0Microsoft 365 Security & Governance Specialist (m/f/d)
FINOVESTA GmbH | Germany | 40xxx Düsseldorf | Permanent position | Full time / Home office | Published since: 26.06.2026 on stepstone.de

Microsoft 365 Security & Governance Specialist (m/f/d)

Branch: Insurance and financial ser... Branch: Insurance and financial services


FINOV€STA GmbH is a dynamic, healthy growing company with currently around 50 employees. Our core business is trading in securities and derivatives. FINOV€STA holds its own memberships on many national and international stock exchanges and is also linked to other markets via brokers. We only do business on our own behalf and on our own account.

Microsoft 365, artificial intelligence and data-driven applications should be used safely, legally and productively. In parallel, we continue to expand our structures in the areas of Microsoft 365 Security, data classification, authorization management, Microsoft Purview, DLP and IT governance.

To complement our existing IT team, we are looking for you as an interface between internal IT administration, data protection, information security, compliance, management and our AI enablement area. In this role, you actively shape the technical and organizational guidelines for secure Microsoft 365 use. .

Your tasks • Your profile • What we offer

FINOV€STA GmbH is a dynamic, healthy growing company with currently around 50 employees. Our core business is trading in securities and derivatives. FINOV€STA holds its own memberships on many national and international stock exchanges and is also linked to other markets via brokers. We only do business on our own behalf and on our own account.

Microsoft 365, artificial intelligence and data-driven applications should be used safely, legally and productively. In parallel, we continue to expand our structures in the areas of Microsoft 365 Security, data classification, authorization management, Microsoft Purview, DLP and IT governance.

To complement our existing IT team, we are looking for you as an interface between internal IT administration, data protection, information security, compliance, management and our AI enablement area. In this role, you actively shape the technical and organizational guidelines for secure Microsoft 365 use.

Developing our Microsoft 365 security and governance structures with a focus on data, access and authorization protection

Introduction, maintenance and optimization of Microsoft Purview, in particular Sensitivity Labels, Data Loss Prevention, Audit, Data Classification and Information Protection

Examination and further development of authorization, role and access concepts in Microsoft 365, Entra ID, Teams, OneDrive, SharePoint and other systems

Definition of practical protection and governance rules for confidential business data together with internal IT, data protection, compliance and management

Security and data protection-related assessment of Microsoft 365 and copilot/KI use from governance view, in particular with regard to data sources, access rights, labels, DLP rules and auditability

Advising the internal IT administration to security-relevant configurations, such as MFA, Conditional Access, Intune, Device Compliance, External Releases and admin roles

Support for policies, documentation and evidence in the field of IT security, data classification, AI user guidance and DORA

Close cooperation with the AI enablement area so that new AI applications can be implemented on a secure and comprehensible Microsoft 365 governance basis

Delimitation to AI-Enablement This position is not responsible for the professional development of AI-use cases, employee training, process automation, data analysis, model/agent prototyping or the company-wide AI roadmap. These topics are the AI-Enablement area. Its focus is on the technical and organizational guidelines for Microsoft 365, data classification, access protection and traceability. Concretely, questions such as: What data can be used in Microsoft 365 and AI applications?

Which permissions are required and where are accesses too broad?

Which labels, DLP rules and audit controls need to intervene?

What Microsoft 365 settings are required for safe use of copilot, agents and connectors?

How are sensitive information protected and comprehensible controlled?

Successfully completed training in IT, e.g. specialist in system integration, or a completed study with IT/security reference

Practical experience in Microsoft 365, IT security, IT governance or information security

Good knowledge of Microsoft 365, in particular Entra ID, Exchange Online, Teams, OneDrive and ideally SharePoint

Experience in the design, implementation and application of authorization models, roles, access controls and data classifications

first practical experience with Microsoft Purview, Sensitivity Labels, DLP, Audit, Intune and Conditional Access

Basic understanding of data protection, information security and regulatory requirements in a regulated environment

Ability to document technical requirements in a comprehensible manner and to agree with internal IT, subject areas, compliance and data protection

Structured, careful and self-sponsored functioning as well as strong sense of security and responsibility

German knowledge and good English skills

are of advantage Experience in regulated industries, such as financial services, securities trading, banks, insurance or critical infrastructure

Knowledge in DORA, ISO 27001, BSI IT-Grundschutz, BAIT/MaRisk or comparable requirements

Microsoft certifications, such as SC-300, SC-400, MS-102 or comparable qualifications

Basic understanding for Microsoft Copilot and Power Platform from the perspective of security, permissions and data access

A responsible role at the interface of Microsoft 365, Information Security, Data Protection, Compliance, Management and AI Enablement

The ability to actively shape modern security and governance structures in a regulated financial environment

A technologically demanding environment with Microsoft 365, Microsoft Purview, Entra ID, Intune, DLP, data classification and copilot/KI applications

Short decision-making in a growing company with around 50 employees Support for professional training and Microsoft certifications, such as SC-300, SC-400 or MS-102

An attractive remuneration according to your experience and qualification

hybrid work after incorporation and task; at the same time, the role of close cooperation with IT, compliance, data protection and management is on the ground

We want to shape the future with you. That is why we attach great importance to a well-founded incorporation and an unlimited working relationship

Support in your mobility: bicycle (Swap Fiets), train or parking on site.

Team spirit is important to us! Therefore we regularly offer joint activities and reduced Urban Sports Club membership

30 days holiday entitlement, plus free days on 24. and 31.12.

Fruit, snacks and soft drinks

Location

ava FINOVESTA GmbH
Ellerstr. 101, 40221  Düsseldorf
Germany

The text of this ad was translated from German into English using an automatic translation system and may contain semantic and lexical errors. Therefore, it should be used for introductory purposes only. For more detailed information, see the original text of the ad at the link below.

For more information read the original ad

Permanent link to this ad

Ad Id