HimalayasHimalayas logo
BlueVoyantBL

Client Security Architect

BlueVoyant provides AI-driven internal, external, and supply chain cyber defense, all within one powerful Security Operations Platform.

BlueVoyant

Employee count: 501-1000

United Kingdom only

Stay safe on Himalayas

Never send money to companies. Jobs on Himalayas will never require payment from applicants.

Client Security Architect (Microsoft Defender & Sentinel)
Location:United Kingdom (Remote)

We are looking a delivery-focused, client-facing Security Architect with expert-level knowledge of Microsoft Defender and Microsoft Sentinel.

Reporting to the Senior Manager of Architecture, you will lead technical design and implementation, develop advanced detections and use cases, and provide ongoing architecture guidance for enterprise clients across UK and EMEA.

This role ensures secure configuration, governance, and effective adoption of Microsoft security technologies. Primarily delivery-focused, with occasional pre-sales support.


Key Responsibilities

  • Act as technical lead architect for assigned clients, owning design, deployment, feature enhancements, and overall technical direction.
  • Perform hands-on deployment, configuration, administration, and management of Microsoft Sentinel and the Microsoft Defender suite.
  • Develop SOC/XDR use cases, detections, playbooks, and dashboards (operational and executive).
  • Conduct advanced event analysis leveraging SIEM/XDR; provide tuning recommendations and best practices to internal teams and clients.
  • Maintain and troubleshoot solutions across complex on-premises and cloud environments; assist customers in improving security posture.
  • Collaborate with Customer Success Managers, Deployment Engineering, and Architecture teams for seamless service delivery.
  • Provide occasional support for demos, RFP responses, and proof-of-concept evaluations.
  • Work effectively across UK and EMEA time zones; maintain deep technical expertise through continuous learning.


Deep Microsoft Defender Expertise

Lead architecture and optimization across the Defender portfolio:

  • Defender for Endpoint: onboarding at scale, ASR rules, EDR configurations, TVM, device control, web filtering, Live Response, advanced hunting.
  • Defender for Office 365: anti-phishing, Safe Links/Safe Attachments, mailbox intelligence, attack simulation, reporting/tuning.
  • Defender for Identity: sensor deployment, detections, SIEM/XDR integration, identity threat investigations.
  • Defender for Cloud Apps: policy design (session controls, app governance, OAuth risk), data protection, cloud discovery.
  • Defender for Cloud: CSPM/CWPP for Azure and hybrid workloads; Azure Security Benchmark alignment.
  • Integrate Defender signals with Sentinel (data connectors, analytics rules, incidents, playbooks); drive end-to-end incident response workflows.
  • Advise on Microsoft security licensing, feature enablement (E5/Defender plan mappings), and cost optimization.


Qualifications & Experience:

  • 7+ years technical experience in cybersecurity.
  • Extensive hands-on experience deploying and operating Microsoft Sentinel and Microsoft Defender suite (Endpoint, Identity, Office 365, Cloud Apps, Defender for Cloud).
  • Practical experience with Microsoft Entra ID (Azure AD), Microsoft 365, Azure Log Analytics, Logic Apps, and related services.
  • Familiarity with broader security technologies: EDR (CrowdStrike, Carbon Black), SOAR, Splunk, NGAV, firewalls.
  • Strong knowledge of Windows/macOS, virtualization, networking protocols, certificates, SQL Server, and hybrid environments.
  • Experience in complex IT environments (on-premises and cloud).
  • Excellent customer-facing skills; strong written and verbal communication.
  • Ability to provide tuning recommendations and handle high-pressure situations professionally.
  • Ability to work independently and collaboratively across diverse teams.

Advanced Competencies:

  • Advanced event analysis with SIEM/XDR.
  • Advanced experience with Microsoft Defender tools.
  • Advanced scripting: KQL for Sentinel/Defender hunting; PowerShell or Python a plus.
  • Understanding of Microsoft security licensing and cost optimization.
  • Knowledge of Microsoft Copilot for Security and integration with Sentinel/Defender workflows is a plus.

Certifications (Preferred):

  • Microsoft: AZ-500, SC-200, SC-300, MS-500.
  • Industry: CISSP, CISM, CEH, or SANS.

