Lead Technical Enterprise Architect ? Secure Cloud

Overview

Remote
On Site
Hybrid
-USD
Full Time

Skills

See job description

Job Details

Job Description

The Lead Technical Enterprise Architect provides overarching technical and architectural leadership across Microsoft GCC-High, Azure Government, and related secure cloud environments. This role is responsible for translating client mission and compliance requirements into secure, scalable, and maintainable enterprise cloud architectures that align with CMMC Level 2, NIST SP 800-171, and DoD Cloud Computing SRG requirements.

Serving as the primary liaison between the client and the internal delivery team, the Architect ensures that all design and implementation activities adhere to compliance standards, technical best practices, and client objectives. The role leads a multi-disciplinary team responsible for the design, integration, and sustainment of secure landing zones, Entra ID (Azure AD), Intune, Azure Virtual Desktop (AVD), Windows 365, Defender for Cloud, and other Microsoft 365 GCC-High services.

This is a hands-on leadership role requiring deep technical knowledge, strategic thinking, and strong communication skills to guide both internal engineering resources and client stakeholders toward a common architectural vision.

Job Responsibilities

As a Lead Technical Enterprise Architect, you will be responsible for the following:

Architecture Leadership & Design

  • Develop and maintain the enterprise architecture roadmap for Azure Government and GCC-High environments.
  • Lead the design of secure Azure Landing Zones, including hub-and-spoke networking, ExpressRoute integration, and hybrid connectivity to on-premises systems.
  • Ensure architectural compliance with DoD SRG, NIST SP 800-171, and CMMC Level 2.
  • Direct solutioning for identity, endpoint management, monitoring, and security?including Entra ID P2, Intune, Defender for Cloud, Sentinel, and Azure Monitor.
  • Incorporate redundancy, performance optimization, and cost efficiency into all designs.

Client Liaison & Requirements Translation

  • Serve as the primary technical point of contact for the client and lead all architecture-related discussions and reviews.
  • Translate client requirements into actionable designs, work packages, and technical tasks.
  • Communicate architectural risks, constraints, and trade-offs clearly to both technical and business stakeholders.
  • Maintain full traceability from client requirements through technical implementation.

Team Oversight & Delivery Execution

  • Lead a cross-functional team of cloud engineers, system administrators, network specialists, and security analysts.
  • Define priorities, assign tasks, and oversee all engineering deliverables to ensure alignment with the architecture plan.
  • Review technical documentation, diagrams, and SOPs for accuracy and completeness.
  • Conduct peer reviews, enforce configuration standards, and provide technical mentorship.
  • Collaborate with the project manager or Scrum Master to track progress, resolve blockers, and ensure on-schedule delivery.

Compliance, Governance & Risk Management

  • Enforce compliance with CMMC Level 2, NIST SP 800-171, and FedRAMP High controls.
  • Define and oversee governance policies for access control, configuration baselines, and data protection.
  • Review and approve technical changes following established change-management procedures.
  • Partner with the ISSM and compliance team to maintain audit readiness and continuous compliance.

Continuous Improvement & Innovation

  • Identify opportunities to enhance security posture, automation, and cost optimization.
  • Evaluate new Microsoft capabilities (e.g., Windows 365 GCC-High, Copilot for M365, Purview).
  • Recommend modernization strategies that align with client missions and evolving compliance requirements.

Required Qualifications:

  • U.S. Citizenship is required
  • Eligible for DoD Secret clearance or higher
  • Bachelor?s degree in computer science, Information Systems, or related field.
  • 10+ years of progressive IT experience, including at least 5 years in enterprise or cloud architecture
  • 3+ years of experience working within Azure Government and Microsoft 365 GCC-High environments.
  • Proven success leading cross-functional technical teams and serving as a client-facing technical lead.

Technical Expertise:

  • Azure Landing Zone architectures (Hub-and-Spoke, SCCA, IL4/IL5).
  • Entra ID P2, Conditional Access, PIM, MFA, and RBAC design
  • Intune endpoint management and device compliance
  • AVD, FSLogix, and Windows 365 Government implementations
  • Defender for Cloud, Defender for Endpoint, Sentinel, and Purview
  • Azure networking (VNETs, NSGs, VPN Gateway, ExpressRoute, Private Link).
  • Infrastructure-as-Code using ARM, Bicep, or Terraform.

Certifications (Preferred):

  • Microsoft Certified: Azure Solutions Architect Expert.
  • Microsoft Certified: Cybersecurity Architect Expert or Enterprise Administrator Expert.
  • CISSP, CISM, or CCSP.
  • ITIL v4 Foundation.
Desired Qualifications:
  • Prior work supporting Federal, DoD, or Defense Industrial Base (DIB) programs.
  • Familiarity with DevSecOps pipelines, CI/CD automation, and Infrastructure-as-Code best practices.
  • Strong understanding of cost optimization and FinOps principles in Azure Government.
  • Demonstrated experience in client-facing leadership and enterprise governance boards.
About Capgemini

Capgemini is a global business and technology transformation partner, helping organizations to accelerate their dual transition to a digital and sustainable world, while creating tangible impact for enterprises and society. It is a responsible and diverse group of 340,000 team members in more than 50 countries. With its strong over 55-year heritage, Capgemini is trusted by its clients to unlock the value of technology to address the entire breadth of their business needs. It delivers end-to-end services and solutions leveraging strengths from strategy and design to engineering, all fueled by its market leading capabilities in AI, generative AI, cloud and data, combined with its deep industry expertise and partner ecosystem. The Group reported 2024 global revenues of ?22.1 billion.

Get The Future You Want | ;/strong>

Disclaimer

All qualified applicants will be considered for employment based on their skills, and merit.

Please be aware that Capgemini may capture your image (video or screenshot) during the interview process and that image may be used for verification, including during the hiring and onboarding process.

Applicants for employment in the US must have valid work authorization that does not now and/or will not in the future require sponsorship of a visa for employment authorization in the US by Capgemini.

Capgemini discloses salary range information in compliance with state and local pay transparency obligations. The disclosed range represents the lowest to highest salary we, in good faith, believe we would pay for this role at the time of this posting, although we may ultimately pay more or less than the disclosed range, and the range may be modified in the future. The disclosed range takes into account the wide range of factors that are considered in making compensation decisions including, but not limited to, geographic location, relevant education, qualifications, certifications, experience, skills, seniority, performance, sales or revenue-based metrics, and business or organizational needs. At Capgemini, it is not typical for an individual to be hired at or near the top of the range for their role. The base salary range for the tagged location is 150k-170k.

This role may be eligible for other compensation including variable compensation, bonus, or commission. Full time regular employees are eligible for paid time off, medical/dental/vision insurance, 401(k), and any other benefits to eligible employees.

Note: No amount of pay is considered to be wages or compensation until such amount is earned, vested, and determinable. The amount and availability of any bonus, commission, or any other form of compensation that are allocable to a particular employee remains in the Company's sole discretion unless and until paid and may be modified at the Company?s sole discretion, consistent with the law.

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review thenotice from the Department of Labor.

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the notice from the Department of Labor.

See job description
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.