Senior Cloud Architect

About The Position

Requirements

• 8+ years of experience in cloud infrastructure, cloud networking, and enterprise IT architecture.
• 5+ years of hands-on engineering and architecture experience in Azure, with strong capabilities in designing large-scale cloud networking solutions.
• Proven background operating highly available, globally distributed, and secure cloud environments supporting mission-critical workloads.
• Experience in enterprise or regulated industries such as biotech, pharma, financial services, or healthcare preferred.
• Deep hands-on expertise with Azure networking and core infrastructure services, including ExpressRoute, Global Reach, Virtual WAN, VPN Gateways, VNets, subnetting, peering, routing/UDRs, BGP, IPAM, DNS/Private DNS Resolver.
• Strong understanding of identity and access controls, including RBAC, PIM, and cloud IAM patterns.
• Hands-on experience building and automating infrastructure using Terraform, Bicep, and Git-based CI/CD pipelines.
• Automation and scripting expertise in Python (preferred) and/or PowerShell.
• Strong ability to troubleshoot complex cloud networking issues, routing asymmetry, DNS behavior, SNAT limitations, and packet-level flow analysis.

Nice To Haves

• Experience with next-generation firewalls and virtual security appliances (e.g., Palo Alto, Check Point, Fortinet).
• Understanding of advanced compute/networking capabilities such as Azure VM Scale Sets, global load balancing, and multi-region architectures.
• Experience with multi-cloud networking, including AWS Transit Gateway, GCP VPC, or hybrid multi-cloud routing.
• Exposure to SD-WAN, SASE architectures, zero-trust frameworks, or multi-cloud networking platforms.
• Strong network diagnostic experience using tools such as Wireshark, tcpdump, or cloud-native packet capture.
• Familiarity with container networking (AKS) and service mesh patterns is a plus.
• Relevant certifications are desirable, such as: AZ-700, AZ-305, Terraform Associate.

Responsibilities

• Design, architect, and secure global Azure cloud environments with a strong emphasis on advanced networking, including ExpressRoute, Virtual WAN, Private Link, DNS architecture, and multi-region connectivity.
• Deliver scalable, highly available, and secure cloud infrastructure supporting AI/ML platforms, data analytics ecosystems, regulated enterprise applications, and scientific computing workloads.
• Develop and maintain Infrastructure-as-Code using Terraform and Bicep, including modular designs, automation frameworks, and end-to-end deployment pipelines.
• Build automation solutions using Python for provisioning, configuration validation, compliance checks, and operational workflows.
• Collaborate with Corporate Security, Network Engineering, Application Engineering, and Architecture teams to ensure design consistency, compliance, and operational excellence.
• Lead cloud design reviews, enforce architecture best practices, and drive standardization of platform patterns and networking frameworks across multiple business units.
• Support cloud migration initiatives, operational readiness, disaster recovery strategies, and zero-trust networking implementations.
• Influence and drive continuous improvement across cloud governance, automation, observability, and security integrations.

Benefits

• Health Coverage: Medical, pharmacy, dental, and vision care.
• Wellbeing Support: Programs such as BMS Well-Being Account, BMS Living Life Better, and Employee Assistance Programs (EAP).
• Financial Well-being and Protection: 401(k) plan, short- and long-term disability, life insurance, accident insurance, supplemental health insurance, business travel protection, personal liability protection, identity theft benefit, legal support, and survivor support.
• Work-life benefits include: Paid Time Off US Exempt Employees: flexible time off (unlimited, with manager approval, 11 paid national holidays (not applicable to employees in Phoenix, AZ, Puerto Rico or Rayzebio employees) Phoenix, AZ, Puerto Rico and Rayzebio Exempt, Non-Exempt, Hourly Employees: 160 hours annual paid vacation for new hires with manager approval, 11 national holidays, and 3 optional holidays Based on eligibility, additional time off for employees may include unlimited paid sick time, up to 2 paid volunteer days per year, summer hours flexibility, leaves of absence for medical, personal, parental, caregiver, bereavement, and military needs and an annual Global Shutdown between Christmas and New Years Day. All global employees full and part-time who are actively employed at and paid directly by BMS at the end of the calendar year are eligible to take advantage of the Global Shutdown.