirements relating to departing users, risky users, security policy violations. Plan for Insider Risk Management | Microsoft Learn

- Provide insights from Purview IRM for escalated cases.

Splunk (must have) :

- Support incident detection, investigation and response through Splunk Dashboards

- Develop and maintain Splunk dashboards, alerts and reports for monitoring

PowerBI (must have) :

- Design, develop and publish interactive dashboards and reports under PowerBI

- Connect Power BI to Databricks and other data sources for live analytics

- Work with business stakeholders to translate requirements into visual insights

Databricks (good to have) :

- Use Databricks notebooks to extract, transform, and clean large datasets from multiple sources.

- Apply PySpark or SQL within Databricks to handle missing values, standardize formats, and prepare data for analysis or modelling.

- Write efficient SQL queries and analytical expressions in Databricks to generate insights and reports.