Microsoft Cloud Solution Architect Azure Government & Microsoft Office 365 GCC High

You are a handson cloud security architect who leads discovery designs CMMC Level 2aligned solutions produces HLD/LLD and implementation plans and guides delivery teams through build/migrate/hardening in Azure Government and Microsoft 365 GCC High. Youll map NIST 800171/172 practices to Microsoft controls accelerate timetoauditready and create repeatable patterns our delivery and managedservices teams can run at scale.

Responsibilities

Presales & Solutioning

• Lead technical discovery/workshops; translate business compliance and risk needs into secure cloud designs.

• Produce solution artifacts (HLD/LLD diagrams LOE inputs) and shape SOWs with Sales ensuring delivery feasibility and margin.

• Package enablement offers that cleanly hand off to managed services with clear acceptance criteria and runbooks.

Security & Compliance Architecture (Azure Gov / GCC High)

• Design CMMC L2 control implementations across Identity Device Data and Threat:

  • Identity/Access: Microsoft Entra ID (PIM Conditional Access MFA) Entra Connect/Cloud Sync privileged access workstations.

  • Endpoint/Device: Intune baselines compliance/hardening BitLocker updates.

  • Data Protection: Microsoft Purview (labels DLP Insider Risk) CUI scoping and dataflow mapping.

  • Threat: Microsoft Defender (Endpoint/Identity/Office/Cloud) Microsoft Sentinel (SIEM/SOAR) KQL analytics playbooks.

  • Cloud Platform: Azure Gov landing zones Policy/Blueprint equivalents Key Vault Private Link segmentation logging/monitoring BCDR.

• Define CUI boundary controls and evidence capture to support auditready operations.

Delivery Leadership & Handoffs

• Create build/runbooks and validation procedures; coach engineers during implementation.

• Contribute to SSP/POA&M inputs with GRC partners; ensure evidence is automated and durable.

• Transition finished solutions into Managed Services (SLAs/OLAs monitors alerts dashboards knowledge transfer).

Automation & Operationalization

• Use PowerShell Bicep/Terraform Logic Apps/Power Automateand when helpful API integrators (e.g. n8n Rewst)to reduce toil and automate evidence/control checks.

• Provide requirements to platform/automation teams for multitenant patterns.

Qualifications :

Required Qualifications

• 7 years designing and implementing Microsoft cloud security solutions.

• Expertise with Microsoft Entra ID Intune Microsoft Defender (Endpoint/Identity/Office/Cloud) Microsoft Sentinel Microsoft Purview and core Azure security services.

• Strong documentation skills (HLD/LLD diagrams build guides) and executivelevel communication.

• Proficiency with PowerShell and at least one IaC/automation tool (Bicep/Terraform Logic Apps/Power Automate).

• Experience with Azure Government or Microsoft 365 GCC High (deep in one able to ramp quickly on the other).

• Education: College degree preferred not required.

Preferred (Nice to Have)

• Handson experience mapping and implementing CMMC Level 2 (or NIST 800171) technical controls in Microsoft cloud.

• Experience in DIB or publicsector environments

• Prior GCC High migrations/tenant separations; knowledge of Microsoft GCC High Licensing and Microsoft NCE basics.

• Familiarity with PSA/RMM concepts for clean managedservices handoffs.

• Certifications: SC100 AZ500 one or more of SC200/300/400 AZ104/AZ305 MS102; security/CMMC credentials (e.g. CCP CISSP).

• Contributions to SSP/POA&M and audit preparation with assessors.

Additional Information :

Compensation & benefits

• Competitive executive compensation (base performance bonus stock options after first year).

• Comprehensive benefits (medical retirement PTO professional development).

• Missiondriven work that directly strengthens the national security supply chain.

Remote Work :

Yes

Employment Type :

Full-time