Security Architect — M365 & D365

Security Architect — M365 & D365Offshore (India) • Full-Time • Immediate HireJob Description Field Detail Job Title Security Architect — M365 & D365 Location India (Remote / Cloud Reboot Offshore Delivery Center) Type Full-Time, Permanent Reports To Client IT / Security Leadership (dotted line to Cloud Reboot Engagement Lead) Overlap Hours Minimum 4 hours daily overlap with client US time zone Start Immediate — target onboarding next week What This Role Is AboutWe need a hands-on Security Architect who can own the security posture across our Microsoft 365 and Dynamics 365 environment. This is not a /"review and recommend/" role — you will be the person actually driving security initiatives from design through implementation, working directly with our teams.You will be responsible for both keeping what we have today secure and building out new security capabilities as the business grows. Think of it as being the single point of accountability for /"is our Microsoft cloud environment secure?/"What You Will Actually DoDay-to-Day Security Operations•        Own the security configuration of our M365 tenant — Entra ID, Conditional Access policies, MFA, DLP, and tenant-level security settings•        Manage and continuously improve security for our D365 environment — security roles, RBAC, field-level security, business unit access boundaries•        Review and harden Power Platform governance — DLP connector policies, environment isolation, Power Automate flow permissions•        Monitor security alerts, investigate issues, and drive remediation when things come up•        Be the go-to person when the team has security questions about how to build or configure something safelyArchitecture & New Initiatives•        Design security architecture for new D365 and M365 projects before they go into development•        Evaluate and recommend security controls when we adopt new Microsoft services or integrations•        Build out our incident response capability — playbooks, escalation paths, detection rules•        Drive compliance initiatives (SOC 2, GDPR, HIPAA as applicable) from a technical controls perspective•        Define and maintain security baselines and standards that the broader team followsIntegration & Infrastructure Security•        Secure integrations between D365 and external systems — API security, OAuth configurations, secret management•        Review CI/CD pipelines (Azure DevOps / GitHub) for security gaps — secrets in pipelines, service connection permissions, branch protection•        Assess and harden network-level controls for D365-connected infrastructure — NSGs, Private Endpoints, WAF configurationsCollaboration & Communication•        Work directly with the client IT team, business stakeholders, and external vendors•        Translate security risks into business language that non-technical stakeholders can act on•        Produce clear, concise documentation — security architecture diagrams, risk assessments, decision memos•        Participate in daily stand-ups and weekly reporting during overlap hoursWhat You Need to HaveMust-Have•        8+ years in cloud security, with at least 4 years focused on Microsoft ecosystems•        Solid working knowledge of Microsoft Entra ID (Azure AD), Conditional Access, and M365 security stack•        Hands-on experience with Dynamics 365 security model — security roles, business units, field-level security, Dataverse RBAC (CE and/or F&O)•        Practical experience with Power Platform governance — DLP policies, connector management, environment strategy•        Understanding of Azure networking basics as they relate to D365 workloads — NSGs, Private Endpoints, VNets•        Experience designing and implementing security controls, not just assessing them•        Clear English communication with US-based teams, both written and on video calls•        Comfortable working independently in an offshore model with limited hand-holdingNice-to-Have•        Microsoft certifications: SC-100 (Cybersecurity Architect), SC-200, SC-300, or PL-600•        CISSP, CISM, or equivalent industry certification•        Experience with Microsoft Sentinel, Purview, or Defender for Cloud•        Background in compliance frameworks — SOC 2, GDPR, HIPAA, NIST•        Prior experience working in an offshore delivery model for US clients•        Familiarity with Azure DevOps / GitHub CI/CD security practicesWhat We Are Not Looking For•        Someone who only does assessments and writes reports but does not implement — this role requires hands-on execution•        A generalist who touches everything lightly — we need real depth in the Microsoft security stack•        Someone who needs a large team to be effective will often be the only security-focused person on initiatives

Apply Now