Security Architect (Managed Services / Client-Facing)
Role Overview:
Opensity Solutions is seeking a highly experienced Security Architect to establish and mature security foundations across our client portfolio. This role is responsible for defining and implementing reference security architectures, driving best-in-class security standards, and leading response efforts during security incidents.
The Security Architect will operate as both a strategic advisor and hands-on technical leader, ensuring alignment with industry frameworks (e.g., CIS Benchmarks) while tailoring solutions to the unique needs of legal-sector clients and complex MSP environments.
Key Responsibilities:
Security Architecture & Strategy
· Define, maintain, and evolve reference security architecture standards across client environments (cloud, hybrid, and on-prem).
· Design scalable, repeatable security frameworks aligned to CIS Benchmarks, Zero Trust principles, and industry best practices.
· Establish baseline security configurations for:
o Identity & Access Management (Entra ID / Azure AD)
o Endpoint Security (Microsoft Defender suite)
o Network Security (firewalls, segmentation, DNS protection)
o Data Protection & Compliance
Client Security Enablement
· Serve as a trusted advisor to clients, translating security strategy into actionable roadmaps.
· Lead security assessments and remediation planning leveraging tools such as Rapid7 and Inforcer.
· Develop and standardize security offerings within the MSP model (e.g., Secure Score improvements, vulnerability management programs).
Incident Leadership & Response
· Act as the technical lead during security events and incidents, coordinating cross-functional response efforts.
· Provide guidance on containment, eradication, and recovery strategies.
· Conduct post-incident reviews and implement architectural improvements to prevent recurrence.
Tooling & Security Operations Alignment
· Architect and optimize integrations across security tooling, including:
o Rapid7 (vulnerability management / SIEM)
o Microsoft Defender (Endpoint, Identity, Cloud)
o Cisco Umbrella (DNS-layer security)
o Inforcer (Secure Score and posture management)
· Partner with NOC, Engineering, and Security Operations teams to ensure:
o Effective alerting and escalation workflows
o Reduction of false positives
o Alignment with ServiceNow-driven incident processes
Infrastructure & Cloud Security
· Design and secure Microsoft Azure environments, including:
o Azure networking and segmentation
o Identity and conditional access policies
o Defender for Cloud and cloud workload protection
· Provide architectural oversight for:
o Server infrastructure (Windows/Linux)
o Virtualization platforms
o Backup and disaster recovery security considerations
Governance, Risk & Compliance
· Ensure client environments align with industry standards and regulatory expectations, particularly within the legal sector.
· Contribute to security policy development, standards, and documentation.
· Support audits, risk assessments, and compliance initiatives.
Required Qualifications:
· 10+ years of experience in cybersecurity, with a strong focus on architecture and design
· Proven experience in an MSP or multi-client environment
· Deep expertise across:
o Microsoft Azure and Azure security best practices
o Identity & Access Management (Entra ID / Azure AD)
o Endpoint security (Microsoft Defender suite)
o Networking, firewalls, and secure architecture design
· Hands-on experience with:
o Rapid7
o Inforcer
o Cisco Umbrella
· Strong understanding of:
o CIS Benchmarks
o Zero Trust architecture
o Security frameworks (NIST, ISO 27001, etc.)
Certifications (Required / Preferred)
· Bachelor’s degree in Cybersecurity, Information Technology, or related field (or equivalent experience)
· One or more advanced certifications strongly preferred:
o CISSP (Certified Information Systems Security Professional)
o CISM (Certified Information Security Manager)
o CCSP (Certified Cloud Security Professional)
o Microsoft Security Certifications (e.g., SC-100, SC-200)
o Azure Solutions Architect Expert (AZ-305)
Key Competencies
· Strategic thinker with the ability to translate security into business value
· Strong incident leadership and crisis management capabilities
· Excellent client-facing communication skills, including executive-level engagement
· Ability to operate across multiple clients and environments simultaneously
· Deep understanding of MSP delivery models, SLAs, and operational workflows
Success Metrics
· Measurable improvement in client security posture (e.g., Secure Score, vulnerability reduction)
· Reduction in security incident frequency and severity
· Adoption of standardized reference architectures across clients
· Improved MTTR for security incidents
· Increased client satisfaction and trust in Opensity’s security capabilities
