Secure AI Implementation Lead (M365 Copilot & Copilot Studio)
Start Date: ASAP
Location: Remote, with 1 or 2 days travel as required.
Day Rate: £*** (Inside IR35)
Role Overview
Our client is embarking on a secure, phased implementation of Microsoft Copilot and Copilot Studio within a high‑assurance environment. This role will lead both phases, ensuring all work aligns with the Operating within a highly secure, government-aligned environment.
The engagement covers:
* Phase 1: Secure activation and governance of M365 Copilot Chat across the organisation.
* Phase 2: Establishing a compliant Copilot Studio environment, enabling custom agent development under strict defence‑grade controls.
You will work closely with security, compliance, IT operations, and development teams to ensure safe deployment, usage monitoring, appropriate guardrails, and adherence to all mandated standards.
M365 Copilot Chat Enablement
* Strong understanding of Microsoft 365 E5, Copilot with commercial data protection, and secure tenant configuration.
* Experience enforcing UK Data Boundary residency lock and preventing cross‑geo or multi‑tenant data movement.
* Ability to block all non‑approved Copilot entry points (e.g., Copilot for Windows, free Copilot versions).
* Knowledge of Purview controls to prevent prohibited data types entering AI interactions.
* Ability to configure Restricted SharePoint Search to avoid oversharing or data surfacing.
* Experience auditing and remediating “Everyone except external users” permissions.
* Capable of designing and monitoring usage reporting, alerting, and pilot‑safe testing scenarios.
* Familiarity with Copilot Chat in apps and ability to advise on feasible roll‑out.
Copilot Studio & Custom Agent Development
* Strong background in Power Platform, Dataverse, and Microsoft Fabric governance.
* Experience designing isolated AI‑Production environments compliant with secure‑by‑design principles.
* Ability to implement DLP policies, blocking non‑approved or non‑EU connectors.
* Governance expertise: restricting maker access and enforcing Entra ID authentication/SSO for all agents.
* Threat modelling experience, ideally with Secure by Design frameworks (including prompt injection risk mitigation).
* Understanding of DEFSTAN 05‑138 and the DCPP Cyber Risk Profile for supplier/third‑party integrations.
* Ability to define and maintain an AI agent lifecycle across Dev, Test, and Prod.
* Experience contributing to security cases for production agents.
* Awareness of emerging Copilot admin tools within Defender, Purview, and broader M365 ecosystem.
If you are available and interested in this opportunity, please apply for further information. Please note, due to high volumes of applications we are unable to contact every applicant.
If you do not hear back from us within 7 days of sending your application, please assume that you have not been successful on this occasion.
At Lucid, we celebrate difference and value diverse perspectives, underpinned by our values of Honesty, Integrity and Pragmatism. We are proud to provide equal opportunities in line with our Diversity and Inclusion policy and welcome applications from all suitably qualified or experienced individuals, regardless of personal characteristics.
If you have a disability or health condition and seek support throughout the recruitment process, please do not hesitate to contact us.