Senior Network/Infrastructure Cloud Architect

Job Title: Architect II – Cloud Infrastructure Services

Location: Remote

Position Overview

We are seeking a Senior Network/Infrastructure Cloud Architect to support the Mosaic Cloud Migration Project. This role will lead the design and execution of enterprise-scale Azure cloud architecture, focusing on hybrid connectivity, security, governance, and large-scale data center migration.

The ideal candidate will bring deep expertise in Azure infrastructure, enterprise networking, and Zero Trust architecture, along with proven experience leading complex cloud transformation initiatives.

Key Responsibilities

1. Cloud & Infrastructure Architecture

• Design and implement the target-state Azure architecture aligned with Mosaic cloud standards and enterprise governance.
• Define Azure landing zones, subscription strategy, management groups, identity integration, and network topology.
• Architect hybrid connectivity between on-prem environments (Kyndryl-managed) and Azure using ExpressRoute, VPN, and secure routing models.
• Develop network segmentation, micro-segmentation, and Zero Trust architecture patterns.
• Ensure high availability, resiliency, disaster recovery, and business continuity solutions.

2. Migration Strategy & Execution

• Lead infrastructure discovery and dependency mapping for on-prem workloads.
• Develop phased migration strategies (rehost, replatform, refactor).
• Define cutover planning, rollback strategies, and coexistence models.
• Collaborate with application teams to ensure migration readiness and performance optimization.
• Drive data center exit planning and decommissioning strategies.

3. Networking & Security

• Design Azure VNet architecture, hub-and-spoke topology, firewall strategy, and traffic inspection models.
• Architect integration with:
• Azure Firewall / NVA
• Load Balancers / Application Gateway
• Azure Front Door (if applicable)
• Hybrid DNS resolution strategy
• Implement network security controls including NSGs, ASGs, UDRs, and conditional access.
• Align architecture with enterprise security policies and compliance frameworks (HIPAA, SOC2, etc.).

4. Infrastructure & Platform Modernization

• Design Infrastructure-as-Code frameworks (Terraform, ARM, Bicep).
• Enable automation for provisioning and configuration management.
• Architect monitoring and observability solutions using Azure Monitor, Log Analytics, Sentinel.
• Define Azure backup, patching, and lifecycle management strategies.
• Support containerization, Kubernetes (AKS), and platform services integration where applicable.

5. Governance & Operational Model

• Define cloud governance, cost management strategy, tagging standards, and FinOps alignment.
• Partner with operations teams to transition to a cloud operating model.
• Document architecture standards, runbooks, and reference patterns.
• Act as technical advisor to leadership and key stakeholders.

Required Qualifications

• 10+ years of enterprise infrastructure and network architecture experience.
• 5+ years of hands-on Azure architecture experience.
• Proven leadership in large-scale data center to Azure cloud migrations.
• Strong experience with:
• Hybrid networking (ExpressRoute, VPN, BGP routing)
• Enterprise firewall architectures
• Azure landing zones
• Identity integration (Azure AD / Entra ID, hybrid AD)
• DNS, IPAM, routing, load balancing
• Deep understanding of infrastructure security and Zero Trust principles.
• Experience working within environments managed by third-party providers (e.g., Kyndryl/IBM or similar).