Principal Microsoft Solutions Architect

We’re looking for a Microsoft Solutions Architect who lives at the intersection of Microsoft security, field collaboration, and technical integrations. This role serves as the strategic technical overlay  for Microsoft Security and cloud plus a set of high‑impact ecosystem partners.

You’ll own the technical side of the Microsoft + Huntress story— Microsoft Security and M365 —and how Huntress EDR, ITDR, SIEM, and our SOC layer on top. You’ll design and validate integration patterns, support joint customer opportunities, and scale targeted enablement so field teams on both sides can independently tell a consistent, credible story.

• →Partner with Product and Engineering to define which Microsoft APIs and telemetry streams Huntress builds against, in what order, and to what depth — owning the Microsoft-side integration point of view.
• →Drive Huntress’s internal understanding of the Microsoft security landscape — including licensing changes, packaging shifts, and where those changes create product and GTM opportunity.
• →Work with security-operations-adjacent stakeholders to ensure Microsoft telemetry and threat intelligence land cleanly in downstream investigative and response workflows.
• →Partner closely with alliances and channel leadership to shape our joint technical value propositions.
• →Act as the go‑to expert for Microsoft Security integrations and co‑sell opportunities.
• →Turn customer and partner feedback into structured input for Product, PMM, and our SOC.
• →Build reusable technical assets, demos, and training that raise the bar for how we show up with and through our alliances.

• →Define Huntress’s technical point of view on Microsoft Security and M365, including coexistence, consolidation, managed service overlays, Microsoft Security licensing, and how Defender and Purview map to Business Premium, E3, and E5 realities.
• →Architect and validate Microsoft telemetry and API integration patterns across Defender, Entra ID, Azure, Purview, M365, SIEM, and Huntress workflows, balancing cost, coverage, fidelity, and investigative value.
• →Lead technical engagement for strategic Microsoft and ecosystem alliances, including joint customer calls, proof-of-concepts, integration scoping, and partner implementation planning.
• →Translate partner, customer, product, and telemetry signals into structured roadmap input for Product, Engineering, PMM, and the SOC.
• →Build scalable enablement, demos, labs, and field guidance so Huntress SEs, TAMs, alliance teams, and partner sellers can confidently position Microsoft-integrated Huntress solutions.
• →Stay current on Microsoft Security announcements, product changes, licensing shifts, and API availability; travel approximately 20–30% for key alliance meetings, co-sell opportunities, events, and planning sessions.
• →Travel ~15–25% for key alliance meetings, co‑sell opportunities, field events, and strategic planning sessions with partners.

• Hands-on design experience against Microsoft Graph, Defender APIs, Sentinel / Log Analytics, and Event Hub
• Ability to reason about latency, fidelity, cost, rate limits, and downstream workflow implications
• Comfort operating as a technical counterpart to product engineering
• Strong familiarity with how security products support investigative and operational workflows, even if not from a direct SOC seat
• Ability to turn complex integration stories into clear enablement artifacts—battlecards, talk tracks, “better together” diagrams, demo narratives, and short guides that alliance SEs and sellers can actually use.
• Confident presenting to both technical and business stakeholders at partners and customers. You can move from a whiteboard discussion on telemetry architecture to an exec‑level conversation on risk, value, and roadmap trade‑offs.
• Experience defining success criteria, tracking enablement and pipeline impact, and iterating on programs without waiting for a fully baked project charter. You’re comfortable navigating ambiguity and shaping the role as the alliance motion matures

• Prior work at, or closely alongside, Microsoft or large Microsoft‑aligned partners (LSPs, SIs, or security ISVs) where Defender, Entra, Azure, and M365 security were core to your remit.
• Experience building or scaling joint security offers (e.g., managed Defender, MDR on top of Microsoft, identity/ITDR + M365, SIEM/log analytics for Microsoft signals).
• Familiarity with Microsoft skilling programs and partner playbooks (e.g., structured learning plans, campaign‑in‑a‑box, security solution plays) and how they show up in partner ecosystems.
• Hands‑on exposure to SOC or incident response—participating in incident calls, walking customers or partners through reports, or working alongside SOC teams on joint detections and response.
• Background working with large resellers, distributors, or marketplaces on security and integration topics, even if that wasn’t your primary focus.