Lead Cloud Architect

Architect the Cloud Foundation: Partner with peers to refine Azure Landing Zone architectures, weaving in Networking, Security, and Enterprise Architecture needs into our secure platform. Evolve the "Secure Sandbox" for better multi-tenant isolation, compliance, and growth, including networking, monitoring, and automation. Offer senior architecture guidance for onboarding new cloud workloads. Build "Paved Roads" for Cloud Enablement: Collaborate to enhance reusable IaC modules (Bicep, ARM, Terraform) and CI/CD templates (Azure DevOps, GitHub Actions). Empower app and domain teams with refined governance, security, and cost controls. Orchestrate automated builds for O365 and cloud platforms company-wide, upholding standards via Azure Policy. Drive Site Reliability Engineering (SRE) Practices: Team with Operations to define SLOs/SLIs, using tools like Azure Monitor and Application Insights for advanced self-healing, remediation, and strategies (e.g., blue/green, canary). Support production with issue troubleshooting, 24/7 on-call rotation, and resolution of critical cloud incidents. Standardize Advanced Platforms: Optimize AKS and related services with peers, focusing on provisioning, scaling, observability, and security in hybrid/multi-cloud setups, including containers and Blob Storage. Shape the design, roadmap, and support for Azure and O365 applications. Foster Platform Resilience and Scalability: Engage in reviews, tuning, chaos engineering, incident response, and post-mortems to mitigate risks and boost metrics. Integrate security via Azure Defender, Sentinel, and Key Vault into DevOps. Lead disaster recovery planning and multi-site/multi-vendor operations. Apply proactive problem-solving to preempt issues and inform strategic decisions. Contribute to Team Excellence: Exchange knowledge via code reviews, troubleshooting, and sessions to mature practices. Join Agile sprints, standups, blameless post-mortems, and tech radars. Grasp development basics to build/update code for cloud maturity (e.g., Terraform, JSON, Git, Docker, Kubernetes, Ansible). Advance DevOps and Automation: Champion CI/CD and release strategies organization-wide. Research and deploy streamlined automations; craft PowerShell/VM scripts for ops support. Integrate monitoring/config services, self-developing as needed. Engage seniors and stakeholders to promote cloud best practices. Innovate with Identity and Emerging Tech: Apply on-prem/cloud IAM expertise for Entra ID, Federation, and Azure B2C. Explore services like Azure Arc or Confidential Computing for PoCs; analyze trends in reporting and forensics for regulated compliance. Required Experience: 8+ years in cloud engineering (5+ in Azure architecture/SRE); hands-on in production-scale environments, high-availability, and root-cause analysis. Background in Cloud Development and Architecture; experience managing projects of varying scale. Technical Expertise:  Proficient in Azure essentials: Landing Zones, AKS, VMs, Container Instances, Blob Storage, VNet, Entra ID, Policy/Blueprints. Design/manage IaaS/PaaS/SaaS (Load Balancers, App Gateways, DNS, Front Door, Storage, Monitor, Security Center, Log Analytics). IaC/CI/CD mastery (Bicep/ARM/Terraform, Azure DevOps/GitHub Actions, PowerShell/CLI); 2+ years in automation for CI/CD. SRE core: SLOs/SLIs, error budgets, observability (Azure Monitor/Prometheus/Grafana), automation (Logic Apps/Functions). Security: Defender, Sentinel, Key Vault; IAM depth (Entra ID, AD, Azure AD DS/Connect/B2C, MFA). Enterprise account/security models; Azure Policy implementation; Key Vault/encryption. 2+ years O365 and Azure AD B2C; 2+ years Kubernetes/Docker/Containers; 3+ years Azure (Functions, API Mgmt, Blobs, VMs, SQL, Event Grid), Microservices, .NET Core, PowerApps. Large-scale distributed systems, OSes, secure configs; deep Azure/cloud knowledge. Skills: Complex system problem-solving; container/microservices; requirements-to-architecture translation. Soft Skills: Collaborative communicator for partnerships/influence; agile/blameless culture; change/incident management. Mentor juniors; plan/manage technical implementations. Preferred Certifications: AZ-305, AZ-500, AZ-400, CKAD/CKA; AZ-300 A plus. Industry certs encouraged. Advanced Azure: Arc, AI/ML (e.g., ML on AKS), databases (Cosmos/SQL). Compute/Storage/Networking automation (Azure Automation/CLI/PowerShell). Chaos tools (Gremlin/Litmus), GitOps (Flux/ArgoCD), Ansible; regulated envs (HIPAA/GDPR/SOX). Open-source/internal tooling contributions. Bachelor's in CS/Engineering (or equivalent) strongly preferred