Job position Senior Azure Cloud Architect
Share this job
The scope includes, but is not limited to:
· Contribute to the evolution of the Azure cloud security architecture vision, principles, and roadmap
· Define and maintain cloud security reference architectures and reusable security patterns
· Ensure security requirements are embedded in Azure landing zones, platform services, and workloads
· Define and enforce cloud security guardrails, standards, and baselines across Azure environments
· Provide security architecture guidance and review for cloud solution designs and platform changes
· Ensure alignment with enterprise security architecture and governance standards
· Define and maintain Azure security policies and control frameworks aligned with industry frameworks
· Support implementation of policy as code using Azure Policy and related governance tooling
· Define and oversee security exception handling and risk acceptance processes
· Design and review identity and access management architectures
· Define privileged access management models and administrative access controls
· Enforce least privilege and zero trust principles across Azure environments
· Define standards for single sign on, multi factor authentication, managed identities, and role based access control
· Define and review secure Azure network architectures including segmentation and isolation models
· Define ingress and egress control patterns and traffic inspection strategies
· Review designs for Azure Firewall, Web Application Firewall, Private Link, DNS security, and DDoS protection
· Define secure hybrid connectivity patterns and network security requirements
· Define encryption standards and key management architecture options
· Define data classification, data protection, and sensitive data handling requirements
· Define data loss prevention controls and security requirements for data storage and processing
· Review backup, recovery, and data sovereignty requirements from a security perspective
· Define secure Azure landing zone architecture patterns and platform security baselines
· Define platform hardening standards and configuration management requirements
· Ensure security logging, monitoring, and auditability requirements are embedded in platform design
· Define secure configuration standards for core Azure platform services
· Define security requirements for Infrastructure as Code and cloud automation approaches
· Review Terraform and CI/CD designs from a security and governance perspective
· Define security testing requirements including dependency scanning, container scanning, and IaC scanning
· Promote shift left security practices across platform and application teams
· Conduct cloud security architecture risk assessments and provide mitigation guidance
· Support internal and external audit and compliance activities
· Map cloud security controls to regulatory and industry frameworks
· Define compensating controls where required
· Support continuous compliance and security posture improvement initiatives
· Collaborate with cloud architecture, platform engineering, security, and operations teams to ensure consistent security implementation
· Produce architectural documentation, security design decisions, and governance artefacts.
Candidate profile
· Strong expertise in Azure cloud architecture, with a focus on cloud security and platform design
· Proven experience designing and securing enterprise Azure environments, including landing zones, identity, networking, management, and governance components.
· Strong knowledge of cloud security architecture principles, including Zero Trust, defense in depth, least privilege, and secure by design approaches.
· Experience defining and implementing cloud security guardrails, policies, standards, and security baselines.
· Strong understanding of Microsoft Entra ID, identity governance, privileged access management, authentication, authorization, and role-based access control models.
· Experience designing secure Azure networking architectures, including segmentation, private connectivity, traffic inspection, and perimeter security controls.
· Strong knowledge of data protection, encryption, key management, secrets management, and data governance principles within Azure.
· Experience with Azure security services and capabilities, including Microsoft Defender for Cloud, Microsoft Sentinel, Azure Policy, Azure Key Vault, Azure Firewall, Web Application Firewall, and related platform security services.
· Experience performing cloud security risk assessments and supporting audit, compliance, and regulatory initiatives.
· Strong understanding of security frameworks and industry standards.
· Experience with Infrastructure as Code concepts and security controls for cloud automation and platform deployment.
· Ability to review and challenge solution designs from a security architecture perspective and provide pragmatic recommendations.
· Strong analytical, communication, stakeholder management, and documentation skills.
· Ability to work effectively with cloud architecture, platform engineering, security, network, and operations teams.
Level of Education
Minimum of 3 years of demonstrated experience in defining cloud security standards, guardrails, and architecture patterns for large scale enterprise environments.
Professional Certifications and trainings· Azure Certifications:o Microsoft Certified: Azure Fundamentals (required)
o Microsoft Certified: Azure Solutions Architect Expert (required)
o Azure Security Engineer Associate (required)
o Azure Network Engineer Associate (nice to have)
Working environment
Apply to this job!
Find your next career move from +800 jobs!
-
Manage your visibility
Salary, remote work... Define all the criteria that are important to you.
-
Get discovered
Recruiters come directly to look for their future hires in our CV library.
-
Join a community
Connect with like-minded tech and IT professionals on a daily basis through our forum.
Senior Azure Cloud Architect
Groupe Aptenia