Microsoft Cybersecurity Architect
Description:
Microsoft Cybersecurity Architect Location: Eastern time zone, US.
US Citizenship required for eligibility to work across our customer base.
NO THIRD PARTY RECRUITERS We are seeking a Microsoft Cybersecurity Architect to lead the design and delivery of multi-tenant Managed Security Services (MSSP) and Managed Detection & Response (MDR) solutions built on the Microsoft security ecosystem.
This role requires deep technical hands-on experience with Microsoft Sentinel, Entra, Defender, and Lighthouse, as well as the ability to integrate third-party tools and custom connectors.
Key Responsibilities:Design, build, and optimize multi-tenant MDR/MSSP environments leveraging:Microsoft Sentinel (KQL-based rules, workbooks, automation, hunting)Defender for Endpoint, Identity, Cloud Apps, Office 365Microsoft Entra (Azure AD) for identity security and conditional accessAzure Lighthouse for delegated resource and tenant managementCreate and manage custom data connectors for ingesting logs from:On-prem and non-Microsoft cloud sources (e.g., AWS, Palo Alto, CrowdStrike)API-based integrations using Logic Apps, Functions, or custom code (PowerShell/Python)Collaborate with service delivery and SOC teams for them to develop:Operational workflows and runbooks for alert triage and incident responseThreat detection content mapped to MITRE ATT&CKOnboarding playbooks, customer runbooks, and documentation Required Experience:Microsoft Sentinel:Creating and tuning analytics rules using KQLDeveloping and maintaining workbooks, playbooks, and custom tablesExperience with ARM templates, Bicep, or Terraform for scripting / deploymentMicrosoft Defender Suite:Experience configuring and tuning Defender for Endpoint, Cloud, IdentityUsing advanced hunting queries for investigations and enrichmentMicrosoft Entra / Azure AD:Implementing conditional access, PIM, and identity protection policiesIntegrating Entra ID logs and signals into Sentinel for threat detectionAzure Lighthouse:Onboarding and managing multiple tenants in a centralized operational modelDelegated RBAC and Log Analytics workspace managementCustom Integration and Automation:Developing connectors for non-native data sources (REST API, Syslog, Event Hubs)Writing PowerShell or Python scripts for automation and enrichment Preferred Qualifications:Azure Solutions Architect, SC-100, SC-200, or related Microsoft certificationsFamiliarity with MITRE ATT&CK, NIST 800-53, and Zero Trust principlesExperience with data governance, compliance, and privacy regulations (GDPR, HIPAA)Understanding of multi-cloud security, especially AWS and Google Cloud integrationsPrior experience in building MSSP/MDR offerings for a security services provider Soft Skills & Traits:Excellent communication skills with technical and non-technical stakeholdersAbility to translate technical designs into repeatable service offeringsProblem-solving mindset with a focus on resilience and scalability