1

Exchange Architect Jobs (NOW HIRING)

This senior-level role focuses on creating reusable data models, exchange patterns, and quality frameworks. The Data Architect collaborates with data platform, integration, and governance teams to ...

M365 Architect Job Location: Redmond - Washington Job Type: Contract * Anchor and lead end to end ... Should have knowledge of End user technologies like AD Exchange O365 MS teams and any other tools ...

next page

Showing results 1-20

Exchange Architect information

See salary details

$101.5K

$135.6K

$190K

How much do exchange architect jobs pay per year?

As of Jul 2, 2026, the average yearly pay for exchange architect in the United States is $135,625.00, according to ZipRecruiter salary data. Most workers in this role earn between $110,000.00 and $150,000.00 per year, depending on experience, location, and employer.

What are Exchange Architects?

Exchange Architects are IT professionals who design, implement, and manage Microsoft Exchange Server environments for organizations. Their responsibilities include planning email infrastructure, ensuring security and compliance, managing migrations, and troubleshooting complex issues. They collaborate with other IT teams to integrate Exchange with related systems and ensure high availability and disaster recovery. Exchange Architects must stay updated on the latest technologies and best practices to optimize email services and support business needs.

What is the difference between Exchange Architect vs Exchange Engineer?

AspectExchange ArchitectExchange Engineer
CertificationsMicrosoft Certified: Messaging Administrator, MCSE: MessagingMicrosoft Certified: Messaging Administrator, MCSE: Messaging
Work EnvironmentDesigns and plans Exchange infrastructure, collaborates with architects and stakeholdersImplements, configures, and maintains Exchange servers and services
ResponsibilitiesHigh-level architecture design, strategic planning, and integrationDeployment, troubleshooting, and daily management of Exchange environments

The main difference between an Exchange Architect and an Exchange Engineer lies in their focus. The Exchange Architect is responsible for designing the overall Exchange infrastructure and strategic planning, while the Exchange Engineer handles the implementation, configuration, and maintenance of Exchange servers. Both roles require similar certifications and work closely within organizations that use Microsoft Exchange for email communication.

What are some common challenges Exchange Architects face when migrating to cloud-based email solutions?

Exchange Architects often encounter challenges such as ensuring data integrity during migration, minimizing downtime, and managing hybrid environments that combine on-premises and cloud-based systems. They must also address security and compliance requirements, as well as coordinate closely with stakeholders in IT, security, and end-user support. Proactive planning, thorough testing, and clear communication with all teams involved are essential for a successful migration process.

What are the key skills and qualifications needed to thrive as an Exchange Architect, and why are they important?

To thrive as an Exchange Architect, you need deep expertise in Microsoft Exchange Server, email infrastructure design, and network security, often backed by a degree in IT or computer science and relevant certifications like Microsoft Certified Solutions Expert (MCSE). Proficiency with PowerShell scripting, Exchange Online (Microsoft 365), migration tools, and security protocols is typically required. Strong problem-solving skills, project management, and clear communication set top performers apart in this role. These skills are crucial for ensuring reliable, secure, and scalable messaging environments that support business continuity and collaboration.
More about Exchange Architect jobs
Infographic showing various Exchange Architect job openings in the United States as of June 2026, with employment types broken down into 96% Full Time, 1% Part Time, and 3% Contract. Highlights an 94% Physical, 2% Hybrid, and 4% Remote job distribution, with an average salary of $135,625 per year, or $65.2 per hour.
Enterprise Identity Architect

Enterprise Identity Architect

Open Dealer Exchange

Southfield, MI • On-site

Full-time

Posted 8 days ago


Job description

Identity and Access Management Architect
Open Dealer Exchange (ODE), is seeking an Enterprise Identity Architect to support its workforce in Southfield, MI . As an Enterprise Identity Architect, you will own and mature our identity security posture across a complex, multi-platform environment, serving as the primary driver of a structured role based access control (RBAC) program and a trusted technical advisor across infrastructure, IT, and development teams. The ideal candidate will have deep experience with Entra ID, Active Directory, identity lifecycle automation, and governing access in regulated enterprise environments. Open Dealer Exchange is a dynamic, exciting place to work. Open Dealer Exchange offers a hybrid work model as well as an excellent compensation/benefit package.
Responsibilities
  • Design and implement enterprise RBAC: Build a cohesive role-based access control model across Entra ID, Active Directory, and Entra External ID, replacing ad hoc access grants with governed, role-aligned entitlements.
  • Lead identity lifecycle automation: Integrate the HR system with Entra ID to automate provisioning and deprovisioning, ensuring access changes are event-driven and auditable at the point of hire, transfer, and termination.
  • Govern directory structure and access hygiene: Define and enforce naming conventions, group structures, and access review cadences across all directory platforms.
  • Manage non-human identities: Govern service accounts, including managed identities, service principals, and app registrations, enforcing least privilege and credential hygiene across all environments.
  • Advise development teams on identity security: Provide architectural guidance on token handling, session management, and federation patterns for teams building or maintaining identity adjacent systems.
  • Drive Conditional Access and PIM: Lead Conditional Access policy design and own Privileged Identity Management configuration and the privileged access model for admin roles across Azure and M365.
  • Support Entra External ID governance: Advise teams on External ID tenant configuration, custom policy, user flows, and external identity federation.
  • Produce compliance-ready documentation: Maintain IAM documentation including access control matrices, provisioning runbooks, and audit-ready entitlement inventories supporting FCRA and FTC Safeguards Rule obligations.
  • Collaborate across the security program: Align IAM initiatives with the broader security roadmap and participate in change management and architecture review processes alongside security engineers and the Cybersecurity Manager.

Requirements
Required Skills & Experience
  • 5+ years of hands-on IAM engineering experience, with at least 3 years focused on Entra ID (Azure AD) in enterprise environments.
  • Deep working knowledge of Active Directory, including group policy, OU design, domain trust models, and hybrid identity patterns.
  • Demonstrated experience designing and implementing RBAC models at scale in complex or legacy environments.
  • Hands-on experience with Entra ID Governance, including access reviews, entitlement management, lifecycle workflows, and Privileged Identity Management (PIM).
  • Strong working knowledge of OAuth 2.0, OIDC, and SAML, sufficient to review developer implementations and identify security risk.
  • Practical experience automating identity lifecycle events using Logic Apps, Azure Functions, PowerShell, or the Microsoft Graph API.
  • Ability to communicate risk clearly to non-technical stakeholders and produce compliance-ready documentation.
  • Will accept any suitable combination of education, training, or experience.

Preferred Skills & Experience
  • Experience in regulated industries such as financial services, fintech, or automotive with access control obligations.
  • Familiarity with FTC Safeguards Rule requirements or equivalent data security regulatory frameworks.
  • Prior experience integrating an HRIS platform (Workday, BambooHR, UKG, or similar) with Entra ID via SCIM or custom connector.
  • Exposure to IGA platforms such as SailPoint, Saviynt, or Omada.
  • Experience advising development teams on token validation, scope design, role claims, and secure session management.
  • Bachelor's degree in Computer Science, Information Systems, or a related field, or equivalent professional experience.
  • Relevant certifications: SC-300 (Microsoft Identity and Access Administrator), AZ-500 (Microsoft Azure Security Technologies), or equivalent