Avertium is hiring a Security Solutions Architect to join their Security team. Avertium is a cyber fusion and MXDR leader, delivering comprehensive security and compliance services to mid-market and enterprise customers. Key skills: AI.
The Security Solutions Architect (SSA) is a trusted advisor and technical subject-matter expert embedded in Avertium’s sales organization, partnering with Account Executives, partners, and customers throughout the pre-sales process. The SSA translates customer security and compliance challenges into well-scoped Avertium solutions owing the technical narrative from first conversation through signed Statement of Work (SOW) and clean handoff to delivery.
This role blends deep security and Microsoft-platform expertise with consultative selling. SSAs design phased security roadmaps, build custom SOWs and line-item Work Breakdown Structures (WBS), develop and deliver Microsoft envisioning workshops, present to technical and executive audiences, and develop the partner relationships that drive Avertium’s channel-led pipeline. The SSA is the technical engine behind one or more AE pipelines and a force multiplier for revenue growth across the Microsoft security, compliance, security operations, and AI-enablement portfolios. Preferred territory is central / mid-west region.
Pre-Sales Solutioning & Technical Advisory
Serve as the technical subject-matter expert across Avertium’s service portfolio, consulting customers on the solutions that best fit their security, compliance, and risk needs.
Align customer requirements to Avertium products and services in a phased, roadmap-driven approach that sequences quick wins against longer-term program goals.
Lead technical discovery, requirements gathering, and solution design for opportunities ranging from add-on engagements to multi-phase security programs.
Communicate Avertium’s value as a strategic information-security and compliance partner, not a point-product vendor.
Solution Design, SOW & WBS Development
Author custom Statements of Work and detailed line-item Work Breakdown Structures with accurate hours, scope boundaries, and assumptions.
Produce pricing and service configurations that ensure the right scope and margin for each opportunity, including add-ons and best-effort scoping scenarios.
Document scope nuances and exclusions (e.g., framework-specific carve-outs) so sellers have durable, reusable references for recurring client questions.
Develop reusable offerings and accelerators — starter kits, runbooks, and packaged WBS templates — that scale repeatable engagements.
Customer Engagement & Executive Communication
Prepare and lead technical meetings, demonstrations, and bake-offs, coordinating internal resources to align the technical strategy for each customer or prospect.
Present to C-suite executives and technical decision-makers; build and deliver technical presentation decks and webinars.
Participate in contract negotiations and in onsite meetings with clients and prospects as needed.
Facilitate post-sale planning and a seamless handoff of the customer to the delivery organization.
Microsoft Workshop Development & Delivery
Develop, maintain, and version Avertium’s catalog of Microsoft Envisioning Workshops — authoring delivery guides, modules, customer questionnaires, and toolkits, and keeping them current as Microsoft products evolve.
Facilitate and deliver workshops end to end across the engagement lifecycle — pre-engagement and readiness, setup and scoping, data collection, exploration, and results presentation — pairing value demonstration with hands-on customer experience.
Tailor mandatory and selectable workshop modules to each customer’s environment, tooling, and security priorities.
Use workshops to demonstrate Microsoft security value, surface findings, and generate follow-on pipeline; many qualify for Microsoft funding.
Partner & Channel Development
Develop, onboard, and maintain relationships with channel partners, technology advisors (TAs), and CSPs that drive new-logo and expansion pipeline.
Build partner-facing intro decks, run partner enablement sessions, and represent Avertium in competitive bake-offs.
Own warm introductions and relationship continuity for partner contacts within an assigned territory; conduct partner site visits to deepen high-value relationships.
Sales Collaboration & Pipeline Support
Act as the technical quarterback for one or more AE pipelines from opportunity identification through closure.
Maintain accurate opportunity records, notes, and handoff documentation in Salesforce so pipelines can operate without single-person dependency.
Participate in sales forecasting, planning, and pipeline reviews.
Provide knowledge transfer to sales staff on current and emerging service offerings.
Portfolio, Enablement & Continuous Learning
Represent customer needs in the development of new services and the refinement or retirement of existing offerings.
Maintain technical competency across existing and emerging services, with emphasis on the Microsoft security stack, compliance frameworks, and AI security.
Mentor peers and contribute to shared SA knowledge assets, opportunity documentation, and the SA shared library.
Avertium’s pre-sales motion has shifted decisively toward Microsoft security, compliance program work, security operations, and AI enablement. SSAs are expected to develop working-to-deep fluency across the following domains; Principal SSAs are expected to carry recognized depth in several.
