Security Solutions Architect

About The Position

Requirements

• Minimum of 7 years of experience in information security, IT security, or IT administration, including customer-facing or pre-sales technical work.
• Demonstrated ability to scope and document security engagements — SOWs, WBS with hours, and technical proposals.
• Hands-on familiarity with the Microsoft security stack (Entra/IAM and at least one of Purview or Intune).
• Working knowledge of at least one major compliance framework (CMMC/NIST 800-171, NIST CSF, or ISO 27001) and the ability to translate framework requirements into a remediation roadmap.
• Understanding of enterprise security concepts and technologies — MDR/EDR, email security, and how a SOC operates.
• Knowledge of data governance and data protection best practices.
• Excellent verbal and written communication skills, including the ability to present to and influence C-suite stakeholders.
• Proficiency with CRM-based opportunity management (Salesforce) and disciplined documentation habits.
• Ability to establish and maintain positive, effective relationships with coworkers, clients, and partners.
• CISSP (ISC2) — the baseline security credential for this role; required or strongly preferred.
• Microsoft Information Protection & Compliance Administrator (SC-400) — aligned to Microsoft Purview — DLP, Insider Risk Management, Data Classification, and DSPM for AI.
• Microsoft Identity & Access Administrator (SC-300) — aligned to Microsoft Entra ID and Identity & Access Management.
• Microsoft Endpoint Administrator (MD-102) — aligned to Microsoft Intune device management and policy.
• Microsoft Security Operations Analyst (SC-200) — aligned to MXDR, Microsoft Defender, and Security Copilot.
• Microsoft Cybersecurity Architect (SC-100) — expert-level credential; strongly preferred for Principal SSAs.
• Microsoft Azure — AZ-500 (Azure Security Engineer) and AZ-305 (Azure Solutions Architect Expert) are ideal, reflecting the role’s Azure architecture and security focus.
• Consultative selling — frames technical solutions in business terms and earns trusted-advisor status.
• Ownership & reliability — drives opportunities to closure and keeps documentation current so no account depends on a single person.
• Communication & executive presence — clear, confident, and credible with both engineers and executives.
• Collaboration — works seamlessly with AEs, delivery, partners, and leadership.
• Adaptability & curiosity — continuously builds expertise as the Microsoft and AI-security landscape evolves.
• Partner orientation — cultivates the channel relationships that fuel pipeline.

Nice To Haves

• Depth in Microsoft Purview (DLP, Insider Risk, Data Classification, DSPM for AI) and/or Intune and Entra ID.
• The Microsoft Entra Suite (including Entra ID Governance, Private Access, Internet Access, and Verified ID) and Microsoft Agent 365 (AI agent governance and security) — both increasingly important to the role.
• Experience with MXDR / SentinelOne and security operations positioning.
• Experience with Microsoft Defender XDR and Microsoft Defender for Cloud is a plus.
• Azure cloud architecture and security design experience — secure landing zones, network and identity architecture, and Azure security services — is ideal.
• Experience with third-party risk platforms and methodology (e.g., OSINT) and vendor-risk program scoping.
• Familiarity with Microsoft 365 tenant migration/consolidation and Copilot adoption engagements.
• Experience developing and facilitating Microsoft Envisioning Workshops — or equivalent value-demonstration and hands-on workshops — across the full engagement lifecycle.
• Knowledge of AI security best practices and emerging AI-governance requirements.
• Expert knowledge of Zero Trust principles; strong email-security and networking knowledge.
• Familiarity with FISMA, CIS Controls, and additional cloud platforms (AWS, GCP).
• Experience developing channel partners, TAs, and CSP relationships within a partner-led sales motion.
• Experience teaching or enabling technical content, formally or informally.
• Additional credentials a plus — Microsoft SC-900 (Security, Compliance & Identity Fundamentals), MS-102 (Microsoft 365 Administrator); CISM or CISA; CMMC (CCP/CCA); ISO 27001; and SentinelOne certifications.

Responsibilities

• Serve as the technical subject-matter expert across Avertium’s service portfolio, consulting customers on the solutions that best fit their security, compliance, and risk needs.
• Align customer requirements to Avertium products and services in a phased, roadmap-driven approach that sequences quick wins against longer-term program goals.
• Lead technical discovery, requirements gathering, and solution design for opportunities ranging from add-on engagements to multi-phase security programs.
• Communicate Avertium’s value as a strategic information-security and compliance partner, not a point-product vendor.
• Author custom Statements of Work and detailed line-item Work Breakdown Structures with accurate hours, scope boundaries, and assumptions.
• Produce pricing and service configurations that ensure the right scope and margin for each opportunity, including add-ons and best-effort scoping scenarios.
• Document scope nuances and exclusions (e.g., framework-specific carve-outs) so sellers have durable, reusable references for recurring client questions.
• Develop reusable offerings and accelerators — starter kits, runbooks, and packaged WBS templates — that scale repeatable engagements.
• Prepare and lead technical meetings, demonstrations, and bake-offs, coordinating internal resources to align the technical strategy for each customer or prospect.
• Present to C-suite executives and technical decision-makers; build and deliver technical presentation decks and webinars.
• Participate in contract negotiations and in onsite meetings with clients and prospects as needed.
• Facilitate post-sale planning and a seamless handoff of the customer to the delivery organization.
• Develop, maintain, and version Avertium’s catalog of Microsoft Envisioning Workshops — authoring delivery guides, modules, customer questionnaires, and toolkits, and keeping them current as Microsoft products evolve.
• Facilitate and deliver workshops end to end across the engagement lifecycle — pre-engagement and readiness, setup and scoping, data collection, exploration, and results presentation — pairing value demonstration with hands-on customer experience.
• Tailor mandatory and selectable workshop modules to each customer’s environment, tooling, and security priorities.
• Use workshops to demonstrate Microsoft security value, surface findings, and generate follow-on pipeline; many qualify for Microsoft funding.
• Develop, onboard, and maintain relationships with channel partners, technology advisors (TAs), and CSPs that drive new-logo and expansion pipeline.
• Build partner-facing intro decks, run partner enablement sessions, and represent Avertium in competitive bake-offs.
• Own warm introductions and relationship continuity for partner contacts within an assigned territory; conduct partner site visits to deepen high-value relationships.
• Act as the technical quarterback for one or more AE pipelines from opportunity identification through closure.
• Maintain accurate opportunity records, notes, and handoff documentation in Salesforce so pipelines can operate without single-person dependency.
• Participate in sales forecasting, planning, and pipeline reviews.
• Provide knowledge transfer to sales staff on current and emerging service offerings.
• Represent customer needs in the development of new services and the refinement or retirement of existing offerings.
• Maintain technical competency across existing and emerging services, with emphasis on the Microsoft security stack, compliance frameworks, and AI security.
• Mentor peers and contribute to shared SA knowledge assets, opportunity documentation, and the SA shared library.

Benefits

• Travel supports client meetings, partner site visits, bake-offs, and onsite sales engagements.