M365 Architect

West Monroe•Los Angeles, CA

4h•$152,200 - $205,900•Onsite

About The Position

West Monroe is excited to hire a Microsoft 365 Architect for our growing Enterprise Technology team. We are looking for a technologist with keen business acumen to help solve some of our clients’ most complex problems while leveraging public cloud services, automation, Microsoft 365 solutions, and advanced Identity and Access Management (IAM) capabilities. This role will play a key part in designing secure, scalable, and Zero Trust-aligned environments across Microsoft 365 and hybrid infrastructures. This is a rewarding opportunity to join a high-growth company and employee-centric culture while helping enterprise clients transform their IT infrastructure and identity security environments. West Monroe is a global business and technology consulting firm passionate about creating measurable value for our clients, delivering real-world solutions. The combination of business and technology is not new, but how we bring them together is unique. We are fluent in both. We know that technology alone is not the answer, but how we apply it is. We rely on data to constantly adapt and solve new challenges. Actions that work today with outcomes that generate value for years to come. At West Monroe, we zero in on the heart of the opportunity, getting to results faster and preparing people for what’s next. You will feel the difference in how we work. We show up personally. We are right there in the room with you, co-creating through the challenges. With West Monroe, collaboration is not a lofty promise, but a daily action. We work together with you to turn vision into clear action with lasting impact.

Requirements

Bachelor’s degree in a relevant field preferred, or equivalent experience required
7+ years of IT experience with advanced expertise across Microsoft 365 (Entra ID, Exchange Online, OneDrive, SharePoint Online, Teams), Defender Suite, Intune, and Enterprise Mobility + Security
Expertise architecting Microsoft 365 tenant-to-tenant migrations, including identity cutover, Exchange, OneDrive, SharePoint, and Teams, with ownership of technical approach and sequencing decisions
Proven experience leading M&A integration and carve-out projects focused on the M365 stack (e.g. M365 tenant-to-tenant migration and cybersecurity hardening)
Expertise in coexistence identity strategies and architecture across hybrid and multi-tenant environments
Proven ability to architect and implement Microsoft Entra ID environments at enterprise scale, including Conditional Access, MFA, SSO/federation (SAML, OAuth, OIDC), Enterprise Apps, identity governance (PIM, RBAC, access reviews, lifecycle automation), DLP, compliance controls, least-privilege access models, and Zero Trust architecture
Experience architecting hybrid identity and implementing identity threat protection, including Azure AD Connect, Active Directory integration, Defender for Identity, and remediation of identity-related security risks
Proven experience designing and implementing Microsoft Intune solutions at enterprise scale, including device enrollment strategies (BYOD, corporate-owned), compliance and conditional access policies, configuration profiles, and integration with Microsoft Entra ID and Defender for Endpoint
Experience with email security standards, including implementation
Proficiency with PowerShell for M365 administration, bulk remediation, and reporting; and experience using scripting (Python, etc.), automation, and/or Infrastructure-as-Code tools like Terraform to deploy hybrid-cloud environments and automate tasks within Microsoft 365
Strong communication and presentation skills, with the ability to explain complex security risks to non-technical stakeholders

Nice To Haves

Prior experience in consulting or a professional services environment preferred
Microsoft Cybersecurity Architect (SC-100)
Microsoft Identity and Access Administrator (SC-300)
Azure Security Engineer Associate (AZ-500)
Microsoft 365 Certified: Administrator Expert (MS-102)
Microsoft 365 Certified: Endpoint Administrator (MD-102)

Responsibilities

Collaborate with a team of technology consultants to design, build, and implement Microsoft 365, and IT infrastructure solutions with the goal of improving client business and technical operations
Participate in client stakeholder interviews, assess current state IT processes and infrastructure environments (including Microsoft 365 environments such as SharePoint Online, Teams, and Exchange Online, and Intune), document requirements, and make solution recommendations
Lead technical delivery across cloud platform migrations (focus on M365), security, and IAM engagements, owning design execution, testing, and quality validation while coordinating cross-functional teams and developing junior technical staff
Design and implement enterprise endpoint management and security solutions using Microsoft Intune and Microsoft Defender, covering device enrollment, compliance policies, configuration profiles, and application delivery, to ensure a secure, Zero Trust-aligned endpoint posture across managed client environments
Lead the architecture and implementation of enterprise IAM solutions within Microsoft Entra ID, including Conditional Access, MFA, SSO/Federation, PIM, RBAC, access reviews, and identity lifecycle governance to deliver Zero Trust-aligned environments at enterprise scale
Use Infrastructure-as-Code, scripting, and other tools to modernize client environments, automate tasks during migrations, and enhance Microsoft 365 governance and security
Serve as the technical authority on engagements: Define and present solution architecture and roadmaps to client executives, and communicate technical decisions and project status to engagement leads and stakeholders
Leverage both external & internal trainings to sharpen technical proficiencies, learn new technologies, and develop leadership skills