|
Domain |
Representative Technologies & Activities |
|
Microsoft Data Security & Governance |
Microsoft Purview — Data Loss Prevention (DLP), Insider Risk Management, Data Classification, and Data Security Posture Management (DSPM) for AI. |
|
Identity & Endpoint |
Microsoft Entra ID and Identity & Access Management (Active Directory, IAM reviews and remediation); the Microsoft Entra Suite — including Entra ID Governance (entitlement management, access reviews, lifecycle workflows, PIM), Private Access, Internet Access, and Verified ID; Microsoft Intune device management, rollouts, and policy frameworks. |
|
Microsoft 365 Platform |
Microsoft 365 tenant migration and consolidation; Microsoft 365 Copilot adoption and Security Copilot readiness. |
|
Compliance Frameworks |
CMMC and NIST; ISO 27001; SOC; HIPAA, PCI, and HITRUST awareness. |
|
Security Operations |
MXDR and managed detection & response; Microsoft Defender XDR; EDR/MDR/AV (e.g., SentinelOne); SIEM concepts; how a Security Operations Center functions. |
|
Risk & Offensive Testing |
Third-party / vendor risk management; penetration test scoping across network, web, and mobile. |
|
AI Security & Enablement |
Securing AI adoption — DSPM for AI, Security Copilot readiness, and AI enablement for customer and partner teams; Microsoft Agent 365 for governing, securing, and managing AI agents across the enterprise. |
|
Cloud & Infrastructure |
Microsoft Azure architecture and security and Microsoft Defender for Cloud — secure landing zones, identity and network design; awareness of AWS/GCP; Windows operating systems and hypervisor technologies; networking fundamentals and troubleshooting. |
Required Qualifications
Minimum of 7 years of experience in information security, IT security, or IT administration, including customer-facing or pre-sales technical work.
Demonstrated ability to scope and document security engagements — SOWs, WBS with hours, and technical proposals.
Hands-on familiarity with the Microsoft security stack (Entra/IAM and at least one of Purview or Intune).
Working knowledge of at least one major compliance framework (CMMC/NIST 800-171, NIST CSF, or ISO 27001) and the ability to translate framework requirements into a remediation roadmap.
Understanding of enterprise security concepts and technologies — MDR/EDR, email security, and how a SOC operates.
Knowledge of data governance and data protection best practices.
Excellent verbal and written communication skills, including the ability to present to and influence C-suite stakeholders.
Proficiency with CRM-based opportunity management (Salesforce) and disciplined documentation habits.
Ability to establish and maintain positive, effective relationships with coworkers, clients, and partners.
Preferred Qualifications
Depth in Microsoft Purview (DLP, Insider Risk, Data Classification, DSPM for AI) and/or Intune and Entra ID.
The Microsoft Entra Suite (including Entra ID Governance, Private Access, Internet Access, and Verified ID) and Microsoft Agent 365 (AI agent governance and security) — both increasingly important to the role.
Experience with MXDR / SentinelOne and security operations positioning.
Experience with Microsoft Defender XDR and Microsoft Defender for Cloud is a plus.
Azure cloud architecture and security design experience — secure landing zones, network and identity architecture, and Azure security services — is ideal.
Experience with third-party risk platforms and methodology (e.g., OSINT) and vendor-risk program scoping.
Familiarity with Microsoft 365 tenant migration/consolidation and Copilot adoption engagements.
Experience developing and facilitating Microsoft Envisioning Workshops — or equivalent value-demonstration and hands-on workshops — across the full engagement lifecycle.
Knowledge of AI security best practices and emerging AI-governance requirements.
Expert knowledge of Zero Trust principles; strong email-security and networking knowledge.
Familiarity with FISMA, CIS Controls, and additional cloud platforms (AWS, GCP).
Experience developing channel partners, TAs, and CSP relationships within a partner-led sales motion.
Experience teaching or enabling technical content, formally or informally.
Certifications
Candidates are expected to achieve and maintain relevant technical certifications. CISSP and the Microsoft certifications tied to Avertium’s core focus areas — data security and governance, identity, endpoint, and security operations — are strongly preferred.
CISSP (ISC2) — the baseline security credential for this role; required or strongly preferred.
Microsoft Information Protection & Compliance Administrator (SC-400) — aligned to Microsoft Purview — DLP, Insider Risk Management, Data Classification, and DSPM for AI.
Microsoft Identity & Access Administrator (SC-300) — aligned to Microsoft Entra ID and Identity & Access Management.
Microsoft Endpoint Administrator (MD-102) — aligned to Microsoft Intune device management and policy.
Microsoft Security Operations Analyst (SC-200) — aligned to MXDR, Microsoft Defender, and Security Copilot.
Microsoft Cybersecurity Architect (SC-100) — expert-level credential; strongly preferred for Principal SSAs.
Microsoft Azure — AZ-500 (Azure Security Engineer) and AZ-305 (Azure Solutions Architect Expert) are ideal, reflecting the role’s Azure architecture and security focus.
Additional credentials a plus — Microsoft SC-900 (Security, Compliance & Identity Fundamentals), MS-102 (Microsoft 365 Administrator); CISM or CISA; CMMC (CCP/CCA); ISO 27001; and SentinelOne certifications.
Core Competencies
Consultative selling — frames technical solutions in business terms and earns trusted-advisor status.
Ownership & reliability — drives opportunities to closure and keeps documentation current so no account depends on a single person.
Communication & executive presence — clear, confident, and credible with both engineers and executives.
Collaboration — works seamlessly with AEs, delivery, partners, and leadership.
Adaptability & curiosity — continuously builds expertise as the Microsoft and AI-security landscape evolves.
Partner orientation — cultivates the channel relationships that fuel pipeline.
Travel & Work Environment
This position requires up to 25% travel; travel is frequently outside the local area and may include overnight stays.
Travel supports client meetings, partner site visits, bake-offs, and onsite sales engagements.
Remote-first with regional alignment to the assigned territory and partner ecosystem.
Etched·Remote
Matter Labs·Remote — United States
Technitask·Toronto (Remote)
Suno·Remote NYC, San Francisco