Security Solutions Architect

• Serve as the technical subject-matter expert across Avertium’s service portfolio, consulting customers on the solutions that best fit their security, compliance, and risk needs. 

• Align customer requirements to Avertium products and services in a phased, roadmap-driven approach that sequences quick wins against longer-term program goals. 

• Lead technical discovery, requirements gathering, and solution design for opportunities ranging from add-on engagements to multi-phase security programs. 

• Communicate Avertium’s value as a strategic information-security and compliance partner, not a point-product vendor. 

• Author custom Statements of Work and detailed line-item Work Breakdown Structures with accurate hours, scope boundaries, and assumptions. 

• Produce pricing and service configurations that ensure the right scope and margin for each opportunity, including add-ons and best-effort scoping scenarios. 

• Document scope nuances and exclusions (e.g., framework-specific carve-outs) so sellers have durable, reusable references for recurring client questions. 

• Develop reusable offerings and accelerators — starter kits, runbooks, and packaged WBS templates — that scale repeatable engagements. 

• Prepare and lead technical meetings, demonstrations, and bake-offs, coordinating internal resources to align the technical strategy for each customer or prospect. 

• Present to C-suite executives and technical decision-makers; build and deliver technical presentation decks and webinars. 

• Participate in contract negotiations and in onsite meetings with clients and prospects as needed. 

• Facilitate post-sale planning and a seamless handoff of the customer to the delivery organization. 

• Develop, maintain, and version Avertium’s catalog of Microsoft Envisioning Workshops — authoring delivery guides, modules, customer questionnaires, and toolkits, and keeping them current as Microsoft products evolve. 

• Facilitate and deliver workshops end to end across the engagement lifecycle — pre-engagement and readiness, setup and scoping, data collection, exploration, and results presentation — pairing value demonstration with hands-on customer experience. 

• Tailor mandatory and selectable workshop modules to each customer’s environment, tooling, and security priorities. 

• Develop, onboard, and maintain relationships with channel partners, technology advisors (TAs), and CSPs that drive new-logo and expansion pipeline. 

• Build partner-facing intro decks, run partner enablement sessions, and represent Avertium in competitive bake-offs. 

• Own warm introductions and relationship continuity for partner contacts within an assigned territory; conduct partner site visits to deepen high-value relationships. 

• Act as the technical quarterback for one or more AE pipelines from opportunity identification through closure. 

• Maintain accurate opportunity records, notes, and handoff documentation in Salesforce so pipelines can operate without single-person dependency. 

• Participate in sales forecasting, planning, and pipeline reviews. 

• Provide knowledge transfer to sales staff on current and emerging service offerings. 

• Represent customer needs in the development of new services and the refinement or retirement of existing offerings. 

• Maintain technical competency across existing and emerging services, with emphasis on the Microsoft security stack, compliance frameworks, and AI security. 

• Mentor peers and contribute to shared SA knowledge assets, opportunity documentation, and the SA shared library. 

• Minimum of 7 years of experience in information security, IT security, or IT administration, including customer-facing or pre-sales technical work. 

• Demonstrated ability to scope and document security engagements — SOWs, WBS with hours, and technical proposals. 

• Hands-on familiarity with the Microsoft security stack (Entra/IAM and at least one of Purview or Intune). 

• Working knowledge of at least one major compliance framework (CMMC/NIST 800-171, NIST CSF, or ISO 27001) and the ability to translate framework requirements into a remediation roadmap. 

• Understanding of enterprise security concepts and technologies — MDR/EDR, email security, and how a SOC operates. 

• Knowledge of data governance and data protection best practices. 

• Excellent verbal and written communication skills, including the ability to present to and influence C-suite stakeholders. 

• Proficiency with CRM-based opportunity management (Salesforce) and disciplined documentation habits. 

• Ability to establish and maintain positive, effective relationships with coworkers, clients, and partners. 

• Depth in Microsoft Purview (DLP, Insider Risk, Data Classification, DSPM for AI) and/or Intune and Entra ID. 

• The Microsoft Entra Suite (including Entra ID Governance, Private Access, Internet Access, and Verified ID) and Microsoft Agent 365 (AI agent governance and security) — both increasingly important to the role. 

• Experience with MXDR / SentinelOne and security operations positioning. 

• Experience with Microsoft Defender XDR and Microsoft Defender for Cloud is a plus. 

• Azure cloud architecture and security design experience — secure landing zones, network and identity architecture, and Azure security services — is ideal. 

• Experience with third-party risk platforms and methodology (e.g., OSINT) and vendor-risk program scoping. 

• Familiarity with Microsoft 365 tenant migration/consolidation and Copilot adoption engagements. 

• Experience developing and facilitating Microsoft Envisioning Workshops — or equivalent value-demonstration and hands-on workshops — across the full engagement lifecycle. 

• Knowledge of AI security best practices and emerging AI-governance requirements. 

Candidates are expected to achieve and maintain relevant technical certifications. CISSP and the Microsoft certifications tied to Avertium’s core focus areas — data security and governance, identity, endpoint, and security operations — are strongly preferred. 

• CISSP (ISC2) — the baseline security credential for this role; required or strongly preferred. 

• Microsoft Information Protection & Compliance Administrator (SC-400) — aligned to Microsoft Purview — DLP, Insider Risk Management, Data Classification, and DSPM for AI. 

• Microsoft Identity & Access Administrator (SC-300) — aligned to Microsoft Entra ID and Identity & Access Management. 

• Microsoft Endpoint Administrator (MD-102) — aligned to Microsoft Intune device management and policy. 

• Microsoft Security Operations Analyst (SC-200) — aligned to MXDR, Microsoft Defender, and Security Copilot. 

• Microsoft Cybersecurity Architect (SC-100) — expert-level credential; strongly preferred for Principal SSAs. 

• Microsoft Azure — AZ-500 (Azure Security Engineer) and AZ-305 (Azure Solutions Architect Expert) are ideal, reflecting the role’s Azure architecture and security focus. 

• Additional credentials a plus — Microsoft SC-900 (Security, Compliance & Identity Fundamentals), MS-102 (Microsoft 365 Administrator); CISM or CISA; CMMC (CCP/CCA); ISO 27001; and SentinelOne certifications. 

Core Competencies 

• Consultative selling — frames technical solutions in business terms and earns trusted-advisor status. 

• Ownership & reliability — drives opportunities to closure and keeps documentation current so no account depends on a single person. 

• Communication & executive presence — clear, confident, and credible with both engineers and executives. 

• Collaboration — works seamlessly with AEs, delivery, partners, and leadership. 

• Adaptability & curiosity — continuously builds expertise as the Microsoft and AI-security landscape evolves. 

• This position requires up to 25% travel; travel is frequently outside the local area and may include overnight stays. 

• Travel supports client meetings, partner site visits, bake-offs, and onsite sales engagements. 

• Remote-first with regional alignment to the assigned territory and partner ecosystem.