Job Description

Job Description

Microsoft Cybersecurity Architect

Location : Eastern time zone, US.

US Citizenship required for eligibility to work across our customer base.

****NO THIRD PARTY RECRUITERS****

We are seeking a Microsoft Cybersecurity Architect to lead the design and delivery of multi-tenant Managed Security Services (MSSP) and Managed Detection & Response (MDR) solutions built on the Microsoft security ecosystem . This role requires deep technical hands-on experience with Microsoft Sentinel, Entra, Defender, and Lighthouse , as well as the ability to integrate third-party tools and custom connectors.

Key Responsibilities:

• Design, build, and optimize multi-tenant MDR/MSSP environments leveraging:
• Microsoft Sentinel (KQL-based rules, workbooks, automation, hunting)
• Defender for Endpoint, Identity, Cloud Apps, Office 365
• Microsoft Entra (Azure AD) for identity security and conditional access
• Azure Lighthouse for delegated resource and tenant management
• Create and manage custom data connectors for ingesting logs from:
• On-prem and non-Microsoft cloud sources (e.g., AWS, Palo Alto, CrowdStrike)
• API-based integrations using Logic Apps, Functions, or custom code (PowerShell/Python)
• Collaborate with service delivery and SOC teams for them to develop:
• Operational workflows and runbooks for alert triage and incident response
• Threat detection content mapped to MITRE ATT&CK
• Onboarding playbooks, customer runbooks, and documentation

Required Experience:

• Microsoft Sentinel:
• Creating and tuning analytics rules using KQL
• Developing and maintaining workbooks, playbooks , and custom tables
• Experience with ARM templates , Bicep , or Terraform for scripting / deployment
• Microsoft Defender Suite:
• Experience configuring and tuning Defender for Endpoint, Cloud, Identity
• Using advanced hunting queries for investigations and enrichment
• Microsoft Entra / Azure AD:
• Implementing conditional access, PIM, and identity protection policies
• Integrating Entra ID logs and signals into Sentinel for threat detection
• Azure Lighthouse:
• Onboarding and managing multiple tenants in a centralized operational model
• Delegated RBAC and Log Analytics workspace management
• Custom Integration and Automation:
• Developing connectors for non-native data sources (REST API, Syslog, Event Hubs)
• Writing PowerShell or Python scripts for automation and enrichment

Preferred Qualifications:

• Azure Solutions Architect, SC-100, SC-200, or related Microsoft certifications
• Familiarity with MITRE ATT&CK, NIST 800-53 , and Zero Trust principles
• Experience with data governance, compliance , and privacy regulations (GDPR, HIPAA)
• Understanding of multi-cloud security , especially AWS and Google Cloud integrations
• Prior experience in building MSSP/MDR offerings for a security services provider

Soft Skills & Traits:

• Excellent communication skills with technical and non-technical stakeholders
• Ability to translate technical designs into repeatable service offerings
• Problem-solving mindset with a focus on resilience and scalability

Job Tags

Similar Jobs