IT Information Protection Analyst; Hybrid
Westwood, Norfolk County, Massachusetts, 02090, USA
Listed on 2026-07-15
-
IT/Tech
Cybersecurity, Data Security, Information Security, IT Consultant
Information Protection Analyst
Eversource will not offer immigration-related sponsorship for this position (e.g., H-1B, O-1, J-1, TN, E-3, etc.). Applicants requiring visa sponsorship to start employment with Eversource will not be considered.
Eversource supports work-life balance by offering hybrid schedules for certain roles. Eligibility is based on job responsibilities, operational needs, nature of work and team dynamics. Current guidelines require employees to work at least three days in the office, including Tuesdays and Wednesdays, with the third day set by the employee and supervisor based on department needs. These guidelines apply to roles approved for remote work and are subject to change, based on managerial discretion and work performance.
All applicants must be able to work up to five days in the office if needed (for example: emergencies, training, or other business needs) or should the policy change.
The Information Protection Analyst serves as the technical subject matter resource for the IT Data Governance and Information Management Program, with primary responsibility for implementing, configuring, monitoring, and continuously improving Microsoft Purview-related controls and collaboration platform protections, particularly within SharePoint and related Microsoft 365 services.
This role is responsible for translating governance and business requirements into enforceable technical configurations, policies, labels, rules, and monitoring practices that strengthen the protection of unstructured data across the environment. The position will support assessments, control validation, issue remediation, spot reviews, and ongoing monitoring to ensure the organization's information protection capabilities are operating effectively and aligned to policy, business requirements, and risk expectations.
Essential Functions:- Configure, implement, and maintain Microsoft Purview controls to support data governance, records management, and information protection objectives.
- Partner with business analysts, program leadership, cybersecurity, records, compliance, and infrastructure teams to translate governance requirements into technical policies and control designs.
- Establish and administer labels, rules, policy configurations, monitoring approaches, and exception handling processes related to sensitivity, retention, access, sharing, download/copy restrictions, and information protection.
- Provide technical support and subject matter expertise for SharePoint, Microsoft 365 collaboration environments, and related repositories as they relate to unstructured data governance and protection controls.
- Perform assessments of repositories, configurations, permissions, and usage patterns to identify risks, gaps, and enhancement opportunities.
- Monitor policy performance, investigate issues, track exceptions, and support remediation of control weaknesses or process breakdowns.
- Develop and maintain technical standards, implementation procedures, support guides, and evidence required for audit, compliance, and operational sustainability.
- Support discovery events, regulatory requests, cyber incidents, and internal/external audits by helping identify data locations, protections, control posture, and technical evidence.
- Participate in tabletop exercises, simulations, and readiness activities to improve organizational preparedness for information discovery and incident scenarios.
- Produce operational reporting and dashboards showing policy coverage, control adoption, exceptions, trends, and unresolved risks.
- Conduct on-the-spot reviews and environment assessments to validate control design and operating effectiveness.
- Recommend technical improvements, automation opportunities, and control enhancements to improve protection, usability, and governance maturity.
Licenses/Certifications:
Technical Knowledge/Skill:
- Strong working knowledge of Microsoft Purview, including information protection, labeling, governance-related capabilities, and policy administration.
- Strong knowledge of SharePoint Online, Microsoft 365 collaboration controls, document permissions, content handling, and administrative…
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).