Capital Health is the region's leader in providing progressive, quality patient care with significant investments in our exceptional physicians, nurses and staff, as well as advanced technology. Capital Health is a five-time Magnet-Recognized health system for nursing excellence and is comprised of 2 hospitals. Capital Health Medical Group is made up of more than 250 physicians and other providers who offer primary and specialty care, as well as hospital-based services, to patients throughout the region.

Capital Health recognizes that attracting the best talent is key to our strategy and success as an organization. As a result, we aim for flexibility in structuring competitive compensation offers to ensure we can attract the best candidates.

The listed pay range or pay rate reflects compensation for a full-time equivalent (1.0 FTE) position. Actual compensation may differ depending on assigned hours and position status (e.g., part-time).

Pay Range:

Scheduled Weekly Hours:

Position Overview

SUMMARY 

The IT Cloud and Security Architect is a senior technical leader responsible for setting the strategic direction and architectural design of secure, scalable, and resilient cloud infrastructure primarily in Microsoft Azure. This role defines and governs enterprise cloud architecture across infrastructure domains such as networking, identity, hybrid connectivity, and security, ensuring alignment with organizational, technical, and compliance goals. 

As the primary architect for Capital Health’s cloud transformation, this position sets reference standards, leads architecture reviews, and drives the adoption of cloud-native services, Zero Trust models, and infrastructure automation. The role balances strategic vision with technical depth and cross-functional collaboration across multiple cloud and hybrid platforms, including Azure, AWS, and SaaS ecosystems. 

MINIMUM REQUIREMENTS 

Education 

Required: Bachelor’s degree in Computer Science, Engineering, or related field; or equivalent work experience 

Preferred: Master’s degree or advanced certifications in cloud architecture, infrastructure, or cybersecurity 

Experience 

10+ years of progressive IT experience, with: 

5+ years in cloud infrastructure architecture, primarily in Azure 

Demonstrated success in designing hybrid and multi-cloud architectures 

Experience developing infrastructure governance and automation strategies 

Proven track record operating in compliance-heavy sectors (e.g., healthcare, finance) 

KNOWLEDGE AND SKILLS 

Deep expertise in Azure infrastructure: VNets, subnets, Application Gateway, Azure Firewall, Load Balancers, NSGs, Route Tables, Azure DNS 

Advanced knowledge of hybrid networking: VPN Gateway, ExpressRoute, SD-WAN 

Strong background in identity and access architecture: Azure AD / Microsoft Entra ID, RBAC, conditional access, federation 

Proficient in infrastructure-as-code and automation tools: Terraform, Bicep, ARM templates, GitHub Actions, Azure DevOps 

Familiarity with cloud-native security tools: Microsoft Defender for Cloud, Azure Key Vault, Policies, Sentinel 

Solid understanding of Zero Trust architecture, segmentation, and governance enforcement 

Working knowledge of compliance frameworks (HIPAA, NIST, PCI-DSS, CIS Benchmarks) 

PREFERRED CERTIFICATIONS 

Microsoft Certified: Azure Solutions Architect Expert 

Microsoft Certified: Cybersecurity Architect Expert 

Microsoft Certified: Azure Network Engineer Associate 

Microsoft Certified: Identity and Access Administrator Associate 

AWS Certified Solutions Architect 

AWS Certified Security 

Google Professional Cloud Architect 

ESSENTIAL FUNCTIONS 

Define and maintain enterprise reference architectures for Azure and hybrid environments 

Lead cloud architecture design reviews to ensure security, scalability, and compliance 

Architect secure, highly available cloud and hybrid networks using ExpressRoute, VPN, and private endpoints 

Govern the use of cloud services through tagging, policies, resource locks, and security baselines 

Drive the adoption of Zero Trust principles in identity, networking, and infrastructure design 

Collaborate with DevOps teams to define reusable infrastructure-as-code modules and patterns 

Guide the selection and integration of security tools for logging, threat detection, and monitoring 

Provide architectural oversight for cloud compliance and regulatory initiatives 

Mentor engineering and operations teams in cloud best practices 

ADDITIONAL RESPONSIBILITIES 

Influence and contribute to the cloud roadmap, platform strategy, and capability maturity 

Support internal/external audit processes and risk assessments 

Stay abreast of evolving cloud services, architectural patterns, and security trends 

Lead technical evaluations of new tools and emerging technologies 

AREAS OF RESPONSIBILITY 

Azure and hybrid cloud infrastructure strategy 

Enterprise network, compute, identity, and storage architecture 

Cloud-native security, Zero Trust, and compliance enforcement 

Infrastructure-as-code governance and automation enablement 

Cloud platform performance, availability, and cost optimization 

KEY METRICS FOR SUCCESS 

Adoption of well-architected, standardized Azure services 

Reduction in misconfigurations and configuration drift via automation 

Improved cloud risk posture and audit outcomes 

Effective architectural governance across cloud and hybrid environments 

Successful cross-team collaboration with security, DevOps, and operations 

Delivery of secure, scalable cloud infrastructure aligned with business goals 

This position is eligible for the following benefits:

Medical Plan

Prescription drug coverage & In-House Employee Pharmacy

Dental Plan

Vision Plan

Flexible Spending Account (FSA)

- Healthcare FSA

- Dependent Care FSA

Retirement Savings and Investment Plan

Basic Group Term Life and Accidental Death & Dismemberment (AD&D) Insurance

Supplemental Group Term Life & Accidental Death & Dismemberment Insurance

Disability Benefits – Long Term Disability (LTD)

Disability Benefits – Short Term Disability (STD)

Employee Assistance Program

Commuter Transit

Commuter Parking

Supplemental Life Insurance

- Voluntary Life Spouse

- Voluntary Life Employee

- Voluntary Life Child

Voluntary Legal Services

Voluntary Accident, Critical Illness and Hospital Indemnity Insurance

Voluntary Identity Theft Insurance

Voluntary Pet Insurance

Paid Time-Off Program

The pay range listed is a good faith determination of potential base compensation that may be offered to a successful applicant for this position at the time of this job advertisement and may be modified in the future. When determining base salary and/or rate, several factors may be considered including, but not limited to location, years of relevant experience, education, credentials, negotiated contracts, budget, market data, and internal equity. Bonus and/or incentive eligibility are determined by role and level. 

The salary applies specifically to the position being advertised and does not include potential bonuses, incentive compensation, differential pay or other forms of compensation, compensation allowance, or benefits health or welfare. Actual total compensation may vary based on factors such as experience, skills, qualifications, and other relevant criteria.