Microsoft Cloud Solution Architect - Azure Government & Microsoft Office 36 at Agile IT

San Diego, California, United States -

Full Time

Start Date

Immediate

Expiry Date

12 Feb, 26

Salary

0.0

Posted On

14 Nov, 25

Experience

10 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Cloud Security, Microsoft 365, Azure Government, CMMC Compliance, Microsoft Entra ID, Intune, Microsoft Defender, Microsoft Sentinel, Microsoft Purview, PowerShell, Bicep, Terraform, Logic Apps, Automation, Documentation, Communication

Industry

IT Services and IT Consulting

Description

Company Description Agile IT is a Microsoft‑focused consulting and managed services provider. We help customers modernize and secure Microsoft 365, Azure, Azure Government, and Microsoft GCC High, with a mission to make CMMC Level 2 practical and sustainable through repeatable architectures, evidence automation, and managed operations. What you’ll work across (our services) Professional Services – Enablement (fixed‑price projects) Managed Services – Security & CMMC Compliance for Microsoft cloud and on‑premises systems Microsoft GCC High Licensing (secure onboarding & lifecycle operations) Complementary Partner Services (co‑delivered with strategic partners) Job Description You are a hands‑on cloud security architect who leads discovery, designs CMMC Level 2–aligned solutions, produces HLD/LLD and implementation plans, and guides delivery teams through build/migrate/hardening in Azure Government and Microsoft 365 GCC High. You’ll map NIST 800‑171/172 practices to Microsoft controls, accelerate time‑to‑audit‑ready, and create repeatable patterns our delivery and managed‑services teams can run at scale. Responsibilities Pre‑sales & Solutioning Lead technical discovery/workshops; translate business, compliance, and risk needs into secure cloud designs. Produce solution artifacts (HLD/LLD, diagrams, LOE inputs) and shape SOWs with Sales, ensuring delivery feasibility and margin. Package enablement offers that cleanly hand off to managed services with clear acceptance criteria and runbooks. Security & Compliance Architecture (Azure Gov / GCC High) Design CMMC L2 control implementations across Identity, Device, Data, and Threat: Identity/Access: Microsoft Entra ID (PIM, Conditional Access, MFA), Entra Connect/Cloud Sync, privileged access workstations. Endpoint/Device: Intune baselines, compliance/hardening, BitLocker, updates. Data Protection: Microsoft Purview (labels, DLP, Insider Risk), CUI scoping and data‑flow mapping. Threat: Microsoft Defender (Endpoint/Identity/Office/Cloud), Microsoft Sentinel (SIEM/SOAR), KQL analytics, playbooks. Cloud Platform: Azure Gov landing zones, Policy/Blueprint equivalents, Key Vault, Private Link, segmentation, logging/monitoring, BCDR. Define CUI boundary controls and evidence capture to support audit‑ready operations. Delivery Leadership & Handoffs Create build/runbooks and validation procedures; coach engineers during implementation. Contribute to SSP/POA&M inputs with GRC partners; ensure evidence is automated and durable. Transition finished solutions into Managed Services (SLAs/OLAs, monitors, alerts, dashboards, knowledge transfer). Thought leadership: Contribute talks, speaking engagment, webinars, and briefs that position Agile IT as the ideal CMMC partner. Automation & Operationalization Use PowerShell, Bicep/Terraform, Logic Apps/Power Automate—and when helpful, API integrators (e.g., n8n, Rewst)—to reduce toil and automate evidence/control checks. Provide requirements to platform/automation teams for multi‑tenant patterns. Qualifications Required Qualifications 7+ years designing and implementing Microsoft cloud security solutions. Expertise with Microsoft Entra ID, Intune, Microsoft Defender (Endpoint/Identity/Office/Cloud), Microsoft Sentinel, Microsoft Purview, and core Azure security services. Strong documentation skills (HLD/LLD, diagrams, build guides) and executive‑level communication. Proficiency with PowerShell and at least one IaC/automation tool (Bicep/Terraform, Logic Apps/Power Automate). Experience with Azure Government or Microsoft 365 GCC High (deep in one, able to ramp quickly on the other). Education: College degree preferred, not required. Preferred (Nice to Have) Hands‑on experience mapping and implementing CMMC Level 2 (or NIST 800‑171) technical controls in Microsoft cloud. Experience in DIB or public‑sector environments Prior GCC High migrations/tenant separations; knowledge of Microsoft GCC High Licensing and Microsoft NCE basics. Familiarity with PSA/RMM concepts for clean managed‑services handoffs. Certifications: SC‑100, AZ‑500, one or more of SC‑200/300/400, AZ‑104/AZ‑305, MS‑102; security/CMMC credentials (e.g., CCP, CISSP). Contributions to SSP/POA&M and audit preparation with assessors. Additional Information Compensation & benefits Competitive executive compensation (base + performance bonus + stock options after first year). Comprehensive benefits (medical, retirement, PTO, professional development). Mission‑driven work that directly strengthens the national security supply chain.

Responsibilities

Lead the design and implementation of CMMC Level 2-aligned cloud security solutions. Guide delivery teams through the build, migration, and hardening processes in Azure Government and Microsoft 365 GCC High.