Cloud Solution Architect - Security

Cloud Solution Architect - Security at Microsoft

The Customer Experience and Success (CE&S) organization at Microsoft empowers customers to accelerate business value through differentiated experiences leveraging Microsoft’s products and services. As a Cloud Solution Architect - Security, within the Global Customer Success (GCS) organization, you will be instrumental in enabling customer success on the Microsoft Cloud. This role involves guiding technical discussions, identifying resolutions, and helping customers unlock the full potential of their Microsoft security solutions.

Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.

Customer Engagement & Advocacy

• Drive positive customer satisfaction, act as a trusted advisor, and serve as the Voice of the Customer by sharing insights and best practices.
• Collaborate with Microsoft Global Security, Engineering, and Product teams to remove blockers and influence solution roadmaps.

Solution Delivery & Value Realization

• Deliver an end-to-end value proposition for Microsoft Security (e.g., Zero Trust) across the full portfolio, with emphasis on Threat Protection, Identity & Access Management, and Cloud Security.
• Position and deliver solutions that increase security product usage, identify opportunities to drive Customer Success outcomes, and help customers realize value from Microsoft investments in partnership with Customer Success Account Managers and account teams.

Technical Problem-Solving & Best Practices

• Resolve customer blockers by leveraging subject matter expertise and Microsoft best practices.
• Use repeatable IP to accelerate business value, improve security posture, and ensure solutions follow the “Secure by Design” framework for performance, scalability, maintainability, and reliability.

Skilling & Knowledge Sharing

• Align individual skilling with team and customer success goals.
• Share expertise, contribute to IP creation and reuse, and accelerate customer outcomes.

Architecture & Design Leadership

• Lead Architectural Design Sessions to define solution implementation plans aligned with customer business objectives and technical environments, achieving consensus on design and next steps toward production.

Cross-Functional Collaboration

• Collaborate and orchestrate with cross-functional teams to develop complex, end-to-end enterprise solutions using the Microsoft Security platform.
• Modify and deliver existing IP or create new content as needed.

Qualifications

Required Qualifications:

• Bachelor's Degree in Computer Science, Information Technology, Engineering, Business, Liberal Arts, or related field AND 4+ years experience in cloud/infrastructure technologies, information technology (IT) consulting/support, systems administration, network operations, software development/support, technology solutions, practice development, architecture, and/or consulting OR equivalent experience.

Preferred Qualifications:

• Education & Experience: Bachelor’s degree in Computer Science, IT, Engineering, Business, or related field AND 8+ years of experience in cloud/infrastructure technologies, IT consulting/support, systems administration, network operations, software development/support, technology solutions, practice development, architecture, and/or consulting OR Master’s degree in Computer Science, IT, Engineering, Business, or related field AND 6+ years of experience in cloud/infrastructure technologies, technology solutions, practice development, architecture, and/or consulting.
• Data Security Expertise: Strong understanding of data security principles, including data classification, encryption, sensitivity labeling, and information protection policies; deep knowledge of On-Prem Active Directory and Microsoft Entra ID; proven experience delivering end-to-end Data Security projects using enterprise platforms; Microsoft Purview experience preferred (Information Protection, Data Loss Prevention, Insider Risk Management).
• Professional Certifications: Microsoft Security certifications such as SC-401, SC-200, SC-100, AZ-500; Microsoft Certified Trainer or equivalent; Industry-recognized certifications such as CISSP or equivalent.
• Microsoft Purview & Compliance: Hands-on experience with Data Loss Prevention (DLP), Microsoft Information Protection (MIP), sensitivity labels, Insider Risk Management (IRM), eDiscovery, Audit, Communication Compliance, and Data Lifecycle Management; strong understanding of risk and compliance posture management.
• Threat Protection & Security Operations: Proficiency with Microsoft Defender Suite (Endpoint, Identity, Office 365) and incident response workflows; experience integrating Microsoft Defender with Microsoft Sentinel for advanced threat detection.
• Identity & Access Management: Deep knowledge of Microsoft Entra ID (Azure AD), including RBAC, Conditional Access, authentication models (PTA/PHS, Federation), Privileged Identity Management (PIM), and governance features; familiarity with Self-Service Password Reset (SSPR) and Verified ID.
• Security Architecture & Governance: Understanding of Zero Trust principles, security baselines, system hardening, and compromise recovery strategies; knowledge of privileged administrative workstation concepts and password policy best practices.
• Networking & Platform Security: Experience with IPv4/IPv6 fundamentals, AD-integrated DNS, Windows Firewall configuration, and hybrid device management (AADJ).
• Cloud Security & Monitoring: Expertise in Azure Security Center, Microsoft Sentinel, and event/audit policy tuning; foundational knowledge of Microsoft Graph API for security automation.

Key skills/competency

• Cloud Security Architecture
• Microsoft Azure Security
• Zero Trust Principles
• Identity & Access Management
• Data Loss Prevention (DLP)
• Threat Protection
• Microsoft Purview
• Customer Engagement
• Solution Design
• Cybersecurity Consulting