Cyber Security Architect & Strategist

Overview

Join Cloud Operations + Innovation (CO+I), the organization behind the technology and infrastructure that powers Microsoft's cloud. Within CO+I, the Security Engineering & Critical Infrastructure (SECI) team is at the forefront of ensuring the security and safety of our global cloud operations and critical infrastructure.

We are seeking a Cyber Security Architect & Strategist specializing in Operational Technology (OT) security to shape and drive the architecture vision for Microsoft's critical infrastructure (datacenters and industrial systems). You will lead strategy, reference architectures, design patterns, and engineering governance that protect high consequence environments, partnering deeply across engineering, operations, and program teams. This role carries strategic scope and influence, translating business and risk objectives into scalable technical capabilities and standards and requires candidates to have a strong track record of developing partnerships across business divisions.

Responsibilities

• Set and maintain the OT security architecture strategy for critical infrastructure services; define principles, guardrails, and roadmaps that mature security capabilities. Establish mechanisms to govern expectations, edge cases, and cross functional dependencies.
• Translate business goals into security designs across identity, network, devices, data, applications, and operations using Zero Trust-aligned patterns including defining clear success criteria and metrics ensuring teams integrate these principles to preclude vulnerabilities.

• Build deep partnerships and mentorships across Microsoft to align architecture with build/operate workflows and program priorities to address threats and encourage innovation for unified systemic solutions.
• Apply NIST CSF 2.0-aligned controls across datacenter systems; partner with Azure/security teams on governance, posture management, and detect/respond patterns. Translate evolving regulatory frameworks (e.g., NIS2) into actionable engineering and operational guidance.
• Drive the utilization of automation and AI to prioritize and realize improvements to organizational strategy, processes, products, services, and solutions.

• Serve as a key member of our Architect Review Board (ARB) and partner across organizations to review designs, advise on threat models, Bill of Material/SKU changes for new innovations or iterative designs.
• Drives the execution of organizational strategies related to the identification of data requirements and gaps in measurement and implements mitigation strategies to close gaps. Influences best practices around the prioritization of findings and ensures resolution of high-priority issues.
• Ensure alignment between OT cybersecurity strategy, physical infrastructure realities, and evolving operational models, ensuring defensible, scalable, and pragmatic architectures.
• Drives and facilitates of knowledge-sharing sessions, workshops, and participation in external security events to enhance expertise and industry presence.
• Define and track cyber security specific Key Performance Indicators demonstrating architecture maturity, adoption, and compliance outcomes, recognizing long-term value creation in focus areas.
• Facilitates partnership with Microsoft Red Team and other security teams; serves as a resource on how weaponized code can impact operations across teams. Empowers teams to identify and recommend tactical tools for larger scale automation.

Qualifications

Required/minimum qualifications

• Doctorate in Statistics, Mathematics, Computer Science, or related field AND 3+ years' experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
• OR master's degree in Statistics, Mathematics, Computer Science, or related field AND 4+ years' experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
• OR bachelor's degree in Statistics, Mathematics, Computer Science, or related field AND 6+ years' experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
• OR equivalent experience.

While not required, we also look for the followingPreferred Qualifications:

• 3+ years of informal or indirect team leadership experience.
• 2+ years' experience leading a security function (e.g., Security Operations Center [SOC], threat and vulnerability management).
• CISSP, CISA CISM, SANS OSCP, Security+
• Proven OT/ICS expertise (PLC/RTU, SCADA/HMI, industrial networking, safety systems), with 8+ years designing secured industrial systems and leading cross-functional architecture efforts at enterprise scale.

Background Check Requirements:

Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings:

• Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.

#COICareers | #EPCCareers | #DCDCareers

Security Operations Engineering IC5 - The typical base pay range for this role across the U.S. is USD $139,900 - $274,800 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $188,000 - $304,200 per year.

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here:
;br>
This position will be open for a minimum of 5 days, with applications accepted on an ongoing basis until the position is filled.

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance with religious accommodations and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.