Role Description Armor Defense Inc. is seeking a Microsoft Security Architect / Senior Consultant to lead and deliver advanced consulting engagements across the full Microsoft security ecosystem. This role goes beyond a single product area, requiring deep architectural expertise spanning: - Microsoft Defender (Endpoint, Cloud, Identity, Office 365, and OT) - Microsoft Sentinel - Microsoft Purview (Information Protection, DLP, Data Governance) - Microsoft Entra (ID, Permissions Management, Verified ID, Workload Identities) - Conditional Access policy design The successful candidate will serve as a trusted advisor to enterprise customers, conducting security assessments, designing end-to-end security architectures, and implementing solutions that address modern threats, data protection requirements, AI readiness, and Zero Trust maturity. This role combines hands-on technical delivery with strategic advisory, pre-sales support, and the development of reusable intellectual property for Armor Defense's Professional Services practice. This is a contract engagement with flexibility for part-time or full-time commitment, depending on the project pipeline. In addition, based on the project pipeline, the possibility of conversion to a full-time employee also exists. The candidate will work closely with Armor Defense's delivery leadership, account teams, and Microsoft partner ecosystem to drive customer outcomes and expand Armor's consulting footprint. Qualifications - 4+ years of experience in cybersecurity, security engineering, sales engineering, or solution consulting, with a strong focus on Microsoft security technologies. - 2+ years of hands-on experience with Microsoft security solutions, including Microsoft Defender (full stack), Microsoft Sentinel, Microsoft Purview, Microsoft Entra, and Conditional Access. - 1+ years of customer-facing experience in a delivery, pre-sales, or consulting capacity. - Demonstrated expertise in endpoint, on-premises, and cloud security concepts, features, and reference architectures across the Microsoft platform. - Specific deep expertise in at least three of the following: Microsoft Sentinel (SIEM/ SOAR), the full Defender stack (including Defender for Cloud and OT), Microsoft Purview (Information Protection, DLP, Data Governance), Microsoft Entra (Identity Governance, Permissions Management), and Conditional Access policy design. - Experience leading and delivering consulting engagements with high-quality outcomes delivered on time and within budget. - Proven ability to develop technical and conceptual reference architectures for enterprise security environments. - Strong ability to correlate and communicate security gaps with their respective business risks to executive stakeholders. - Broad security expertise with a deep understanding of security principles, risk management, compliance frameworks, and Zero Trust architecture. - Excellent written and verbal communication skills in English, with senior-level presentation and stakeholder engagement capabilities. - Strong problem-solving skills and the ability to work independently and as part of distributed teams. - Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related discipline (or equivalent professional experience). Requirements - Relevant Microsoft Security certifications: SC-200 (Security Operations Analyst), SC-300 (Identity and Access Administrator), SC-400 (Information Protection Administrator), AZ-500 (Azure Security Engineer), or MS-500. - Experience with Microsoft Copilot for Security and understanding of AI-driven security operations. - Familiarity with Azure Information Protection (AIP) scanner, Microsoft Purview Data Governance (data cataloging, data map, lineage), and compliance portal capabilities. - Experience designing Conditional Access frameworks that integrate with Intune device compliance, Microsoft Defender for Cloud Apps, and risk-based authentication via Entra ID Protection. - Exposure to non-Microsoft security platforms (AWS Security Hub, GCP Security Command Center) for multi-cloud advisory engagements. - Experience with data governance frameworks such as DAMA-DMBOK and data protection regulations (GDPR, CCPA, HIPAA, PCI DSS, or regional equivalents). - Understanding of AI/ML data pipelines and the security and governance prerequisites for responsible AI deployment. - Prior experience in large-scale enterprise environments spanning financial services, healthcare, aviation, energy, telecommunications, or government. - Experience managing consulting engagements from the provider side, including SOW development, scope management, SLA delivery, and client relationship management. - CISSP, CISM, or other recognized industry security certifications. Benefits - Opportunity to shape the future of cybersecurity. - Be part of a team that celebrates energy, passion, and fresh thinking. - Flexibility in work arrangements. Company Description At Armor, we are committed to making a meaningful difference in securing cyberspace. Our vision is to be the trusted protector and de facto standard that cloud-centric customers entrust with their risk. We strive to continuously evolve to be the best partner of choice, breaking norms and tirelessly innovating to stay ahead of evolving cyber threats and reshaping how we deliver customer outcomes. Learn more at: https://www.armor.com

• Support DevSecOps and Software Engineers in developing secure platforms and effectively communicating regarding the risk posture of the platforms. • Support of full RMF lifecycle for authorization and re-authorization of existing and novel capabilities including regular communication with stakeholders and authorizing personnel. • Identification and reduction of system vulnerabilities to achieve compliance objectives. • Mentorship and proliferation of cybersecurity culture within team.

• Design, build, and maintain secure CI/CD pipelines with security gates that catch issues before they reach production. • Systematically, consistently and automatically capture the risk exposure of Chainguards products. • Implement and enforce software supply chain security controls: signed artifacts, SBOMs, provenance attestation (SLSA, Sigstore / Cosign). • Proactively identify emerging customer security needs, and build solutions to meet these. • Lead security architecture reviews and threat models for Kubernetes-based workloads running on GCP and AWS. • Harden container images, Kubernetes cluster configurations, and cloud IAM postures – minimising attack surface across our product stack. • Define and drive adoption of baseline security standards: pod security standards, network policies, workload identity, secrets management. • Evaluate and operationalise CNAPP / CSPM tooling to maintain continuous visibility into cloud-native risk.

• Own the product security research agenda for Chainguard scanning the broader ecosystem, identifying emerging attack patterns, and translating them into clear risks and opportunities for Chainguard and our customers. • Shape security direction across products and platforms, partnering closely with Product, Engineering, and Security leadership to embed your findings into roadmaps, architecture decisions, and long-term plans. • Operate as someone who sees the whole ecosystem, spots issues early, and helps others navigate with confidence (and just enough healthy paranoia). • Research emerging threats & trends in software supply chain and product security, and analyze their impact on Chainguard’s products and customers. • Design creative mitigations across people, process, and technology not just proof-of-concept demos, but pragmatic defenses that actually get adopted. • Lead large-scale, multi-quarter initiatives that materially reduce risk or improve our security maturity across multiple product lines and platforms. • Partner with executive and senior engineering leadership to drive org-level security strategy, influence key roadmap decisions, and secure buy-in for big, complex changes. • Identify systematic weaknesses (in systems, structures, and sometimes habits) and develop plans that fix root causes in ways that persist long after you’ve moved on to the next hard problem. • Mentor and uplevel others across Product Security and Engineering by helping teams think more strategically about threats, risk, and long-term security posture. • Represent Chainguard externally through talks, conferences, and thought leadership, sharing what we’re learning and helping move the industry forward.