M365 Architect

About The Position

Requirements

• Bachelor’s degree in a relevant field preferred, or equivalent experience required
• 7+ years of IT experience with advanced expertise across Microsoft 365 (Entra ID, Exchange Online, OneDrive, SharePoint Online, Teams), Defender Suite, Intune, and Enterprise Mobility + Security
• Expertise architecting Microsoft 365 tenant-to-tenant migrations, including identity cutover, Exchange, OneDrive, SharePoint, and Teams, with ownership of technical approach and sequencing decisions
• Proven experience leading M&A integration and carve-out projects focused on the M365 stack (e.g. M365 tenant-to-tenant migration and cybersecurity hardening)
• Expertise in coexistence identity strategies and architecture across hybrid and multi-tenant environments
• Proven ability to architect and implement Microsoft Entra ID environments at enterprise scale, including Conditional Access, MFA, SSO/federation (SAML, OAuth, OIDC), Enterprise Apps, identity governance (PIM, RBAC, access reviews, lifecycle automation), DLP, compliance controls, least-privilege access models, and Zero Trust architecture
• Experience architecting hybrid identity and implementing identity threat protection, including Azure AD Connect, Active Directory integration, Defender for Identity, and remediation of identity-related security risks
• Proven experience designing and implementing Microsoft Intune solutions at enterprise scale, including device enrollment strategies (BYOD, corporate-owned), compliance and conditional access policies, configuration profiles, and integration with Microsoft Entra ID and Defender for Endpoint
• Experience with email security standards, including implementation
• Proficiency with PowerShell for M365 administration, bulk remediation, and reporting; and experience using scripting (Python, etc.), automation, and/or Infrastructure-as-Code tools like Terraform to deploy hybrid-cloud environments and automate tasks within Microsoft 365
• Strong communication and presentation skills, with the ability to explain complex security risks to non-technical stakeholders

Nice To Haves

• Prior experience in consulting or a professional services environment preferred
• Microsoft Cybersecurity Architect (SC-100)
• Microsoft Identity and Access Administrator (SC-300)
• Azure Security Engineer Associate (AZ-500)
• Microsoft 365 Certified: Administrator Expert (MS-102)
• Microsoft 365 Certified: Endpoint Administrator (MD-102)

Responsibilities

• Collaborate with a team of technology consultants to design, build, and implement Microsoft 365, and IT infrastructure solutions with the goal of improving client business and technical operations
• Participate in client stakeholder interviews, assess current state IT processes and infrastructure environments (including Microsoft 365 environments such as SharePoint Online, Teams, and Exchange Online, and Intune), document requirements, and make solution recommendations
• Lead technical delivery across cloud platform migrations (focus on M365), security, and IAM engagements, owning design execution, testing, and quality validation while coordinating cross-functional teams and developing junior technical staff
• Design and implement enterprise endpoint management and security solutions using Microsoft Intune and Microsoft Defender, covering device enrollment, compliance policies, configuration profiles, and application delivery, to ensure a secure, Zero Trust-aligned endpoint posture across managed client environments
• Lead the architecture and implementation of enterprise IAM solutions within Microsoft Entra ID, including Conditional Access, MFA, SSO/Federation, PIM, RBAC, access reviews, and identity lifecycle governance to deliver Zero Trust-aligned environments at enterprise scale
• Use Infrastructure-as-Code, scripting, and other tools to modernize client environments, automate tasks during migrations, and enhance Microsoft 365 governance and security
• Serve as the technical authority on engagements: Define and present solution architecture and roadmaps to client executives, and communicate technical decisions and project status to engagement leads and stakeholders
• Leverage both external & internal trainings to sharpen technical proficiencies, learn new technologies, and develop leadership skills

Benefits

• Employees (and their families) are covered by medical, dental, vision, and basic life insurance.
• Employees are able to enroll in our company’s 401k plan
• purchase shares from our employee stock ownership program
• be eligible to receive annual bonuses
• unlimited flexible time off
• ten paid holidays throughout the calendar year
• Eligibility for ten weeks of paid parental leave will also be available upon hire date.