Key skills
PowerShellAzureRisk ManagementCommunication
About this role
WTW is seeking an experienced Senior IRM Engineer to join their Global Information and Cyber Security Defence function. This role involves designing, implementing, and managing enterprise-wide Insider Risk Management solutions to ensure the confidentiality, integrity, and availability of sensitive data across the organization.
Responsibilities:
- Implementing, maintaining, and troubleshooting the IRM technologies, policies and rules used in WTW
- Work closely with the L3 Insider Threat Engineering Lead (IRM) to develop, implement, and refine rules and policies to help prevent data loss and protect sensitive information across the organisation
- Ensure that IRM policies are fine-tuned and matured to reduce the number of false positives
- Collaborate with cross-functional teams, including IT, Cyber Security, HR, legal, and compliance, to define data protection and insider risk requirements, policies and standards
- Act as an escalation point for the L1 Insider Threat Engineers
- Contribute to regular assessments of the Insider Threat Engineering function to identify areas for continuous improvement
- Contribute to regular reports and updates to management on the performance and effectiveness of the IRM technologies
- Identify trends and requirements aimed at improving and enhancing existing IRM policies, and report this upward through the security management chain
- Provide guidance, coaching and support to L1 Insider Threat Engineers
- Stay current with emerging IRM technologies in the cyber security landscape
- Design and implement Microsoft IRM solutions aligned with business and regulatory requirements
- Develop and maintain data classification, labeling, and protection strategies using Microsoft Purview
- Collaborate with security architects and compliance teams to define IRM policies and governance models
- Escalate complex issues to L3 engineering or vendor support as needed
- Configure Microsoft Purview Information Protection, Sensitivity Labels, and Data Loss Prevention (DLP) policies
- Integrate IRM with Microsoft 365 apps (Outlook, Word, Excel, SharePoint, Teams) and third-party systems
- Deploy and manage Azure Rights Management Services (RMS) and Microsoft Defender for Cloud Apps (MCAS) for data protection
- Automate IRM processes using PowerShell, Microsoft Graph API, and Purview SDKs
- Optimise performance and user experience of IRM solutions across endpoints and cloud services
- Generate and review reports on IRM usage and policy effectiveness
- Track and log incidents, changes, and user feedback for continuous improvement
- Work closely with cyber defence, ICSD, compliance, and other WTW stakeholders teams to ensure alignment with data protection goals
- Participate in regular team meetings and contribute to process improvements
Requirements:
- Bachelor's degree in IT, Computer Science, or related field
- 4+ years of experience in IT support or security operations and at least 2 years in managing IRM
- Basic understanding of Microsoft 365 Compliance Center and Azure Information Protection
- Familiarity with sensitivity labels, encryption, and access controls
- Strong troubleshooting and communication skills
- Microsoft 365 Fundamentals or Security & Compliance certification