Purview eDiscovery & Data Collection Specialist

Client First Technologies currently is seeking a Purview eDiscovery & Data Collection Specialist in support of our government customer. The Purview eDiscovery & Data Collection Specialist provides end-to-end support for legally defensible electronic discovery and data collections across the enterprise’s Microsoft 365 tenant. This role executes mailbox extractions and targeted collections for a wide range of Federal agency stakeholders, ensuring repeatable, auditable, and policy-compliant outcomes. The Specialist manages eDiscovery cases in Microsoft Purview, applies litigation/legal holds, performs advanced search and collection across M365 workloads, supports review workflows, and produces exports with complete chain-of-custody documentation  This is a full-time, remote position.  CFT offers a full benefits package, a collaborative work environment and a strong company culture.  Veterans and military spouses are encouraged to apply.   Responsibilities Create, configure, and manage Microsoft Purview eDiscovery cases, including defining scope, adding data sources, and managing custodians. Identify and validate custodians and sources across Exchange Online, SharePoint Online, OneDrive, and Microsoft Teams in accordance with request requirements. Place, manage, and validate legal/litigation holds to preserve relevant content; document preservation actions to support defensibility and auditability. Configure Microsoft Purview eDiscovery and Audit to automate custodian legal holds, enforce immutable data preservation, and maintain defensible compliance reporting. Develop, test, refine, and optimize search criteria (keywords, filters, and conditions) to improve precision/recall and reduce over-collection while meeting legal requirements. Execute mailbox extractions and content collections for authorized clients using Purview capabilities and approved tools/methods; coordinate related OneDrive/SharePoint collections when required. Enable and support review workflows by preparing review sets and providing secure access for stakeholders; support analytics, tagging/coding, and related review activities as needed. Export collected data in legally defensible formats aligned to eDiscovery standards; ensure exports include appropriate metadata and documentation to support downstream processing and review. Maintain complete chain-of-custody documentation, including collection logs, actions taken, and export details (e.g., hashes/metadata where applicable). Manage intake and fulfillment of discovery/data collection requests through the ticketing process (e.g., ServiceNow): triage, prioritize, track, and document work to meet service levels. Provide decryption support for S/MIME and RMS-encrypted content when required for authorized discovery activities, ensuring outputs remain protected and access-controlled. Support restoration of individual lost/missing mailbox items in the Office 365 cloud when required and authorized. Produce status updates and operational reporting (searches, holds, collections, exports, and request metrics) for stakeholders and leadership as required. Develop, update, and maintain SOPs and process documentation; recommend and implement continuous improvements to enhance quality, consistency, and efficiency. Operate with strict confidentiality, security, and compliance discipline when handling sensitive information; adhere to organizational and federal privacy/security requirements.  Qualifications Hands-on experience performing eDiscovery and data collections in Microsoft Purview across Exchange Online, SharePoint Online, OneDrive, and Teams. Experience configuring Microsoft Purview eDiscovery and Audit to automate custodian legal holds, enforce immutable data preservation, and maintain defensible compliance reporting. Demonstrated understanding of defensible collection practices, including legal holds, chain-of-custody, audit logging, and export documentation. Experience working in ticketed operations (preferably ServiceNow) with strong written documentation and SLA-based execution. Working knowledge of Microsoft 365 security and compliance concepts (retention/holds, auditing, and handling encrypted content such as S/MIME/RMS in discovery contexts). Ability to operate in a federal or highly regulated environment with strict privacy/security requirements and to communicate effectively with Legal, Compliance, Investigations, HR, and Security stakeholders. Experience supporting high-volume enterprise discovery operations (multiple concurrent cases/requests) and producing recurring metrics/status reporting. Relevant Microsoft certifications (e.g., SC-400, MS-102, SC-200/SC-300, or equivalent). A relevant security certification (e.g., CompTIA Security or equivalent).  Physical Demands  Must be able to sit and stand for extended periods of time Occasional travel and overtime may be required  Required Clearances and Screenings  This position is subject to a government background investigation and must meet eligibility for a position designated with Moderate Risk sensitivity. Candidates with current Veterans Affairs (VA) Tier 2/Moderate Background Investigation or equivalent (e.g., DoD Tier 3/NACLC, Active Secret) are preferred.   Company DescriptionClient First Technologies (CFT) provides Strategic Consulting, Technology and Managed Services to commercial, non-profit and government organizations. Our expertise lies in mobilizing the right people, skills and technologies to help organizations with their most pressing challenges.As a Service Disabled Veteran Owned Small Business (SDVOSB), CFT is committed to excellence and creating innovative and flexible solutions for our clients.

Salary : $19 - $26