Job Specifications
Key Responsibilities
1. Cloud & Infrastructure Architecture
Design and implement target-state Azure architecture aligned with enterprise cloud governance standards.
Define Azure landing zones, subscription strategy, management groups, RBAC, and identity integration.
Architect hybrid connectivity between on-prem environments and Azure using ExpressRoute, VPN, and secure routing models.
Design network segmentation, micro-segmentation, and Zero Trust architecture patterns.
Ensure high availability, resiliency, disaster recovery, and business continuity strategies.
2. Migration Strategy & Execution
Lead infrastructure discovery and dependency mapping for on-prem workloads.
Develop phased migration strategies (rehost, replatform, refactor).
Define cutover planning, rollback strategies, and coexistence models.
Partner with application teams to ensure migration readiness and performance optimization.
Drive data center exit planning and decommissioning strategy.
3. Networking & Security Architecture
Design Azure VNet architecture including hub-and-spoke topology.
Architect firewall strategy and traffic inspection models.
Implement and integrate:
Azure Firewall / Network Virtual Appliances (NVA)
Azure Load Balancer / Application Gateway
Azure Front Door (if applicable)
Hybrid DNS resolution strategy
Implement NSGs, ASGs, UDRs, and conditional access models.
Ensure compliance with enterprise security and regulatory standards (HIPAA, SOC2, etc., if applicable).
4. Infrastructure & Platform Modernization
Design Infrastructure-as-Code frameworks using Terraform, ARM, or Bicep.
Enable provisioning automation and configuration management.
Architect monitoring and observability solutions using Azure Monitor, Log Analytics, and Sentinel.
Define backup, patching, and lifecycle management strategies.
Support containerization, AKS, and platform service integrations where applicable.
5. Governance & Operational Model
Define cloud governance, tagging strategy, cost management, and FinOps alignment.
Collaborate with operations teams to transition to a cloud operating model.
Document architecture standards, runbooks, and reference architectures.
Serve as a trusted technical advisor to leadership and stakeholders.
Required Qualifications
10+ years of enterprise infrastructure and network architecture experience.
5+ years of hands-on Azure architecture experience.
Proven experience leading large-scale data center to Azure migrations.
Strong expertise in:
Hybrid networking (ExpressRoute, VPN, BGP routing)
Enterprise firewall architectures
Azure landing zones
Identity integration (Azure AD / Entra ID, hybrid AD)
DNS, IPAM, routing, and load balancing
Deep understanding of Zero Trust and infrastructure security principles.
Experience working in environments managed by third-party providers (e.g., Kyndryl/IBM or similar).
Preferred Certifications
Microsoft Certified: Azure Solutions Architect Expert
Microsoft Certified: Azure Network Engineer Associate
Azure Security Engineer Associate
TOGAF (nice to have)
About the Company
Galent is an AI-native digital engineering firm at the forefront of the AI revolution, dedicated to delivering unified, enterprise-ready AI solutions that transform businesses and industries. Our mission is to empower organizations to thrive in an ever-evolving digital landscape through cutting-edge AI-native services, consulting, and digital engineering.
As enterprises face the complexities of integrating advanced technologies, Galent provides scalable, AI-enabled solutions that optimize processes, enhance productivity, an...
Know more