Senior IRM Engineer

We are seeking an experienced Senior IRM Engineer to join WTW’s Global Information and Cyber Security Defence (ICSD) function. The Senior Microsoft IRM Engineer is responsible for designing, implementing, and managing enterprise-wide Insider Risk Management (IRM) solutions using Microsoft Purview Information Protection (formerly Azure Information Protection), Microsoft 365 Compliance Center, and related technologies. This role ensures the confidentiality, integrity, and availability of sensitive data across WTW by applying classification, labeling, and protection policies.

Key Responsibilities:

 As the L2 Insider Risk Engineer (IRM), the primary responsibilities will be:

• Implementing, maintaining, and troubleshooting the IRM technologies, policies and rules used in WTW.
• Work closely with the L3 Insider Threat Engineering Lead (IRM) to develop, implement, and refine rules and policies to help prevent data loss and protect sensitive information across the organisation.
• Ensure that IRM policies are fine-tuned and matured to reduce the number of false positives.
• Collaborate with cross-functional teams, including IT, Cyber Security, HR, legal, and compliance, to define data protection and insider risk requirements, policies and standards.
• Act as an escalation point for the L1 Insider Threat Engineers.
• Contribute to regular assessments of the Insider Threat Engineering function to identify areas for continuous improvement.
• Contribute to regular reports and updates to management on the performance and effectiveness of the IRM technologies.
• Identify trends and requirements aimed at improving and enhancing existing IRM policies, and report this upward through the security management chain.
• Provide guidance, coaching and support to L1 Insider Threat Engineers.
• Stay current with emerging IRM technologies in the cyber security landscape.

• IRM Strategy & Architecture
  • Design and implement Microsoft IRM solutions aligned with business and regulatory requirements.
  • Develop and maintain data classification, labeling, and protection strategies using Microsoft Purview.
  • Collaborate with security architects and compliance teams to define IRM policies and governance models.
  • Escalate complex issues to L3 engineering or vendor support as needed.
• Implementation & Configuration:
  • Configure Microsoft Purview Information Protection, Sensitivity Labels, and Data Loss Prevention (DLP) policies.
  • Integrate IRM with Microsoft 365 apps (Outlook, Word, Excel, SharePoint, Teams) and third-party systems.
  • Deploy and manage Azure Rights Management Services (RMS) and Microsoft Defender for Cloud Apps (MCAS) for data protection.
• Automation & Optimisation
  • Automate IRM processes using PowerShell, Microsoft Graph API, and Purview SDKs.
  • Optimise performance and user experience of IRM solutions across endpoints and cloud services
• Monitoring & Reporting:
  • Generate and review reports on IRM usage and policy effectiveness.
  • Track and log incidents, changes, and user feedback for continuous improvement.
• Collaboration:
  • Work closely with cyber defence, ICSD, compliance, and other WTW stakeholders teams to ensure alignment with data protection goals.
  • Participate in regular team meetings and contribute to process improvements.

Required Qualifications:

• Bachelor’s degree in IT, Computer Science, or related field.
• 4+ years of experience in IT support or security operations and at least 2 years in managing IRM.
• Basic understanding of Microsoft 365 Compliance Center and Azure Information Protection.
• Familiarity with sensitivity labels, encryption, and access controls.
• Strong troubleshooting and communication skills.

Preferred Qualifications:

• Microsoft 365 Fundamentals or Security & Compliance certification.

Compensation and Benefits

Base salary range and benefits information for this position are being included in accordance with requirements of various state/local pay transparency legislation. Please note that base salaries may vary for different individuals in the same role based on several factors, including but not limited to location of the role, individual competencies, education/professional certifications, qualifications/experience, performance in the role and potential for revenue generation.

Compensation

The base salary compensation range being offered for this role is $100,000-$110,000 USD per year.

This role is also eligible for an annual short-term incentive bonus.

Company Benefits

WTW provides a competitive benefit package which includes the following (eligibility requirements apply):

• Health and Welfare Benefits: Medical (including prescription coverage), Dental, Vision, Health Savings Account, Commuter Account, Health Care and Dependent Care Flexible Spending Accounts, Group Accident, Group Critical Illness, Life Insurance, AD&D, Group Legal, Identify Theft Protection, Wellbeing Program and Work/Life Resources (including Employee Assistance Program)
• Leave Benefits: Paid Holidays, Annual Paid Time Off (includes paid state/local paid leave where required), Short-Term Disability, Long-Term Disability, Other Leaves (e.g., Bereavement, FMLA, ADA, Jury Duty, Military Leave, and Parental and Adoption Leave), Paid Time Off
• Retirement Benefits: Contributory Pension Plan and Savings Plan (401k). All Level 38 and more senior roles may also be eligible for non-qualified Deferred Compensation and Deferred Savings Plans.

Pursuant to the San Francisco Fair Chance Ordinance and Los Angeles County Fair Chance Ordinance for Employers, we will consider for employment qualified applicants with arrest and conviction records.

Note that visa employment-based non-immigrant visa sponsorship and/or assistance is not offered for this specific job opportunity.

This position will remain posted for a minimum of three business days from the date posted or until sufficient/appropriate candidate slate has been identified.

EOE, including disability/vets