Microsoft 365 & Azure Architect

A

Auriga Corporation

Microsoft 365 & Azure Architect

Los Angeles, CA
Full Time
Paid
  • Responsibilities

    Benefits:

    401(k)

    401(k) matching

    Competitive salary

    Dental insurance

    Flexible schedule

    Health insurance

    Opportunity for advancement

    Paid time off

    Profit sharing

    Relocation bonus

    Training & development

    Vision insurance

    AURIGA JOB POSTING

    Auriga Corporation was established in 1990, to provide high-quality design, engineering and project management services for Electric Power, Telecommunication and Information Technology systems. Auriga’s cliental includes: investor owned and municipal utilities, rail and transit agencies, federal, state and local government agencies, and international public and private sector organizations.

    Auriga Corporation currently has following vacancies in the Los Angeles, California Office:

    Microsoft 365 & Azure Architect

    Job Responsibilities:

    Own the architecture, configuration baseline, and lifecycle of the M365 tenant supporting active directory accounts, including Exchange Online, SharePoint Online, OneDrive, Teams etc.

    Define and enforce tenant-wide policies for identity, licensing, data loss prevention, retention, eDiscovery, best practices and information protection.

    Lead remediation of legacy configurations, technical debt, and drift accumulated in the existing M365 environment, with a clear roadmap to a hardened target state.

    Manage hybrid identity through Entra ID (Azure AD), Entra Connect, Conditional Access, and PIM, including integration with on-premises Active Directory and downstream applications.

    Govern Microsoft licensing strategy across E3, E5, and add-on SKUs to align entitlements with security requirements and budget constraints.

    Architect and operate Azure subscriptions, management groups, and policy structures aligned to Microsoft Cloud Adoption Framework and Zero Trust principles.

    Design, harden, and optimize Azure Virtual Machines and supporting services, including VM sizing, availability sets, scale sets, disk encryption, backup, patching, and Just-in-Time access.

    Implement and tune Microsoft Defender for Cloud, Defender for Servers, Microsoft Sentinel, and Azure Monitor to deliver actionable telemetry to the SOC.

    Partner directly with the Cybersecurity organization to translate security requirements into enforceable Microsoft platform controls.

    Implement and continuously improve Conditional Access, MFA, privileged access management, and identity governance across all M365 and Azure workloads.

    Maintain alignment with NIST 800-53 where applicable, CIS Microsoft 365 and Azure Benchmarks, and any state and federal mandates relevant to a transit agency.

    Establish secure configuration baselines for collaboration tooling that account for the operational realities of a 24/7 transit workforce.

    Minimum Requirements:

    Bachelor's degree in Computer Science, Information Systems, Cybersecurity, or a related field. Equivalent professional experience considered in lieu of a degree.

    Minimum 8 years of progressive experience designing and operating enterprise Microsoft environments, with at least 5 years focused on M365 and Azure at scale.

    Expert-level command of Microsoft 365 administration, including hands-on experience with tenants of 10,000 accounts or more.

    Demonstrated expertise in Azure IaaS and PaaS, with deep knowledge of Azure Virtual Machines, networking, storage, identity, and governance.

    Strong working knowledge of Active Directory, Group Policy, Windows Server, certificate services, and traditional on-premises Microsoft infrastructure.

    Proven track record applying NIST, CIS, or equivalent frameworks to Microsoft cloud environments.

    Proficiency with PowerShell, including Microsoft Graph, Exchange Online, and Azure modules.

    Excellent written and verbal communication skills, with the ability to brief both engineers and executives.

    Preferred Qualifications:

    Prior experience in a government, transit, utility, or other regulated public sector environment.

    Active Microsoft certifications such as Azure Solutions Architect Expert, Cybersecurity Architect Expert, Identity and Access Administrator, or Microsoft 365 Administrator Expert.

    Experience with Microsoft Sentinel, Defender XDR, Purview, and Intune at enterprise scale.

    CISSP, CCSP, or equivalent senior security certification.

    Hands-on experience with infrastructure-as-code, CI/CD pipelines, and GitHub or Azure DevOps in a controlled-change environment.

    Auriga is an Equal Opportunity Employer. Auriga provides compensation and benefits commensurate with the qualifications and experience.