Talent.com
Cloud Architect

Cloud Architect

Global Soft SystemsDes Moines, IA, United States
job_description.job_card.1_day_ago
serp_jobs.job_preview.job_type
  • serp_jobs.job_card.full_time
  • serp_jobs.filters_job_card.quick_apply
job_description.job_card.job_description

Role : Cloud Architect

Location : Des Moines, IA - Quarterly travel, but prefer CST or EST time zone

Top 3 skills looking for :

  • Building Azure template and developer guardrails. Delivered enterprise landing zones, network / identity baselines, and automated guardrails at scale.
  • Combo of DevSecOps
  • CI / CD

Our client is designing and building a modern cloud platform template using Microsoft Azure to accelerate product delivery, reduce risk, and improve reliability.

You'll lead architecture for Azure landing zones, core platforms, and reference patterns-enabling product teams to ship secure, resilient solutions at speed.

The day to day will be :

  • Strategy & Reference Architecture o Define and socialize Azure reference architectures aligned to CAF and Well-Architected Framework (networking, identity, data, app, SecOps).
  • Translate business capabilities into cloud services & patterns (APIs, events, data, containers, serverless).
  • Landing Zones & Governance o Design / iterate Enterprise-Scale Landing Zones (hierarchy, subscriptions, policy, RBAC, PIM, tagging, budgets).
  • Implement policy-as-code (Azure Policy), guardrails, blueprints, and automated compliance baselines (HIPAA / HITRUST / SOC2 as relevant).
  • Platform Engineering & DevSecOps
  • Partner with Platform / Engineering to deliver golden paths and reusable modules (Terraform / Bicep, GitHub Actions / Azure DevOps).
  • Enable multi-stage CI / CD, secrets via Key Vault, artifacts via ACR, and environment promotion with approvals.
  • Application & Integration Architecture
  • Guide product teams on AKS, App Service, Functions, Logic Apps, APIM, Event Grid / Event Hubs / Service Bus, Front Door / App Gateway / WAF.
  • Establish API / event standards, versioning, and schema governance; promote event-driven and zero-trust patterns.
  • Data & Analytics
  • Advise on Databricks, Synapse / Microsoft Fabric, Data Factory, Purview (catalog / lineage), Cosmos DB, SQL MI, and secure data zones.
  • Security, Resiliency & Observability
  • Embed Defender for Cloud, Sentinel, Conditional Access, private endpoints / Private Link, and network isolation patterns.
  • Design for HA / DR (Availability Zones, paired regions, ASR / Backup, RTO / RPO); mature Azure Monitor / Log Analytics / App Insights dashboards and SLOs.
  • FinOps & Performance
  • Implement tagging / chargeback, rightsizing, reservation planning, autoscale & performance testing; drive unit economics and cost KPIs.
  • SAFe Enablement & Coaching
  • Provide runway views before PI Planning; decompose enabler epics / features; mentor architects / engineers; run architecture clinics / guilds.

    • What you've done

  • 10+ years in architecture / engineering with 6+ years hands-on Azure in large enterprises.
  • Delivered enterprise landing zones, network / identity baselines, and automated guardrails at scale.
  • Production experience with AKS (or App Service), APIM, Functions / Logic Apps, Event Grid / Hubs / Service Bus, Key Vault, Front Door / App Gateway / WAF, Cosmos / SQL, Storage, private networking.
  • Built secure CI / CD with Terraform / Bicep, GitHub Actions or Azure DevOps, and policy gates; strong IaC code review discipline.
  • Proven security & compliance grounding (Zero Trust, MFA / PIM / CAP, Defender, Sentinel; HIPAA / HITRUST / SOC2 / PCI as applicable).
  • Designed for resiliency (zones / regions), performance, and cost; fluent with WAF pillars.
  • Comfortable operating in SAFe and a product operating model; coaching teams and influencing execs.
  • Enterprise landing zones live with automated guardrails; 90% resource deployments via IaC.
  • Reference architectures & golden paths adopted by 70% of product teams.
  • Mean time to first deploy on new products down 30%; critical incidents tied to cloud misconfigurations reduced 50%.
  • Cost per tenant / workload visibility with monthly variance 10% vs budget; top 5 cost drivers optimized.

    • Responsibilities (day to day)

  • Microsoft certifications (e.g., AZ-305, AZ-400, AZ-500, DP-203, SC-100).
  • Containers / mesh (e.g., AKS, Dapr, service mesh), API design at scale, event modeling.
  • Regulated industry experience (healthcare / finance).
  • Observability expertise (OpenTelemetry, SLO error budgets).
  • BizzDesign experience.
  • Author ADRs and solution blueprints; run design reviews and threat modeling.
  • Pair with engineers to codify patterns as reusable modules / templates.
  • Create executive and engineering views (runway, dependencies, risks, trade-offs).
  • Partner with Security / Networking / Data to standardize interfaces and controls.
  • Track and report platform KPIs (reliability, performance, cost, risk).
    • serp_jobs.job_alerts.create_a_job

    Cloud Architect • Des Moines, IA, United States