Senior Solutions Architect

You will join a small group of highly experienced engineers as one of the senior architects on the team. This is a deeply technical and high-impact role focused on designing secure, scalable, and compliant environments for clients. You will be responsible for evaluating complex infrastructures, defining architectural strategies, leading migrations, and supporting high-level technical escalations. This is not an implementation role — your value lies in decision-making, system design, and solving complex problems beyond standard procedures. Key Responsibilities Conduct technical assessments and gap analyses across client environments (networks, identity, M365, Azure, AWS, endpoints, and security posture) Design remediation plans and upgrade roadmaps based on risk prioritization and business impact Lead end-to-end migration initiatives: discovery, architecture design, coordination, execution, and stabilization Architect AWS and Azure environments, including multi-account strategies, networking, identity, and security baselines Strengthen Active Directory environments (tiered administration models, privileged access management, GPO reviews, legacy protocol remediation, attack path reduction) Enhance Microsoft 365 security (Entra ID Conditional Access, Identity Protection, Defender suite, Exchange Online security, Purview, Intune baselines) Translate security and compliance frameworks (NIST CSF, NIST 800-53/171, CMMC, HIPAA, SOC 2, ISO 27001, PCI DSS, CIS Controls) into actionable technical implementations Act as a senior escalation point for MSP, MSSP, and Incident Response teams Support incident response engagements with deep expertise in identity, architecture, and forensic analysis Apply an engineering mindset to improve efficiency through automation, scripting, and tooling where applicable Requirements 7+ years of experience in senior IT architecture, infrastructure engineering, cloud, or DevOps/SRE roles Proven experience working in MSP, MSSP, or Incident Response environments Deep understanding of networking at the protocol level (not just configuration) Hands-on experience architecting solutions in both AWS and Azure Strong expertise in Active Directory hardening, permissions modeling, and legacy system remediation Extensive experience with Microsoft 365 security (Entra ID, Exchange Online, SharePoint, Defender, Purview, Intune) Solid background in security and compliance frameworks, with the ability to translate them into technical controls Working knowledge of SIEM platforms (e.g., Sentinel, Splunk, Elastic) for architecture and troubleshooting Working knowledge of EDR/AV tools (e.g., CrowdStrike, SentinelOne, Defender for Endpoint) Experience with RMM and PSA tools (e.g., ConnectWise, NinjaRMM, Datto, Kaseya, HaloPSA) Real-world incident response experience (not only simulations) Strong scripting and automation skills (Python, PowerShell, Bash, Terraform, etc.) Excellent written and spoken English Nice to Have Experience with AI / LLM-based tools AWS or Azure certifications (Solutions Architect Professional, Security Specialty) Security certifications (CISSP, OSCP, GCIH, GCIA, GCFA) Experience in managed IT environments Logistics 100% remote (global, with reliable internet) Full-time position Flexible schedule, with expected availability during critical incidents