Microsoft 365 Security & Controls Volunteer

ABOUT US

Protect Us Kids Foundation (PUK) is on a mission to shield young people from cyber threats while empowering them to create a safer digital world. As technology transforms how we live and connect, we stand as global leaders advocating for the safety and protection of youth in virtual spaces.

WORKSTREAM

Cybersecurity and Data Governance Readiness

ROLE OVERVIEW

Protect Us Kids Foundation (PUK) is seeking a Microsoft 365 Security & Controls Volunteer to support both hands-on remediation and documentation of security controls within our Microsoft 365 environment.

This role focuses on implementing approved security improvements, increasing visibility into identity and access controls, and supporting governance readiness. Work is performed within defined guardrails, under the direction of the VP, Global Cybersecurity Compliance & External Affairs.

This is a hands-on cybersecurity role, but not an engineering or architecture position.

YOUR IMPACT

• Directly improve the security posture of the platform infrastructure that protects children across rural and under-resourced communities worldwide
• Close real security gaps in identity, access, and data governance controls within PUK’s operational environment
• Build the documentation and evidence base that supports PUK’s governance readiness across multiple international regulatory frameworks
• Strengthen the operational foundation for the We-Rise Platform and RiseUp application by ensuring the underlying M365 environment meets security and privacy standards
• Provide board-level visibility into the organization’s security control maturity through clear documentation of changes and current state

KEY RESPONSIBILITIES

• Implement and improve approved Microsoft 365 security controls, including:
  • MFA and identity/access controls
  • Secure Score driven security improvements
  • Audit logging and retention settings
• Identify security gaps and remediate approved, low-to-moderate risk items
• Document changes made, including before/after state where appropriate
• Support data governance readiness by documenting:
  • Where data resides
  • How it is accessed and protected
• Leverage Microsoft Purview capabilities (where licensed) for data governance visibility and evidence
• Escalate higher-risk or architectural changes for review prior to implementation

CHANGE AUTHORITY & GUARDRAILS

This role may implement changes, with the following boundaries:

• Changes must be within pre-approved security control areas
• No independent architectural redesigns or migrations
• No tenant-wide restructuring or licensing changes
• No acting as system owner or compliance authority
• Higher-impact changes require review and approval before execution

OUT OF SCOPE

This role does not include:

• Azure infrastructure engineering
• Microsoft 365 tenant ownership
• On-call or 24/7 operational responsibility
• Acting as a DPO or compliance certifier
• ISO or GDPR audit ownership

IDEAL BACKGROUND

• Microsoft 365 security administrators or IT professionals
• SOC analysts or junior security engineers with M365 experience
• Candidates studying for SC-200, SC-300, CISSP, or similar certifications
• Comfortable making controlled configuration changes in admin portals

REPORTING STRUCTURE

This role reports to the VP, Global Cybersecurity Compliance & External Affairs, who defines security control priorities, approves changes, and integrates remediation work into PUK’s broader governance and compliance posture.

COMMITMENT

• Approximately 2–4 hours per week
• Flexible and remote

WHY THIS ROLE MATTERS

This role provides real, hands-on cybersecurity experience while directly improving the security posture of an organization dedicated to protecting children worldwide.