Principal Cloud Architect
Location
United States
Posted
4 days ago
Salary
0
Seniority
Lead
Job Description
Principal Cloud Architect
66degrees
• Build a trusted advisory relationship with strategic accounts and engage with CIO/CTO/VP IT and Business leaders • Design Global Scale Systems: Lead the end-to-end architectural design of multi-region, highly available cloud ecosystems that support millions of concurrent users and petabyte-scale data processing. • Standardize Infrastructure as Code (IaC): Establish and enforce enterprise-wide standards for IaC and config management to ensure consistent, repeatable, and audited deployments across all environments. • Architect complex connectivity and workload portability strategies using Anthos, Private Service Connect, and Cloud Interconnects to bridge legacy on-premises systems with modern cloud services. • Operationalize Generative AI: Design production-grade RAG (Retrieval-Augmented Generation) architectures, ensuring LLMs are secure, reliably operate within capacity constraints and quotas, monitor and control token costs, and implement Enterprise security grade guardrails. • Scale the implementation of automated machine learning pipelines—from ingestion to model serving—using Vertex AI (or self-hosted oss models) to reduce the time-to-market for predictive insights. • Design and lead the implementation of comprehensive security frameworks including BeyondCorp, VPC Service Controls, and advanced Identity Management (IAM) to protect sensitive workloads against sophisticated threats. • Architect technical controls that automate compliance for global standards (e.g., SOC2, HIPAA, GDPR), ensuring the platform is "secure by design" and audit-ready at all times. • Serve as the final technical escalation point for critical production issues, performing deep-root cause analysis on global-scale outages or performance bottlenecks. • Direct the cost-optimization strategy by designing high-efficiency architectures that balance performance requirements with long-term cloud spend sustainability. • Act as a force multiplier by mentoring other architects and engineering teams, fostering a culture of technical excellence and continuous learning. • Act as a technical subject matter expert, particularly regarding the Google Cloud ecosystem for business users, providing clear and concise explanations of complex concepts. • Identify customer priorities, technical objections, and design strategies encompassing the Google ecosystem to deliver business growth and resolve blockers. • Lead requirements gathering and project scoping. • Solution design, problem-solving, and architecture diagramming. • Provide domain expertise around public cloud and enterprise technology, and effectively promote Google Cloud with clients, at conferences, and online. • Provide technical expertise to the team on continuous integration/continuous delivery, infrastructure, monitoring, alerting, and security. • Provide recommendations on integration strategies, enterprise architectures, platforms, and application infrastructure needed to implement a complete solution for clients. • Assist in delivering technical solutions to meet customer functional needs and improve service reliability, including CI/CD pipelines and infrastructure builds/migrations. • Provide Engineer-to-Engineer and Architect-to-Engineer support, including whiteboard sessions and informal Q&A. • Travel to customer sites, conferences, and other related events as required.
Job Requirements
- 5+ years of GCP experience is a must. Experience in other clouds is beneficial.
- Proven experience in building, architecting, designing, and implementing globally distributed cloud-based systems, with a strong understanding of API-first design principles and API management platforms.
- Extensive experience with security (zero trust) and networking in cloud environments
- Capable of advising and implementing CI/CD practices to clients using tools such as GitHub, GitLab, Cloud Build, and Cloud Deploy and concepts such as GitOps and GitFlow.
- Experience in containerizing workloads using Kubernetes, Docker, Helm, and Artifact Registry.
- Knowledge of technology solutions and ability to learn emerging technologies, methodologies, and solutions in the Cloud/IT technology space.
- Excellent organizational skills and customer-facing communication.
- Proficiency in documentation and knowledge transfer using remote meetings, written documents, and technical diagrams slide decks.
- Experience in implementing hybrid connectivity using VPN or Cloud Interconnect is a plus.
- GCP Credentials: Professional Cloud Architect Certification plus any other Professional Cert (Data Engineer preferred) or L400 Generative AI skill badge. Additional certifications Kubernetes (CKA, CKS), or Terraform strongly recommended
- A Bachelor's degree in Electronics Engineering, Data Science, Information Technology, Business Intelligence, Computer Science, or a related field.
Benefits
- 66degrees is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to actual or perceived race, color, religion, sex, gender, gender identity, national origin, age, weight, height, marital status, sexual orientation, veteran status, disability status or other legally protected class.
- Ability to work cross-functionally, engage and influence audiences.
