Cloud Solution Architect - Security (SFMC)

• Responsible for delivering Support Mission Critical Service offerings, collaborating with CSU (including CSAs, CSAMs), CSS, Engineering, and other teams as needed. This role ensures a cohesive, cross-delivery organizational experience for customers on their critical workloads, while showcasing progress, evolution, and improvements as outcomes.
• Direct accountability to lead the Proactive Resiliency Efforts, coordinate with other teams on the Accelerated Incident Resolution, and Monitoring & Observability features of an offering.
• Proactive Resiliency: Lead technical engagement with specific workloads that prioritizes Reliability, Security, Supportability, Manageability, and Monitoring and Observability.
• Coordinating the onboarding phase which includes the Consolidated Assessment Week Delivery.
• Remediate proactive recommendations for the specified workloads identified.
• Plan and implement both a Workload-Specific Service Improvement Plan and a Customer Success Plan.
• Accelerated Incident Resolution: Awareness and visibility into critical incidents to ensure RCAs and recommendations are captured and linked to Proactive Resiliency efforts.
• Monitoring & Observability: Collaborate with relevant resources when engaged to help onboard the customer efficiently and effectively, prioritizing customer experience and effort, as well as drive customer-owned monitoring to enable and improve customer's observability capabilities.
• Cross-Team Leadership:Build partnership with CSAM to ensure roles are clearly understood and responsibilities are established, maintaining partnership throughout contract and relying on CSAM for account escalation. Coordinate with the leads of the Accelerated Incident Resolution work stream and, when required, the Proactive Monitoring work stream with our internal partners.
• Collaborate with support and stakeholders to ensure there is a comprehensive, up-to-date KnowMe available across various teams including CSS.
•  Work with internal teams to request, augment with KnowMe, and share RCAs to customer.
• Planning and delivering proactive and reactive support including onsite presence as needed.
• Work with a larger customer account team to strengthen customer relationships and to work on Microsoft cloud and security innovation strategies that allow you to develop an immediate and long-term Customer Success Plan and Value Based Delivery for reactive and proactive needs.
• Identify and manage customer goals and Support for Mission Critical (SfMC) opportunities across Microsoft Security to improve the quality, consumption, and health of the customer's solution.
• Drive and participate in proactive delivery management as well as spot security issues, analyze threats, and drive activities focused on hardening and optimizing your customer's security posture.
• Work with internal Microsoft support teams, account teams, product engineering and service engineering teams and other stakeholders to ensure a streamlined and efficient customer support experience.
• Apply and share lessons learned for continuous process and delivery improvement for the customer and peers.
• Engage in meetings with your customers and account teams to review Support for Mission Critical services, customer support issues, and articulate your Customer Success Plans.
• Share and gain knowledge through technical communities.
• Contribute to on-call rotations to ensure a high quality of service for the critical incidents created by Support for Mission Critical customers.

• Proven experience in Security Architecture, Security Operations, or Mission Critical Support for enterprise customers.
• Deep knowledge of Microsoft Security solutions including:
  •  Microsoft Sentinel(SIEM): Log analytics, KQL query authoring, detection rules, workbooks, and automated response playbooks.
  • Microsoft Defender XDR** (Extended Detection and Response): Defender for Endpoint, Defender for Office 365, Defender for Identity, Defender for Cloud Apps — unified incident investigation and response.
  • Microsoft Defender for Cloud: Cloud Security Posture Management (CSPM), Cloud Workload Protection (CWP), security recommendations, and regulatory compliance dashboards.
  •  Microsoft Entra ID (Identity & Access): Conditional Access, Privileged Identity Management (PIM), Identity Protection, and Zero Trust architecture.
  • Strong troubleshooting skills across security incidents, identity-related issues, and threat investigation workflows.
  • Familiarity with Zero Trust principles, defense-in-depth strategies, and security operations center (SOC) processes.

• Demonstrated ability to manage high-severity security incidents and provide rapid mitigation strategies.
• Experience working with customers in highly regulated industries (financial services, government, critical infrastructure).

• Excellent verbal and written communication skills for executive-level security briefings and technical deep dives.
• Ability to collaborate across engineering, product groups, and global support teams
• Business fluency in Japanese.

Advanced Technical Skills

• Expertise in threat hunting using KQL across Microsoft Sentinel and Microsoft 365 Defender advanced hunting.
• Knowledge of SOAR (Security Orchestration, Automation, and Response) including Microsoft Sentinel playbooks and Logic Apps integration.
• Experience with Microsoft Purview(Information Protection, Data Loss Prevention, Insider Risk Management).
• Familiarity with Microsoft Intune and endpoint security management (device compliance, attack surface reduction).
• Understanding of cloud-native security architecture patterns (network segmentation, private endpoints, key vault management).
• Site reliability / operational troubleshooting experience for security-critical environments.

• Prior experience supporting security operations for large-scale enterprise environments (e.g., financial platforms, government agencies, critical national infrastructure).
• Familiarity with regulatory compliance frameworks and data security standards (ISO 27001, SOC 2, NIST CSF, PCI-DSS, FISC, ISMAP).

• Ability to lead security posture reviews, drive post-incident analysis, and influence security engineering roadmaps.
• Experience in stakeholder management across global time zones.

Certifications

• Microsoft Certified: Security Operations Analyst Associate (SC-200).
• Microsoft Certified: Azure Security Engineer Associate (AZ-500).
• Microsoft Certified: Identity and Access Administrator Associate (SC-300).
• Microsoft Certified: Information Protection and Compliance Administrator Associate (SC-400).
• CISSP, CISM, or equivalent industry security certification.
• ITIL or similar certification for service management.
• Bachelor's degree in Computer Science, Information Security, Engineering, or related technical field OR equivalent professional experience.

This position will be open for a minimum of 5 days, with applications accepted on an ongoing basis until the position is filled.

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance with religious accommodations and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.