Solutions Architect – Cybersecurity 

Join Sri Lanka’s Great Place to Work Awarded organization, Tech One Lanka!

We are an organization that celebrates the diversity of our teams, where everyone can be themselves and are empowered to do their best work. Our purpose is to build an empowered community with empathy and a growth mindset to build innovative solutions to achieve remarkable results. We foster a safe space for everyone to learn, grow, and have fun. This is why our people can’t believe that their work here is actually a job. That’s because innovation is at the heart of everything we do. Every day our people get to imagine new possibilities, take magnificent risks, fail spectacularly, and succeed in spaces no one has dared to venture into before

What’s in it for you:

Here at Tech One, you’ll have the opportunity to make an impact by contributing to our global projects and working with diverse talented individuals across our offices. We promote an always-learning culture and provide our people with vast opportunities for growth. Got any suggestions to make Tech One an even better place to work at? We have a team who listens; share your thoughts and contribute to the changes. Got the skills and right qualities to be part of our awesome team? Competitive remuneration awaits you!

The role in a nutshell:

Tech One Global Lanka Pvt Ltd. is seeking a Solutions Architect – Cybersecurity to drive the technical pre-sales function within our Cybersecurity practice. The role demands deep, hands-on expertise across the full Microsoft security stack from SOC and threat detection through to identity hardening, endpoint protection, data governance, and cloud security posture. You will engage with CISOs, security architects, and business decision makers to assess security posture, design Zero Trust-aligned architectures, and own the technical pre-sales cycle from discovery through to commercial proposal and delivery handover. Beyond individual engagements, you will contribute to the evolution of the cybersecurity practice shaping go-to-market positioning, developing reusable IP on Microsoft security solution design. 

What you will do in this role:

• Trusted Security Advisor & Executive Engagement: Lead strategic security conversations with CISOs, IT Security leads, risk officers, and C-level stakeholders. Assess customer security posture, threat exposure, and compliance obligations, and translate these into prioritized, outcome-aligned Microsoft security architectures. Position for long-term security journey by consistently demonstrating depth, credibility, and commercial awareness across all customer touchpoints. 
• End-to-End Pre-Sales Ownership: Own the full technical pre-sales lifecycle for security opportunities — from initial qualification and discovery through to security posture assessments, threat scenario workshops, PoC design, solution architecture, scope statements, effort estimation, and proposal. Work closely with Account Executives and Practice Leadership to ensure commercial proposals are technically sound, competitively positioned, and delivery-ready at handover. 
• Security Architecture & Zero Trust Design: Design comprehensive, Zero Trust-aligned Microsoft security architectures spanning identity, endpoints, email, data, applications, and cloud infrastructure. Apply depth knowledge across Microsoft Sentinel, Defender XDR (MDE, MDO, MDI, MDA), Microsoft Entra ID, Microsoft Purview, Defender for Cloud, Security Copilot, and Azure security services to produce architectures that are layered, resilient, and aligned to customer risk profile and compliance requirements. Ensure all designs account for hybrid and multi-cloud environments where applicable. 
• Threat Intelligence & Security Posture Advisory: Translate current threat intelligence, industry attack patterns, and Microsoft Secure Score insights into actionable security improvement roadmaps for customers. Conduct structured security posture reviews, mapping customer control gaps to Microsoft security capabilities and produce prioritized remediation plans that align security investment to business risk reduction. Advise on security framework alignment (NIST CSF, CIS Controls, ISO 27001, MITRE ATT&CK) and how the Microsoft security stack maps to these controls. 
• Partner & Ecosystem Engagement: Engage with Microsoft field teams, security specialists, and program stakeholders across FastTrack, Jumpstart Security, co-sell, MXDR, and PSA motions. Participate in Microsoft Executive Briefings, partner QBRs, and joint customer engagements. Leverage Microsoft partner program resources including funding, FastTrack benefits, and co-sell support to accelerate deal velocity and improve customer outcomes. 
• Practice Leadership & IP Development: Drive the development and continuous improvement of security pre-sales capability including posture assessment frameworks, solution playbooks, threat scenario demo environments, proposal templates, and licensing advisory tools. Mentor cybersecurity engineers and delivery staff on solution design standards, Microsoft security stack depth, and customer engagement best practices. Serve as the internal escalation point for complex security architecture questions across pre-sales and delivery. 
• Voice of the Customer & Continuous Learning: Act as a primary feedback channel between the field and practice leadership surfacing emerging customer security concerns, product gaps, adoption blockers, and competitive pressures to inform security offering and go-to-market strategy. Proactively maintain deep technical readiness across the Microsoft Security roadmap through self-directed learning, beta program participation, certification pursuit, and active engagement in Microsoft partner and security communities. 

