Principal Architect – Security

This is a fully remote position, open to applicants in United States.

📋 Description

• Lead and execute intricate security initiatives focused on Azure Security, Identity & Access Management (IAM), and Microsoft Purview / AI Governance.

• Act as a principal architect, thought leader, and trusted advisor, shaping secure cloud, data, and AI governance strategies for enterprise clients while maintaining a strong involvement in delivery.

• Provide senior technical leadership across multiple strategic client projects. Facilitate executive and architectural design sessions, define target-state security architectures, and guide delivery teams through implementation with an emphasis on quality, scalability, and measurable business outcomes.

• Serve as a trusted advisor to client stakeholders, including security, infrastructure, data, and executive leaders. Develop security roadmaps, provide guidance on operating models and governance, and offer innovative insights on Azure security, identity modernization, data protection, and AI governance.

• Remain actively engaged in delivery while overseeing complex programs from strategy through execution. Collaborate with delivery leadership to align milestones, manage technical risks, eliminate obstacles, and ensure successful outcomes across architecture, implementation, and adoption phases.

• Design and lead the implementation of enterprise security architectures across Azure and hybrid environments, including Microsoft Entra ID, Conditional Access, Identity Protection, Privileged Identity Management (PIM), role-based access control, Zero Trust controls, workload protection, and security monitoring patterns aligned to least privilege and robust governance.

• Lead projects centered around Microsoft Purview, information protection, data security posture management, data loss prevention, compliance, and governance for Copilot, AI applications, and AI agents. Assist clients in establishing secure and compliant methods for data access, policy enforcement, monitoring, lifecycle management, and responsible AI enablement.

• Dedicate approximately 25-30% of role capacity to sales enablement and solution development activities. Collaborate with account teams and solution leaders to identify opportunities, lead discovery discussions, formulate solution approaches, support estimates and statements of work, contribute to proposals, and articulate distinct value in client engagements.

• Aid in expanding the security practice through reusable assets, reference architectures, accelerators, and delivery standards. Mentor architects and engineers, coach teams on emerging Microsoft security capabilities, and enhance organizational readiness across Azure security, identity, data governance, and AI security disciplines.

⛳️ Requirements

• 12+ years of experience in security, infrastructure, or cloud consulting, including 7+ years focusing on Azure security, IAM, and enterprise governance.

• Extensive hands-on and architectural expertise in Microsoft Entra ID, Conditional Access, MFA, Identity Protection, PIM, access reviews, lifecycle governance, Azure Policy, Defender, Sentinel, RBAC, and Zero Trust design.

• Strong experience with Microsoft Purview capabilities, including data classification, sensitivity labeling, DLP, compliance controls, audit, eDiscovery, data lifecycle management, and AI/data security governance.

• Proven ability to support pre-sales and solution development, including leading workshops, defining scope, developing roadmaps, constructing solution narratives, estimating delivery approaches, and assisting proposals and executive presentations.

• Strong consulting and delivery leadership capabilities, encompassing risk management, technical oversight, stakeholder communication, and the capacity to balance strategic advisory duties with hands-on execution.

• Exceptional written, verbal, and presentation skills with the ability to engage technical teams, business stakeholders, and executive audiences. Recognized as a credible thought leader with strong facilitation, mentorship, and client relationship skills.

• Highly preferred certifications include SC-100 (Cybersecurity Architect Expert), AZ-500 (Azure Security Engineer), SC-300 (Identity and Access Administrator), along with relevant Microsoft Purview, compliance, or security certifications.

• Additional certifications such as CISSP, CCSP, CISM, or GIAC are highly desirable.

• Comprehensive understanding of Azure platform architecture, security operations, infrastructure-as-code, and integration across identity, networking, data, and cloud governance domains.

• Experience advising senior client leaders on security strategy, governance operating models, regulatory readiness, Zero Trust transformation, and responsible AI adoption.

🏝️ Benefits

• Flexible work location with a virtual-first approach to work!

• 401(K) with a match of up to 50% of your 6% contributions of eligible pay.

• Generous PTO offering a minimum of 15 days in addition to 9 paid company holidays and 2 floating personal days.

• Two medical plan options to choose what best suits your needs!

• Option for vision and dental coverage.

• 100% employer-paid coverage for life and disability insurance.

• Paid leave for both birth parents and non-birth parents.

• Option for Healthcare FSA, HSA, and Dependent Care FSA.

• $67.00 monthly tech and home office allowance.

• Eligibility for utilization and/or discretionary bonuses based on role.

• Employee Assistance Program to assist with everyday challenges.