Azure Cloud Architect Job Listing at SPA in Alexandria, VA (Job ID 2025-19587)

Description

Qualifications

Required Qualifications:

Experience:

• 8+ years in cloud architecture or engineering roles, with 5+ years focused on Azure environments.
• Proven experience designing multi-subscription Azure environments aligned with ALZ, SCCA, and MLZ principles.
• Hands-on experience implementing hybrid and B2B connectivity solutions.

Technical Skills:

• Expertise in core Azure services: Azure AD, Azure Firewall, VPN Gateway, ExpressRoute, Azure Virtual WAN, and Key Vault.
• Proficiency in designing hybrid architectures using ExpressRoute and Private Link.
• Experience with Infrastructure as Code (IaC) tools like Terraform, ARM templates, or Bicep.
• Strong knowledge of networking, security, and identity solutions, including conditional access and identity federation.

Compliance Knowledge:

• Strong understanding of frameworks like NIST SP 800-53, CMMC, FedRAMP, and ISO 27001.
• Experience implementing Azure Policy and Blueprints for governance and compliance.

Certifications:

• Microsoft Certified: Azure Solutions Architect Expert (required).
• Additional certifications such as Azure Security Engineer Associate, CISSP, or TOGAF are preferred.

Soft Skills:

• Excellent analytical, problem-solving, and decision-making skills.
• Strong communication and collaboration skills, with the ability to present complex solutions to technical and non-technical stakeholders.
• Leadership capabilities to guide teams and influence cloud strategies.

Desired Qualifications: 

• Experience with Mission Landing Zone (MLZ) design and cross-domain solutions (CDS).
• Knowledge of secure B2B and SaaS platform integrations using Azure AD B2B and API Management.
• Experience with multi-cloud or cross-cloud architecture and security.
• Familiarity with advanced DevOps practices, including secure CI/CD pipelines.

1. Cloud Architecture Design

• Design and implement scalable and secure Azure Landing Zones (ALZ), including hub-and-spoke architecture.
• Architect advanced workloads aligned with Secure Cloud Computing Architecture (SCCA) and Mission Landing Zone (MLZ) principles for mission-critical and regulated environments.
• Implement hybrid cloud solutions using ExpressRoute, VPN Gateway, and Azure Virtual WAN for secure on-premises-to-cloud connectivity.

1. Enterprise and B2B Interconnectivity

• Architect and implement B2B interconnectivity solutions using Azure AD B2B, Guest Access, and Conditional Access Policies.
• Design identity federation solutions for seamless collaboration across Azure AD tenants or third-party identity providers.
• Enable secure integrations with external SaaS platforms and APIs using Azure API Management.

1. Regulatory Compliance

• Design solutions that meet compliance requirements for NIST SP 800-53, CMMC, FedRAMP, ISO 27001, and other frameworks.
• Implement Azure Policies, Blueprints, and role-based access control (RBAC) to enforce governance and compliance.
• Provide architecture support for audits and security assessments, ensuring alignment with regulatory standards.

1. Advanced Networking and Security

• Develop secure networking solutions, including Azure Firewall, DDoS Protection, and Network Security Groups (NSGs).
• Design secure identity solutions using Azure AD, Key Vault, and Privileged Identity Management (PIM).
• Integrate threat detection and response systems such as Microsoft Defender for Cloud and Azure Sentinel to enhance the security posture.

1. Automation and Optimization

• Leverage Infrastructure as Code (IaC) tools like Terraform, ARM templates, or Bicep to automate deployments and enforce consistency.
• Automate governance, compliance, and monitoring workflows to ensure efficiency and reduce operational overhead.
• Design cost-optimized solutions by implementing Azure resource tagging, cost-management tools, and utilization monitoring.

1. Collaboration and Leadership

• Collaborate with cross-functional teams, including cybersecurity, DevOps, and operations, to deliver secure and scalable cloud solutions.
• Provide technical leadership for cloud transformation projects and act as a subject matter expert (SME) for Azure architecture.
• Mentor junior architects and engineers, fostering a culture of innovation and continuous improvement.