Enterprise Architect – Cloud, DevSecOps

Lead the design, governance, and evolution of the enterprise-wide technology landscape with emphasis on hybrid cloud, DevSecOps, and AI enablement. The role shapes target architecture, standards, and roadmaps; embeds security-by-design into the SDLC; and ensures scalable, reliable, and compliant platforms that accelerate product delivery and digital transformation.

Define and maintain enterprise architecture strategy, principles, standards, and roadmaps aligned to business outcomes.

Architect hybrid-cloud and hyperconverged solutions; drive modernization to cloud-native, microservices, containers, and serverless where appropriate.

Establish and mature DevSecOps operating model including CI/CD, IaC, release management, and platform engineering.

Stand-up and lead Cloud Engineering and SRE capabilities; set SLOs/SLIs/Error Budgets and incident/Problem Management practices.

Embed security-by-design across SDLC (threat modeling, secure coding, secrets management) and integrate SAST/SCA/DAST/IAST/RASP into pipelines.

Define landing zones, network/security architecture (segmentation, zero trust), identity (RBAC/PIM), and data protection (DLP, encryption, key management).

Champion Infrastructure as Code (e.g., Terraform, Bicep, CloudFormation) and configuration management (e.g., Ansible, DSC) with policy-as-code (OPA/Azure Policy).

Design and govern Kubernetes platforms and container orchestration; enforce multi-tenancy, admission controls, supply-chain security, and runtime protections.

Architect AI/ML platform capabilities (feature stores, model registries, MLOps) and safe AI usage patterns; enable data/analytics platforms supporting AI use cases.

Define monitoring/observability (logging, metrics, tracing), AIOps practices, and automated alerting for availability, performance, and security.

Lead Architecture Review Board (ARB), solution reviews, and technology selection; maintain reusable reference architectures and patterns.

Drive compliance to standards and frameworks (e.g., ISO 27001, NIST 800-53); manage risks, exceptions, and remediation plans.

Collaborate with Product, Security, Data, and Engineering leaders to prioritize backlogs and align roadmaps; provide coaching and mentorship.

Develop business cases and total cost of ownership (TCO); optimize cloud cost via FinOps practices and capacity planning.

Own vendor/partner engagement for cloud, DevOps, and security tooling; evaluate, pilot, and industrialize emerging technologies.

Create and maintain documentation: target state diagrams, data flows, runbooks, standards, and playbooks.

Promote a culture of continuous improvement, automation-first mindset, and knowledge sharing across teams.

Educational Requirements / Qualifications:

-Bachelor’s degree in Information Technology, Computer Science, Engineering, or related field; MBA is a plus.

-TOGAF (mandatory); relevant security certification preferred (e.g., CISSP or equivalent).

-Cloud & DevOps certifications desired: e.g., Azure/AWS/GCP Architect; Microsoft Azure Security Engineer; Azure AI Fundamentals; ITIL v4 Foundation (advantage).

Experience:

10+ years in enterprise/solution architecture or related roles with demonstrated leadership across complex portfolios.

Proven experience with hybrid cloud and hyperconverged environments; strong hands-on exposure to Azure/AWS/GCP.

Demonstrable experience establishing DevSecOps strategy and operating models across CI/CD, automation, and deployments.

Significant security consulting/architecture experience (governance, risk, compliance, secure SDLC, cloud security).

Track record leading or mentoring Cloud Engineering, SRE, and DevOps teams; delivering resilient, scalable platforms.

-

Exposure to AI/ML platforms and integration patterns; experience supporting data/analytics initiatives.

Skills and Competencies:

-Architecture: reference architectures, roadmaps, application/data/infrastructure security, integration, and API-led designs.

-Cloud & Platform: Kubernetes, container orchestration, service mesh, ingress, policy and admission control, image scanning.

-Automation: Infrastructure as Code (Terraform/Bicep/CloudFormation), configuration management (Ansible/DSC), Policy-as-Code.

-DevSecOps Tooling: SAST, SCA, DAST, IAST, RASP; CI/CD platforms (Azure DevOps, GitHub, Jenkins); artifact and supply chain security.

Security & Compliance: threat modeling, identity & access management, key management, data protection; frameworks ISO 27001, NIST 800-53.

Observability & Resilience: logging/metrics/tracing, chaos engineering, capacity planning, cost/FinOps optimization.

Soft Skills: stakeholder management, communication, influencing, coaching, and change leadership.

Architecture: reference architectures, roadmaps, application/data/infrastructure security, integration, and API-led designs.