Job Specifications
We’re BDO, a global network connected to local markets. Our people work together to provide specialist expertise, helping businesses achieve their goals and grow.
We inspire others, to go further. We create together, to reach higher. We build trust, to lead purposefully.
Whether you're building your future or starting your career – with us, you won’t do it alone. From creating solutions for our clients to building careers for our people, we shape what matters, and that’s where you come in.
Specialist, Information Management
The Information Management Specialist will play a leading role in driving the improvement of Information Management and protection practices within the Global Office. This role is responsible for analysing business needs, working closely with stakeholders and Global Office Management to ensure that the Microsoft 365 compliance features are aligned with organisational policy, regulatory obligations and operational needs.
The Information Management Specialist will support the development of programme plans, gather business requirements and drive change management and user adoption approaches to strengthen BDO’s information protection posture. By connecting business functions, technology teams and policy owners, the Information Management Specialist will ensure that information risks are understood, Microsoft Office 365 controls are effectively embedded and staff are adopting new ways of working. The role is critical to evolve BDO information management maturity to ensure that our controls, processes and behaviours enable safe, compliant and effective use of information throughout its lifecycle.
What you’ll be doing
Business Analysis & Requirements Definition
Conduct analysis of business processes and policies, information workflows, risks to identify where information management and protection controls are required or need to evolve.
Translate business requirements into clear, actionable requirements for technology teams, creating stage or phased implementation plans where needed.
Map existing processes to understand where data is created, shared, and stored, identifying impacts of proposed controls.
Conduct business impact assessments when new compliance features (e.g., DLP, sensitivity labels, retention) are introduced.
Information Protection & Compliance Alignment
Work closely with Risk & Compliance stakeholders to interpret policies and define how Microsoft Purview features (e.g., sensitivity labels, DLP, retention, insider risk) should be used to meet control expectations.
Ensure information protection requirements are embedded into frameworks, operating models, processes and technology.
Analyse policy language (e.g., data retention, acceptable use, classification, privacy) and express it as practical operational requirements. Identify mismatches between current policy and Microsoft 365 capabilities.
Governance Framework Development & Maintenance
Support development of governance models covering classification, retention, sensitive data handling, and collaboration.
Ensure governance of Information Management aligns with business objectives and is updated as technology, policy or regulatory requirements change.
Change Management & Adoption
Develop change and adoption plans to support rollout of new information management and protection capabilities across the Global Office.
Support Communications & Training team with developing communication materials, stakeholder engagement plans, and training resources targeted at different user groups.
Promote behavioural change and ensure employees understand the why and how of new controls and practices.
Subject Matter Expertise
Maintain deep knowledge of Microsoft Purview’s compliance, governance, and protection capabilities.
Advise on how features such as DLP, retention, data lifecycle controls, sensitivity labels, and compliance portals can support policy requirements.
Monitor industry trends and Microsoft roadmap changes, communicating impacts and opportunities to stakeholders.
Provide expert guidance on best practices for information lifecycle management.
Identify gaps in current practices and recommend improvements to strengthen compliance, efficiency, and user experience.
Knowledge
Solid understanding of information management and information protection principles, including data classification, retention, lifecycle management, and risk mitigation.
Working knowledge of Microsoft 365 governance, security, and compliance features, particularly within the Purview suite.
Understanding of relevant regulations and compliance requirements related to information management, data privacy, and security (e.g., GDPR, HIPAA).
Familiarity with data governance frameworks and their application in an organisational context.
Commercial: Signed EA/renewal/amendment on time and within guardrails; % cost optimization vs baseline; price/discount improvements; funding captured.
Value: € value realization ledger; adoption score improvements; E5/C