Related Guides
Related Categories
Related Job Pages
More Cloud Engineer Jobs
• Cloud Landing Zone Design and Implementation: Design, build, and maintain secure cloud landing zones across AWS and Azure environments. Implement account and subscription structures that separate workload zones, including commercial workloads, government workloads, Corporate IT, security services, and restricted CUI/ITAR environments. Build baseline controls for new cloud accounts and subscriptions, including owner tagging, logging, security baselines, routing, encryption, key policies, break-glass review, and monitoring requirements. Support landing-zone acceptance criteria so new cloud environments are provisioned with required guardrails before workloads are deployed. • Identity, Access, and Privilege Controls: Implement federated access patterns using SAML/OIDC, IAM Identity Center, Azure Entra ID, or comparable identity platforms. Support least-privilege access, role lifecycle management, JIT/PIM/PAM workflows, service account controls, and removal of shared accounts. Help automate credential rotation, secrets management, service account governance, and break-glass monitoring. Partner with the Security team to ensure privileged cloud activity is authenticated, authorized, logged, reviewed, and tied to approved workflows. • Cloud Security Guardrails and Policy-as-Code: Implement preventative and detective cloud guardrails using tools such as AWS Organizations, SCPs, AWS Config, Azure Policy, Defender for Cloud, Wiz, Terraform, CloudFormation, Bicep, or similar platforms. Codify baseline configurations for logging, encryption, network controls, public exposure prevention, security-group rules, storage policies, KMS/key vault use, and workload tagging. Monitor and remediate drift from approved cloud security baselines. Support detection and automated response for public admin exposure, cloud policy drift, unapproved data movement, stale credentials, and overly permissive IAM roles. • Cloud Network and Private Access Integration: Partner with the Network team to implement secure cloud network patterns, including hub-and-spoke networking, transit gateways, vWAN, private endpoints, centralized DNS, private admin paths, and controlled egress. Ensure cloud workloads are not exposed through unnecessary public interfaces. Support routing and connectivity decisions for radar telemetry and other cloud workload environments. Implement cloud-side controls for SASE/ZTNA access, private application access, firewall inspection, flow logging, and route governance. • Telemetry, SIEM, and SOC Enablement: Integrate cloud logs and security signals into centralized SIEM/SOC workflows. Onboard and maintain telemetry sources such as CloudTrail, AWS Config, VPC Flow Logs, Azure Activity Logs, NSG Flow Logs, Entra ID logs, KMS/Key Vault events, storage access logs, CSPM findings, vulnerability findings, and workload security events. Partner with the Security team to build detection use cases for exposed cloud services, privileged access anomalies, credential hygiene drift, data boundary violations, and cloud configuration drift. Support retention tiers, immutable logging, audit trails, alert evidence, and compliance reporting requirements.
• Design, deploy, and maintain GovCloud-based cloud infrastructures across AWS and Azure, ensuring high availability, scalability, and security. • Architect and implement secure cloud environments, including networking, virtualization, and containerization solutions. • Develop and manage Infrastructure-as-Code (IaC) solutions using tools such as Terraform, AWS CloudFormation, or ARM templates. • Support hybrid and multi-cloud architectures, including VPC peering, cross-domain solutions, and secure cloud integrations. • Implement and manage Identity and Access Management (IAM) and role-based access control (RBAC) policies. • Configure and optimize cloud networking components, including VPCs, subnets, VPNs, and security groups. • Lead or support Authority to Operate (ATO) processes, including: Preparing System Security Plans (SSP) Developing Security Assessment Reports (SAR) Managing Plans of Action & Milestones (POA&M). • Ensure compliance with DoD Risk Management Framework (RMF), NIST 800-53 Rev. 5, FedRAMP, and DoD IL-4/IL-5 requirements. • Perform continuous monitoring and compliance assessments for cloud environments. • Collaborate with cybersecurity teams to implement Zero Trust Architecture (ZTA) and enforce security controls. • Optimize cloud environments for compute, storage, and networking efficiency while maintaining security and compliance.
Cloud Migration Expert (AWS)
NEORISNEORIS is a Digital Accelerator that helps companies step into the future.
Role Description Nos encontramos en la búsqueda de un Experto en Migración Cloud (AWS) para liderar iniciativas de migración de infraestructura y aplicaciones hacia AWS en proyectos de alto impacto, trabajando en modalidad remota. - Definir y ejecutar la estrategia de migración a AWS (rehost, replatform y evolución). - Liderar la planificación por oleadas (waves) y la priorización del portafolio de aplicaciones. - Diseñar y validar arquitecturas cloud seguras, escalables y resilientes. - Coordinar equipos multidisciplinarios de infraestructura, arquitectura, seguridad, desarrollo y negocio. - Asegurar la adopción de prácticas de gobernanza, seguridad y FinOps. - Gestionar riesgos, dependencias y planes de mitigación durante el proceso de migración. - Medir y reportar métricas clave de avance, costos, desempeño y estabilidad. - Promover la transferencia de conocimiento y adopción del modelo operativo cloud. Qualifications - Experiencia comprobada liderando migraciones a AWS en entornos empresariales. - Dominio de servicios AWS como EC2, VPC, RDS, S3, IAM y CloudWatch. - Conocimientos sólidos en arquitectura cloud, redes, seguridad y automatización (IaC). - Experiencia en entornos regulados y de alta criticidad. - Conocimiento de sistemas operativos Windows, Linux, WebLogic e IIS. - Experiencia con metodologías ágiles y gestión de proyectos tecnológicos. Benefits - Salario competitivo - Medicina prepagada - Seguro de vida - NEORIS Days (días libres) - Bonificación por cumplimiento anual - Bono vacacional - Plataformas de capacitación y entrenamiento. - Auxilio de conectividad - Actividades o eventos de bienestar
• Provide support for a mission critical application maintained in Azure • Collaborate with Azure pier architects and engineers on the program to maintain Microsoft Azure Solutions. • Develop and implement automation solutions to support operations, provisioning, and cost control of assets/environments/products. • Collaborate with other project teams to share lessons learned and best practices • Attend and participate in all agile ceremonies and activities, including daily scrums • Write automation code (IaC) and developing CI/CD pipelines
