Job Specifications
Position: Sr. Azure Architect
Location: Boston, MA (Hybrid)
Duration: Multi Year Renewable Contract
Hours: 37.5 Hours per week
Overview:
Client is seeking an experienced Senior Cloud Architect to design and implement a secure, scalable, and well-governed Azure Government Community Cloud (GCC) environment for our organization. This is a recently established environment with sparse workloads, and you will play a critical role in establishing the core architecture, governance, and automation that will support future application deployments[RM1.1][MD1.2]. You will be required to work with developers, cybersecurity engineers, and other OSA IT staff to review the environment and implement best practices.
OSA serves as the chief accountability entity for the Massachusetts state government and its residents. OSA conducts audits of state entities and contractors to assess their performance and recommend improvements to enhance the effectiveness of government operations. In addition to ensuring that tax dollars are spent wisely, audits, reports, and investigations have also improved the performance of state governments. OSA has offices in Boston, Marlborough, Chicopee, and Brockton.
Key Responsibilities
You will lead the review of the existing environment and workloads, and design and implement best practices within the environment, focusing on:
Governance & Organization
Define management group hierarchy, subscription strategy, and resource organization.
Establish naming conventions and tagging standards for resources by aligning with work already done by others within the IT organization.
Implement Azure Policy for compliance and governance.
Identity & Access
Review and identify gaps in the existing RBAC and Privileged Identity Management (PIM) configurations to ensure least-privileged access.
Implement Managed Identities for applications and automation.
Networking
Design Virtual Network (VNet) architecture with IP planning for future growth.
Configure subnets, Network Security Groups (NSGs), and Private Endpoints.
Define best practices for networking based on various workloads running within Azure.
Security & Compliance
Review the existing setup of Defender for Cloud and configure security baselines if required.
Set up standard policies for Azure Key Vault for secrets and certificates for use among various services.
Ensure encryption at rest and in transit across all existing services and new services being created within Azure.
Cost Management
Implement Cost Management Budgets and tagging for cost allocation.
Advise on Reserved Instances or Savings Plans for predictable workloads.
Design forecasting and alerting capabilities for budgets on the tenant level and per application level.
Monitoring & Observability
Deploy Log Analytics Workspace, Azure Monitor, and Application Insights.
Define alerting rules, dashboards, and operational monitoring strategy.
Create and document standards for logging and monitoring to be followed by all applications deployed within the Azure environment.
Deployment & Automation
Implement baseline Landing Zone(s) as Infrastructure-as-Code (IaC) using Bicep or Terraform templates.
Set up CI/CD pipelines with GitHub Actions.
Define environment best practices and strategy [RM2.1][MD2.2](Dev/Test/Prod separation) and related networking, security, and observability standards.
Application Architecture Standardization
Advise on compute options (App Service, AKS, VMs) for future workloads.
Design standards for scalability, resilience, and disaster recovery.
Review the architecture of an AI-enabled full-stack application and a Lakehouse architecture to determine the correct security, networking, governance, and observability policies.
Documentation & Knowledge Transfer
Document architecture, policies, and operational runbooks.
Conduct knowledge transfer sessions for OSA IT staff.
Required Skills & Experience[WCC3.1][MD3.2]
10 years in IT architecture, with 5 years in cloud architecture (Azure preferred).
Strong experience with Azure Landing Zones and Cloud Adoption Framework.
Expertise in Azure networking, identity, security, and governance.
Expertise in working with business stakeholders to gather requirements regarding Disaster Recovery and Business Continuity, and implementing the relevant technical controls and policies within Azure.
Hands-on experience with IaC tools (Terraform or Bicep).
Familiarity with CI/CD pipelines and DevOps practices.
Expertise in engagement with business users to align business objectives with technical considerations within Azure.
Excellent communication [WCC4.1][MD4.2]and documentation skills.
Preferred Qualifications
Microsoft Certified: Azure Solutions Architect Expert.
Experience in Azure environments that are in the early cloud adoption stage.
Knowledge of cost optimization strategies in Azure.
About the Company
Founded in 2002, TalentBurst is an MBE and JCC certified firm that provides award winning solutions globally.
Services:
Banking, Financial Services, & Tech Staffing
Health & LifeScience Staffing
SLED (State, Local Gov, Education, Utility) Staffing
High Hazard & Global Payroll (EOR)
1099/IC Validation & Compliance (AOR)
Awards:
2004-2025 Newsweek Best Company for Diversity
2024-2025 USA Today Top Workplaces Best Place To Work
2024-2025 Newsweek America's Greatest Workplaces for Women
2024 Monster Top Workplaces for Remote ...
Know more