Required Qualifications 

• Bachelor’s degree in cybersecurity, or related field 

• 5+ years in a solutions architecture, senior security consulting, or technical pre-sales role within a Microsoft partner or enterprise security environment, with a demonstrable track record of owning complex security opportunities end-to-end  

• Deep, hands-on technical expertise across the following Microsoft security workloads:  

• Microsoft Sentinel: advanced workspace architecture (multi-workspace, multi-tenant designs), data connector strategy across Microsoft and third-party sources, custom KQL analytics rule development, MITRE ATT&CK-aligned detection engineering, SOAR playbook design using Logic Apps, and SOC workflow integration 

• Microsoft Defender XDR: Defender for Endpoint (MDE) advanced configuration including ASR rules, tamper protection, and EDR tuning; Defender for Office 365 (MDO) advanced threat policy design; Defender for Identity (MDI) sensor deployment, lateral movement detection, and alert tuning; Defender for Cloud Apps (MDA) session policy and CASB configuration; and unified XDR investigation and threat hunting 

• Microsoft Entra ID: advanced Conditional Access policy design including compliant device, risk-based, and named location policies; Privileged Identity Management (PIM) and Privileged Access Workstation (PAW) strategy; Identity Protection risk policy configuration; SSO/SAML/OIDC federation architecture; Entra External ID; and hybrid identity design including Entra Connect and cloud sync 

• Microsoft Purview: information protection strategy including sensitivity label taxonomy design, auto-labelling policies, DLP policy design across M365 and endpoints, retention and records management, eDiscovery and audit, Insider Risk Management policy configuration, and compliance posture management via Compliance Manager 

• Microsoft Cybersecurity (Breadth): Defender for Cloud (MDC) security posture management across Azure, AWS, and GCP; Azure Policy and regulatory compliance initiatives; Azure Firewall and network security architecture; Microsoft Security Copilot for SOC acceleration; and Secure Score-driven remediation prioritization across M365 and Azure 

• Proven ability to design and articulate end-to-end Zero Trust architectures spanning identity, endpoints, data, applications, and network and map these to Microsoft security product capabilities  

• Demonstrated experience producing executive-level security posture assessments, threat scenario presentations, architecture documentation, and commercially viable proposal content  

• Strong executive presence with ability to lead high-stakes customer conversations, handle technical objections, and build trust with senior security and business stakeholders  

• Exposure to on-premises and third-party security technologies including Active Directory, legacy SIEM platforms, third-party endpoint protection, and network security appliances 

• Working knowledge of industry security frameworks such as NIST CSF, CIS Controls, ISO 27001, MITRE ATT&CK and their practical mapping to Microsoft security controls 

Preferred Qualifications 

• Microsoft certifications: SC-100, SC-200, SC-300, SC-400/401 (all strongly preferred at this level); AZ-500, MS-102, and AI-102 or Security Copilot credentials are a strong plus  

• Experience operating at a senior level within a Microsoft MSP/LSP environment, managing concurrent multi-customer security engagements and contributing to practice-level decisions  

• Active engagement with Microsoft security partner programs including MXDR, FastTrack Ready Partner, Jumpstart Security, and SME Bootcamp with a track record of leveraging these to accelerate customer outcomes  

• Deep familiarity with Microsoft security licensing constructs M365 E5 Security, E5 Compliance, Defender add-on SKUs, Sentinel workspace cost management, and CSP commercial structures enabling confident license advisory conversations during pre-sales  

• Experience contributing to or leading security practice development activities including service design, go-to-market positioning, and delivery methodology 

Key Competencies 

How to get in touch with us:

Address: Tech One Global Lanka (Pvt) Ltd, No:185/4, Havelock Road, Colombo 05

E-mail your CV to hr@techoneglobal.com along with the contact details of two non-related referees