Senior M365 Security Architect - Microsoft Defender & Purview

Job Summary:

We are looking for a highly experienced and technically astute Senior Microsoft 365 Security Architect to lead the secure design, implementation, and enhancement of the firms global M365 security environment. This role will serve as the subject matter expert (SME) for Microsofts security and compliance stackincluding Defender, Purview, and Cloud Appsand will be responsible for establishing scalable, secure architecture and governance frameworks to protect enterprise collaboration tools, data, and identities.

The architect will collaborate with global security, IT, and cloud engineering teams to ensure robust security controls are embedded across M365 workloads, and that the firm stays ahead of evolving threats and regulatory demands.

Key Responsibilities:

• Architect and implement end-to-end security controls across the Microsoft 365 ecosystem, focusing on applications, identities, collaboration, and cloud workloads.
• Lead enterprise-wide adoption of Microsoft Defender security solutions: Defender for Cloud, Defender for Office 365, Defender for Identity, and Defender for Cloud Apps.
• Provide architectural guidance and hands-on support for deploying Microsoft Purview features including data classification, labelling, and encryption to strengthen data governance.
• Drive CASB (Cloud Access Security Broker) and CSPM (Cloud Security Posture Management) strategies using Microsoft-native solutions.
• Develop security policies, reference architectures, and deployment best practices to support secure Microsoft 365 operations.
• Act as the go-to SME for complex technical challenges, incident response architecture, and strategic security tooling integration.
• Collaborate with stakeholders across Information Security, Cloud Engineering, and Business Units to ensure M365 security aligns with operational and compliance needs.

Qualifications:

• Extensive enterprise-level experience with Microsoft 365 and Azure security architecture, including hands-on implementation.
• Deep expertise in Microsoft Defender Suite, including at least two of the following:
  • Defender for Cloud
  • Defender for Cloud Apps (CASB)
  • Microsoft Purview
• Working knowledge or exposure to Microsoft Defender for Identity and Microsoft Entra ID (formerly Azure AD) is preferred.
• Demonstrated experience in designing and deploying scalable security solutions within Microsoft 365 environments.
• Strong understanding of modern security frameworks, data governance, CASB, CSPM, and identity protection.
• Proven ability to work collaboratively across global, cross-functional teams.

Nice-to-Have Certifications (Preferred but Not Required):

• Microsoft Certified: Cybersecurity Architect Expert
• Microsoft Certified: Information Protection Administrator Associate (SC-400)
• Microsoft Certified: Azure Security Engineer Associate (AZ-500)