Senior Solutions Architect

This is a fully remote position, open to applicants anywhere in the world.

📋 Description

• Perform technical evaluations and identify gaps within client environments (networks, identity, M365, Azure, AWS, endpoints, and overall security posture).

• Develop remediation strategies and upgrade roadmaps that prioritize risk and assess business impact.

• Oversee comprehensive migration projects, including discovery, architectural design, coordination, execution, and stabilization phases.

• Design AWS and Azure environments with a focus on multi-account strategies, networking, identity management, and security baselines.

• Enhance Active Directory environments through tiered administration models, privileged access management, GPO assessments, legacy protocol remediation, and attack path mitigation.

• Strengthen Microsoft 365 security measures (Entra ID Conditional Access, Identity Protection, Defender suite, Exchange Online security, Purview, Intune baselines).

• Convert security and compliance frameworks (NIST CSF, NIST 800-53/171, CMMC, HIPAA, SOC 2, ISO 27001, PCI DSS, CIS Controls) into practical technical implementations.

• Serve as a senior escalation resource for MSP, MSSP, and Incident Response teams.

• Assist in incident response efforts, leveraging expertise in identity, architecture, and forensic analysis.

• Utilize an engineering approach to enhance efficiency through automation, scripting, and applicable tooling.

⛳️ Requirements

• A minimum of 7 years in senior IT architecture, infrastructure engineering, cloud, or DevOps/SRE positions.

• Demonstrated experience in MSP, MSSP, or Incident Response settings.

• Profound understanding of networking at the protocol level (beyond mere configuration).

• Practical experience in designing solutions for both AWS and Azure platforms.

• In-depth knowledge of Active Directory hardening, permissions modeling, and the remediation of legacy systems.

• Extensive background in Microsoft 365 security (including Entra ID, Exchange Online, SharePoint, Defender, Purview, and Intune).

• Strong familiarity with security and compliance frameworks, with the capability to translate them into technical controls.

• Working knowledge of SIEM solutions (e.g., Sentinel, Splunk, Elastic) for architecture and troubleshooting purposes.

• Familiarity with EDR/AV solutions (e.g., CrowdStrike, SentinelOne, Defender for Endpoint).

• Experience using RMM and PSA tools (e.g., ConnectWise, NinjaRMM, Datto, Kaseya, HaloPSA).

• Practical experience in real-world incident response (not solely simulations).

• Strong scripting and automation capabilities (Python, PowerShell, Bash, Terraform, etc.).

• Exceptional written and verbal communication skills in English.

🏝️ Benefits

• Fully remote opportunity (available globally, provided a reliable internet connection).

• Flexible work schedule, with expected availability during critical incidents.