Global Messaging Architect
TKO · Stamford, CT · 2 wk ago
Information Technology$150k/yrFull-time
Key Responsibilities
- Define and maintain the global messaging architecture across Exchange Online, M365, and integrated security/compliance platforms.
- Develop and enforce governance models, standards, and best practices to ensure consistent, secure, and scalable messaging services worldwide.
- Lead messaging strategy through M&A, divestiture, and rebranding initiatives, ensuring seamless coexistence and business continuity.
- Architect and oversee global mail routing, security filtering, authentication standards (SPF/DKIM/DMARC), and hybrid coexistence.
- Partner with Global Security Operations to strengthen phishing defense, vulnerability patching, and threat detection.
- Provide architectural leadership for integration with Teams, Slack, Zoom, and other collaboration tools.
- Ensure compliance with global regulations (SOX, PCI, GDPR, PIPL, HIPAA) through secure design and retention/eDiscovery controls.
- Establish architecture for journaling, litigation holds, retention, and regulatory reporting in collaboration with Legal and Compliance.
- Govern role-based administration, privileged access, and identity controls across messaging platforms.
- Act as the enterprise subject matter expert for messaging, influencing cross-functional roadmaps and vendor strategy.
- Advise executives and senior leadership on risk, cost optimization, and strategic investments in messaging and collaboration.
- Mentor engineers and administrators, raising overall team capability and ensuring adoption of best practices.
Skills & Abilities
- Architectural Leadership: Able to design, articulate, and defend email and messaging architecture decisions across hybrid environments (M365, Exchange Online, Exchange on Prem, Okta, AD, Entra ID).
- Extreme Ownership: Adopt the leadership philosophy that means taking accountability for failures, setbacks, and results within your sphere of influence, even those caused by others on your team.
- Execution-Focused: Operate with urgency and accountability; drive deliverables forward without constant oversight.
- Analytical Thinking: Able to break down complex technical problems and deliver practical, scalable solutions.
- Documentation Excellence: Produce clear, detailed, and professional HLDs, LLDs, runbooks, and process diagrams.
- Mentorship & Collaboration: Capable of guiding junior engineers and collaborating effectively across infrastructure, security, and application teams.
- Communication: Strong written and verbal communication skills; able to influence stakeholders and explain complex concepts to technical and non-technical audiences.
- Comfort with Ambiguity: Thrive in environments where direction is still forming and able to bring structure and clarity to grey areas.
- Resilience: Maintain focus and composure under pressure in fast-moving, high-visibility environments.
- Customer Orientation: Keep business impact front of mind; balance technical excellence with pragmatic execution.
Required Qualifications & Training
- Bachelor’s degree in computer science, Information Technology, Engineering, or a related field, or equivalent hands-on experience.
- 8+ years of experience in identity and access management, enterprise infrastructure.
- Demonstrated experience leading identity architecture and delivery for large-scale, hybrid environments.
- Hands-on, Expert-level proficiency with Microsoft 365 (Exchange Online, Teams Online, SharePoint Online, etc.), Google Workspace, Okta Identity Cloud (SSO, MFA, Workflows, Lifecycle Management, Identity Governance), Microsoft Active Directory (forest/domain design, GPOs, trusts, replication), Microsoft Entra ID / Azure AD (hybrid join, conditional access, identity federation).
Desirable Project Experience
- Played a lead role in messaging separation or integration during complex M&A events, including domain consolidation, rebranding, and tenant-to-tenant migrations.
- Architected mail routing and coexistence between acquired/divested entities while maintaining business continuity and compliance.
- Implemented SPF, DKIM, DMARC, MTA-STS, and DANE across global brands to harden email security.
- Rolled out enterprise-grade anti-phishing and advanced threat protection platforms (Mimecast, Proofpoint, Microsoft Defender for Office 365).
- Built global monitoring and alerting frameworks for messaging health, performance, and mail flow.
Preferred Certifications
- Microsoft Certified: Exchange Server 2019 / Exchange Online Expert (or legacy MCSE: Messaging)
- Mimecast Certified Specialist / Engineer
- Microsoft Certified: Identity and Access Administrator Associate (SC-300)
- Microsoft Certified: Azure Solutions Architect Expert
- Certified Information Systems Security Professional (CISSP) or GIAC certifications (IAM/GRC)
- Training or certification in Zero Trust Architecture, PIM/PAM Design, IAM Governance