Cloud Platform Architect

About The Position

Requirements

• Bachelor’s level degree in Computer Science, Computer Engineering or related field with eight (8) years of related experience.
• Seven (7) years of hands‑on cloud architecture or engineering experience, including ownership of secure production environments.
• Proficient in at least one major cloud platform such as Microsoft Azure, AWS, or GCP, with strong cross‑cloud security fundamentals.
• In‑depth understanding of cloud networking, cloud security, containers, Kubernetes, serverless technologies, and microservices.
• Confirmed experience with cloud security controls, including IAM, encryption, key management, network security, and zero‑trust principles.
• Extensive knowledge of cloud governance, monitoring, observability, FinOps, and cost management.
• Strong understanding of compliance and regulatory frameworks (e.g., NIST, ISO, SOC, CIS, PCI, or similar).
• Experience embedding security into architecture design, IaC, and CI/CD pipelines (DevSecOps).
• Exceptional communication, leadership, and customer‑management skills, with the ability to influence engineering, security, and executive stakeholders.

Responsibilities

• Design and architect scalable, highly available, resilient, and secure cloud solutions leveraging IaaS and PaaS services across AWS, Azure, and Google Cloud Platform (GCP).
• Lead cloud migration initiatives, including re‑hosting, re‑platforming, refactoring, and re‑architecting legacy and on‑premises workloads with a strong emphasis on security posture improvement and risk reduction.
• Drive application and infrastructure modernization programs to improve scalability, performance, security, and operational efficiency.
• Partner with engineering, platform, and security teams to define cloud‑native reference architectures, security guardrails, and modernization roadmaps.
• Optimize cloud infrastructure for performance, availability, reliability, security hardening, and cost efficiency.
• Establish and manage cloud security architectures and governance frameworks, aligned with industry standards and internal security policies.
• Design and enforce identity‑first security, including IAM strategies, least‑privilege access controls, role‑based access, identity federation, and secrets management.
• Design and implement secure cloud networking architectures, including VPN, Direct Connect, ExpressRoute, and Cloud Interconnect.
• Configure and enforce network segmentation, micro‑segmentation, zero‑trust architectures, and advanced network security controls.
• Secure containers, Kubernetes, serverless, and microservices environments, including image scanning, runtime protection, and policy enforcement.
• Implement Infrastructure as Code (IaC) using Terraform, AWS CloudFormation, and Azure ARM/Bicep templates with built‑in security, policy, and compliance controls.
• Design and evolve DevSecOps CI/CD pipelines, integrating security scanning, policy enforcement, and automated compliance validation.
• Define and implement cloud security observability, including logging, monitoring, alerting, and incident response integration.
• Evaluate emerging cloud and security technologies, driving continuous improvement of platform security and resilience.
• Develop, document, and present architecture diagrams, security models, threat assessments, technical documentation, roadmaps, and executive‑level presentations.
• Define and operate cloud operating models, including security governance, FinOps, tagging standards, resource governance, and operational excellence frameworks

Benefits

• medical
• dental
• vision
• life
• other voluntary benefits
• 401(K) including company matching
• employee stock purchase program (ESPP)
• student debt assistance
• tuition reimbursement program
• development and career growth opportunities and programs
• financial planning benefits
• wellness benefits including an employee assistance program (EAP)
• paid time off and paid company holidays
• family care and bonding leave