Cloud Solution Architect - Security
Microsoft
With more than 45,000 employees and partners worldwide, the Customer Experience and Success (CE&S) organization is on a mission to empower customers to accelerate business value through differentiated customer experiences that leverage Microsoft’s products and services, ignited by our people and culture. We drive cross-company alignment and execution, ensuring that we consistently exceed customers’ expectations in every interaction, whether in-product, digital, or human-centered. CE&S is responsible for all up services across the company, including consulting, customer success, and support across Microsoft’s portfolio of solutions and products. Join CE&S and help us accelerate AI transformation for our customers and the world.
The Global Customer Success (GCS) organization, an organization within CE&S, is leading the effort to enable customer success on the Microsoft Cloud by harnessing leading, AI-powered capabilities and human expertise to deliver innovative solutions that accelerate business value, drive operational excellence and nurture long term loyalty. As a Cloud Solution Architect - Security, you will empower customers to achieve their goals through their investments in Microsoft technology. Leveraging your expertise, you'll guide technical discussions to help customers unlock the full potential of their Microsoft solutions, including identifying resolutions to issues blocking customer success projects. This role offers a dynamic opportunity to advance your career, refine your technical and collaboration skills, and deepen your expertise.
Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.
Responsibilities
Customer Engagement & Advocacy
- Drive positive customer satisfaction, act as a trusted advisor, and serve as the Voice of the Customer by sharing insights and best practices.
- Collaborate with Microsoft Global Security, Engineering, and Product teams to remove blockers and influence solution roadmaps.
Solution Delivery & Value Realization
- Deliver an end-to-end value proposition for Microsoft Security (e.g., Zero Trust) across the full portfolio, with emphasis on Threat Protection, Identity & Access Management, and Cloud Security.
- Position and deliver solutions that increase security product usage, identify opportunities to drive Customer Success outcomes, and help customers realize value from Microsoft investments in partnership with Customer Success Account Managers and account teams.
Technical Problem-Solving & Best Practices
- Resolve customer blockers by leveraging subject matter expertise and Microsoft best practices.
- Use repeatable IP to accelerate business value, improve security posture, and ensure solutions follow the “Secure by Design” framework for performance, scalability, maintainability, and reliability.
Skilling & Knowledge Sharing
- Align individual skilling with team and customer success goals.
- Share expertise, contribute to IP creation and reuse, and accelerate customer outcomes.
Architecture & Design Leadership
- Lead Architectural Design Sessions to define solution implementation plans aligned with customer business objectives and technical environments, achieving consensus on design and next steps toward production.
Cross-Functional Collaboration
- Collaborate and orchestrate with cross-functional teams to develop complex, end-to-end enterprise solutions using the Microsoft Security platform.
- Modify and deliver existing IP or create new content as needed.
Other
Qualifications
Required Qualifications:
- Bachelor's Degree in Computer Science, Information Technology, Engineering, Business, Liberal Arts, or related field AND 4+ years experience in cloud/infrastructure technologies, information technology (IT) consulting/support, systems administration, network operations, software development/support, technology solutions, practice development, architecture, and/or consulting OR equivalent experience.
Preferred Qualifications
-
Education & Experience
- Bachelor’s degree in Computer Science, Information Technology, Engineering, Business, or related field AND 8+ years of experience in cloud/infrastructure technologies, IT consulting/support, systems administration, network operations, software development/support, technology solutions, practice development, architecture, and/or consulting
- OR Master’s degree in Computer Science, Information Technology, Engineering, Business, or related field AND 6+ years of experience in cloud/infrastructure technologies, technology solutions, practice development, architecture, and/or consulting
-
Data Security Expertise
- Strong understanding of data security principles, including data classification, encryption, sensitivity labeling, and information protection policies
- Deep knowledge of On-Prem Active Directory and Microsoft Entra ID
- Proven experience delivering end-to-end Data Security projects using enterprise platforms; Microsoft Purview experience preferred (Information Protection, Data Loss Prevention, Insider Risk Management)
-
Professional Certifications
- Microsoft Security certifications such as SC-401 (Information Security Administrator Associate – Purview focus), SC-200 (Security Operations Analyst Associate), SC-100 (Cybersecurity Architect), AZ-500 (Azure Security Engineer Associate)
- Microsoft Certified Trainer or equivalent
- Industry-recognized certifications such as CISSP or equivalent
-
Microsoft Purview & Compliance
- Hands-on experience with Data Loss Prevention (DLP), Microsoft Information Protection (MIP), sensitivity labels, Insider Risk Management (IRM), eDiscovery, Audit, Communication Compliance, and Data Lifecycle Management
- Strong understanding of risk and compliance posture management
-
Threat Protection & Security Operations
- Proficiency with Microsoft Defender Suite (Endpoint, Identity, Office 365) and incident response workflows
- Experience integrating Microsoft Defender with Microsoft Sentinel for advanced threat detection
-
Identity & Access Management
- Deep knowledge of Microsoft Entra ID (Azure AD), including RBAC, Conditional Access, authentication models (PTA/PHS, Federation), Privileged Identity Management (PIM), and governance features
- Familiarity with Self-Service Password Reset (SSPR) and Verified ID
-
Security Architecture & Governance
- Understanding of Zero Trust principles, security baselines, system hardening, and compromise recovery strategies
- Knowledge of privileged administrative workstation concepts and password policy best practices
-
Networking & Platform Security
- Experience with IPv4/IPv6 fundamentals, AD-integrated DNS, Windows Firewall configuration, and hybrid device management (AADJ)
-
Cloud Security & Monitoring
- Expertise in Azure Security Center, Microsoft Sentinel, and event/audit policy tuning
- Foundational knowledge of Microsoft Graph API for security automation
Cloud Solution Architecture IC4 - The typical base pay range for this role across the U.S. is USD $106,400 - $203,600 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $137,600 - $222,600 per year.
Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here:
https://careers.microsoft.com/us/en/us-corporate-pay
This position will be open for a minimum of 5 days, with applications accepted on an ongoing basis until the position is filled.
Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance with religious accommodations and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.