IT Cloud and Security Architect

SUMMARY 

The IT Cloud and Security Architect is a senior technical leader responsible for setting the strategic direction and architectural design of secure, scalable, and resilient cloud infrastructure primarily in Microsoft Azure. This role defines and governs enterprise cloud architecture across infrastructure domains such as networking, identity, hybrid connectivity, and security, ensuring alignment with organizational, technical, and compliance goals. 

As the primary architect for Capital Health’s cloud transformation, this position sets reference standards, leads architecture reviews, and drives the adoption of cloud-native services, Zero Trust models, and infrastructure automation. The role balances strategic vision with technical depth and cross-functional collaboration across multiple cloud and hybrid platforms, including Azure, AWS, and SaaS ecosystems. 

MINIMUM REQUIREMENTS 

Education 

• Required: Bachelor’s degree in Computer Science, Engineering, or related field; or equivalent work experience 

• Preferred: Master’s degree or advanced certifications in cloud architecture, infrastructure, or cybersecurity 

Experience 

• 10+ years of progressive IT experience, with: 

• 5+ years in cloud infrastructure architecture, primarily in Azure 

• Demonstrated success in designing hybrid and multi-cloud architectures 

• Experience developing infrastructure governance and automation strategies 

• Proven track record operating in compliance-heavy sectors (e.g., healthcare, finance) 

KNOWLEDGE AND SKILLS 

• Deep expertise in Azure infrastructure: VNets, subnets, Application Gateway, Azure Firewall, Load Balancers, NSGs, Route Tables, Azure DNS 

• Advanced knowledge of hybrid networking: VPN Gateway, ExpressRoute, SD-WAN 

• Strong background in identity and access architecture: Azure AD / Microsoft Entra ID, RBAC, conditional access, federation 

• Proficient in infrastructure-as-code and automation tools: Terraform, Bicep, ARM templates, GitHub Actions, Azure DevOps 

• Familiarity with cloud-native security tools: Microsoft Defender for Cloud, Azure Key Vault, Policies, Sentinel 

• Solid understanding of Zero Trust architecture, segmentation, and governance enforcement 

• Working knowledge of compliance frameworks (HIPAA, NIST, PCI-DSS, CIS Benchmarks) 

PREFERRED CERTIFICATIONS 

• Microsoft Certified: Azure Solutions Architect Expert 

• Microsoft Certified: Cybersecurity Architect Expert 

• Microsoft Certified: Azure Network Engineer Associate 

• Microsoft Certified: Identity and Access Administrator Associate 

• AWS Certified Solutions Architect 

• AWS Certified Security 

• Google Professional Cloud Architect 

ESSENTIAL FUNCTIONS 

• Define and maintain enterprise reference architectures for Azure and hybrid environments 

• Lead cloud architecture design reviews to ensure security, scalability, and compliance 

• Architect secure, highly available cloud and hybrid networks using ExpressRoute, VPN, and private endpoints 

• Govern the use of cloud services through tagging, policies, resource locks, and security baselines 

• Drive the adoption of Zero Trust principles in identity, networking, and infrastructure design 

• Collaborate with DevOps teams to define reusable infrastructure-as-code modules and patterns 

• Guide the selection and integration of security tools for logging, threat detection, and monitoring 

• Provide architectural oversight for cloud compliance and regulatory initiatives 

• Mentor engineering and operations teams in cloud best practices 

ADDITIONAL RESPONSIBILITIES 

• Influence and contribute to the cloud roadmap, platform strategy, and capability maturity 

• Support internal/external audit processes and risk assessments 

• Stay abreast of evolving cloud services, architectural patterns, and security trends 

• Lead technical evaluations of new tools and emerging technologies 

AREAS OF RESPONSIBILITY 

• Azure and hybrid cloud infrastructure strategy 

• Enterprise network, compute, identity, and storage architecture 

• Cloud-native security, Zero Trust, and compliance enforcement 

• Infrastructure-as-code governance and automation enablement 

• Cloud platform performance, availability, and cost optimization 

KEY METRICS FOR SUCCESS 

• Adoption of well-architected, standardized Azure services 

• Reduction in misconfigurations and configuration drift via automation 

• Improved cloud risk posture and audit outcomes 

• Effective architectural governance across cloud and hybrid environments 

• Successful cross-team collaboration with security, DevOps, and operations 

• Delivery of secure, scalable cloud infrastructure aligned with business goals