Purview eDiscovery & Data Collection Specialist

Client First Technologies Inc. -
United States

Quick Apply

Job Details

Full-time

Qualifications

Project reporting
Automation
Data Retention (Data management)
Legal discovery
Microsoft Exchange
Metrics Reporting
Information security
Audit Reporting
Information security compliance
Discovery preparation
Data Security (Data management)
Compliance documentation
Customer support ticket management
Retention policy implementation
Collaborative technology platforms
Microsoft Teams
SharePoint
Proper evidence handling
Metadata
Document control within legal industry
Audit support
Ticketing system technical support
Metadata management

Full Job Description

Description:

Client First Technologies currently is seeking a Purview eDiscovery & Data Collection Specialist in support of our government customer. The Purview eDiscovery & Data Collection Specialist provides end-to-end support for legally defensible electronic discovery and data collections across the enterprise’s Microsoft 365 tenant. This role executes mailbox extractions and targeted collections for a wide range of Federal agency stakeholders, ensuring repeatable, auditable, and policy-compliant outcomes. The Specialist manages eDiscovery cases in Microsoft Purview, applies litigation/legal holds, performs advanced search and collection across M365 workloads, supports review workflows, and produces exports with complete chain-of-custody documentation

This is a full-time, remote position. CFT offers a full benefits package, a collaborative work environment and a strong company culture. Veterans and military spouses are encouraged to apply.

Responsibilities

Create, configure, and manage Microsoft Purview eDiscovery cases, including defining scope, adding data sources, and managing custodians
Identify and validate custodians and sources across Exchange Online, SharePoint Online, OneDrive, and Microsoft Teams in accordance with request requirements
Place, manage, and validate legal/litigation holds to preserve relevant content; document preservation actions to support defensibility and auditability
Configure Microsoft Purview eDiscovery and Audit to automate custodian legal holds, enforce immutable data preservation, and maintain defensible compliance reporting
Develop, test, refine, and optimize search criteria (keywords, filters, and conditions) to improve precision/recall and reduce over-collection while meeting legal requirements
Execute mailbox extractions and content collections for authorized clients using Purview capabilities and approved tools/methods; coordinate related OneDrive/SharePoint collections when required
Enable and support review workflows by preparing review sets and providing secure access for stakeholders; support analytics, tagging/coding, and related review activities as needed
Export collected data in legally defensible formats aligned to eDiscovery standards; ensure exports include appropriate metadata and documentation to support downstream processing and review
Maintain complete chain-of-custody documentation, including collection logs, actions taken, and export details (e.g., hashes/metadata where applicable)
Manage intake and fulfillment of discovery/data collection requests through the ticketing process (e.g., ServiceNow): triage, prioritize, track, and document work to meet service levels
Provide decryption support for S/MIME and RMS-encrypted content when required for authorized discovery activities, ensuring outputs remain protected and access-controlled
Support restoration of individual lost/missing mailbox items in the Office 365 cloud when required and authorized
Produce status updates and operational reporting (searches, holds, collections, exports, and request metrics) for stakeholders and leadership as required
Develop, update, and maintain SOPs and process documentation; recommend and implement continuous improvements to enhance quality, consistency, and efficiency
Operate with strict confidentiality, security, and compliance discipline when handling sensitive information; adhere to organizational and federal privacy/security requirements

Requirements:

Qualifications

Hands-on experience performing eDiscovery and data collections in Microsoft Purview across Exchange Online, SharePoint Online, OneDrive, and Teams
Experience configuring Microsoft Purview eDiscovery and Audit to automate custodian legal holds, enforce immutable data preservation, and maintain defensible compliance reporting
Demonstrated understanding of defensible collection practices, including legal holds, chain-of-custody, audit logging, and export documentation
Experience working in ticketed operations (preferably ServiceNow) with strong written documentation and SLA-based execution.
Working knowledge of Microsoft 365 security and compliance concepts (retention/holds, auditing, and handling encrypted content such as S/MIME/RMS in discovery contexts)
Ability to operate in a federal or highly regulated environment with strict privacy/security requirements and to communicate effectively with Legal, Compliance, Investigations, HR, and Security stakeholders
Experience supporting high-volume enterprise discovery operations (multiple concurrent cases/requests) and producing recurring metrics/status reporting
Relevant Microsoft certifications (e.g., SC-400, MS-102, SC-200/SC-300, or equivalent)
A relevant security certification (e.g., CompTIA Security+ or equivalent)

Physical Demands

Must be able to sit and stand for extended periods of time
Occasional travel and overtime may be required

Required Clearances and Screenings

This position is subject to a government background investigation and must meet eligibility for a position designated with Moderate Risk sensitivity
Candidates with current Veterans Affairs (VA) Tier 2/Moderate Background Investigation or equivalent (e.g., DoD Tier 3/NACLC, Active Secret) are preferred

Quick Apply

Job Seeker Tools

Employer Tools

Browse

Stay Connected