Sr. Cyber Security Architect

Reports To: Chief Operating Officer (COO)
Job Type: Full-Time

Job Overview

We are seeking a highly skilled and experienced Sr. Cyber Security Architect with a primary focus on Entra ID Single Sign-On (SSO) implementation and management. The ideal candidate will have extensive expertise in migrating authentication and applications from other Identity Providers to Entra ID and securing authorization with Conditional Access. Secondary responsibilities include a robust background in Microsoft Email Security, specifically working with multiple organizations to implement Microsoft Defender for Office 365 (MDO), Exchange Online Protection (EOP), Office Message Encryption (OME), and email authentication protocols such as DMARC, DKIM, and SPF. Additionally, having knowledge in other areas of M365 Security, such as Microsoft Defender, Purview, Azure Security, and Cloud Security, will be highly valuable. This role requires a strategic thinker with a passion for security, the ability to drive projects to completion, and excellent communication skills to interface with both technical and non-technical stakeholders.

Key Responsibilities

Primary: Entra ID Single Sign-On (SSO) Implementation and Management

Design and Implement SSO Solutions:
Architect and implement robust SSO solutions using SAML, OIDC, OAuth, Password Based, and other methods supported by Entra App Proxy.
Consult, lead, and assist the client with the migration of existing SSO applications to Entra ID, ensuring minimal disruption to business operations.
Integrate Entra ID with various enterprise applications to provide seamless and secure SSO experiences.
Identity and Access Management:
Knowledge of provisioning to external application (SCIM, REST).
Expertise in Microsoft Entra Connect installation, upgrading, and troubleshooting.
Experience with Microsoft Entra Cloud Connect sync and provisioning to Entra ID from HR Systems.
Previous experience with working with other Identity Providers (AD FS, Okta, OneLogin, Ping Federate, etc.).
Design and implement authentication methods, Conditional Access policies, and procedures for identity and access management (IAM).
Ensure secure and efficient management of user identities, roles, and access rights.
Continuous Improvement:
Stay current with emerging trends and technologies in identity and access management.
Proactively recommend improvements to enhance the security and efficiency of the SSO and IAM infrastructure.

Design and Implement Email Security Solutions:

Architect and implement advanced email security solutions using MDO, EOP, and OME.
Develop and manage SFP, DKIM, and DMARC configurations to ensure email authentication and protection leveraging third party applications such as dmarican or Valimail
Enhance email threat detection and response mechanisms.
Implement and manage Threat Awareness programs to educate users on potential email threats.

Additional Areas of Expertise

M365 Security:
Deep understanding of Conditional Access, MFA, and phishing resistant authentication
Knowledge of Entra Identity Governance
Knowledge of Microsoft Defender, Purview, and other M365 security features.
Implement and manage advanced security measures across M365 environments.

Strategic Security Planning:

Conduct security assessments and audits to identify vulnerabilities and recommend solutions.

Project Management:

Lead and manage cybersecurity projects from inception through completion.
Collaborate with cross-functional teams to ensure timely delivery of security initiatives.
Manage Working sessions recording and meeting notes for client and PMO.

Incident Response and Mitigation:

Respond to and manage security incidents in a Tier 3 support helpdesk, providing expert analysis and remediation.


Minimum of 7 years of experience in cybersecurity with a focus on identity and access management.
Proven expertise in Entra ID Single Sign-On (SSO) and transitioning from other SSO solutions to Entra ID.
Extensive experience in Microsoft Defender for Office 365 (MDO), Exchange Online Protection (EOP), Office Message Encryption (OME), and email authentication protocols (DMARC, DKIM, SPF).
Knowledge in Microsoft Defender, Purview, Azure Security, and Cloud Security.


Strong analytical and problem-solving skills.
Excellent communication and interpersonal skills.
Ability to manage multiple projects and prioritize tasks effectively.
High level of integrity and ethical standards.


Competitive salary.
Comprehensive health, dental, and vision insurance.
Retirement savings plan.
Professional development opportunities.
Flexible work environment with Four Day, 32 Hour Work Weeks.