About BlueVoyant
At BlueVoyant, we recognize that effective cyber security requires active prevention and defense across both your organization and supply chain. Our proprietary data, analytics, and technology, coupled with deep expertise, works as a force multiplier to secure your full ecosystem. Accuracy! Actionability! Timeliness! Scalability!

Led by CEO, Jim Rosenthal, BlueVoyant’s highly skilled team includes former government cyber officials with extensive frontline experience in responding to advanced cyber threats on behalf of the National Security Agency, Federal Bureau of Investigation, Unit 8200, and GCHQ, together with private sector experts. BlueVoyant services utilize large real-time datasets with industry leading analytics and technologies.

Founded in 2017 by Fortune 500 executives, including Executive Chairman, Tom Glocer, and former Government cyber officials, BlueVoyant is headquartered in New York City and has offices in Maryland, Tel Aviv, San Francisco, London, Budapest, and Latin America.

BlueVoyant uses AI-assisted tools within our applicant tracking system to help identify candidates whose experience and skills best match the requirements of a role. This technology provides hiring teams with additional insights to support fair and efficient hiring decisions. Please note that all applications are reviewed by a member of our hiring team, and final hiring decisions are made by humans, not AI. By submitting your application, you acknowledge that AI tools may assist in the evaluation of your resume as part of the recruitment process. For more information on how we process your personal data, please review our Candidate Privacy Notice available at https://www.bluevoyant.com/candidate-privacy-notice.

All employees must be authorized to work in the United Kingdom. BlueVoyant provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, BlueVoyant complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities.

BlueVoyant Candidate Privacy Notice

To understand how we secure and manage your personal data upon submitting a job application, please see our Candidate Privacy Notice, which can be found here - Candidate Privacy Notice

About the job

Apply before

Posted on

Job type

Full Time

Experience level

Senior

Location requirements

United Kingdom

Hiring timezones

United Kingdom +/- 0 hours

Job categories

MS Deployment ServicesSenior Security ArchitectPrincipal Security ArchitectSenior Client Solutions ArchitectSenior Security Solutions Architect

Skills

Microsoft DefenderMicrosoft 365 DefenderDefender For Cloud AppsAzure SentinelAzureLog AnalyticsLogic AppsAzure EntraMicrosoft Office 365PowerShellPythonCrowdstrikeBlackSQLSplunkWindowsMacOS

About BlueVoyant

Learn more about BlueVoyant and their company culture.

View company profile

BlueVoyant provides AI-driven internal, external, and supply chain cyber defense, all within one powerful Security Operations Platform. Our Cyber Defense Platform (CDP) integrates internal, external, and third-party defense into a seamless, scalable solution. We leverage world-class technology, telemetry, and talent to deliver rock-solid cyber defense capabilities that protect against cyber attacks.

Founded in 2017, BlueVoyant utilizes advanced AI technology paired with expert human insight to monitor networks, endpoints, and supply chains in real time. Our services also extend to the clear, deep, and dark web, providing clients with extensive protection against emerging vulnerabilities. Trusted by over 1,000 clients globally, we have been recognized as the 2024 Microsoft Worldwide Partner of the Year, setting the standard for modern cyber defense. Our commitment to delivering positive security outcomes is reflected in our outcomes-based approach to solutions.

Claim this profileBlueVoyant logoBL

BlueVoyant

Company size

501-1000 employees

Founded in

2017

Chief executive officer

James Rosenthal

Markets

CybersecurityAI Driven SecuritySupply Chain SecuritySecurity Operations PlatformsThreat IntelligenceNetwork SecurityEndpoint SecurityDark Web MonitoringThird Party Risk ManagementCloud Security

Employees live in

United States
View company profile

Similar remote jobs

Here are other jobs you might want to apply for.

View all remote jobs

18 remote jobs at BlueVoyant

Explore the variety of open remote roles at BlueVoyant, offering flexible work options across multiple disciplines and skill levels.

View all jobs at BlueVoyant
Top remote companies

Remote companies like BlueVoyant

Find your next opportunity by exploring profiles of companies that are similar to BlueVoyant. Compare culture, benefits, and job openings on Himalayas.

View all companies

Find your dream job

Sign up now and join over 100,000 remote workers who receive personalized job alerts, curated job matches, and more for free!

Sign up
Himalayas profile for an example user named Frankie Sullivan