IT Infrastructure Architect

About the Role

You own and drive the target-state infrastructure architecture across hybrid environments (on-prem and cloud). You act as a design authority for critical decisions, define standards and roadmaps, and ensure platforms are secure, scalable, resilient, and cost-effective. You work closely with Infrastructure, Network, Security, and Operations to translate business priorities into architecture strategies, reference designs, and delivery-ready plans. Implementation is delivered by technical teams; you define target state, patterns, and governance and support delivery.

Key Responsibilities

• Define and evolve the hybrid target architecture and maintain a multi-year architecture roadmap
• Lead architecture reviews, set principles/standards/reference architectures, and manage ADRs (including exceptions and trade-offs)
• Design end-to-end infrastructure solutions across compute/virtualization, storage/backup, network, identity, security, and observability
• Define non-functional requirements (availability, performance, scalability, DR, RTO/RPO, auditability)
• Define DR and backup/restore validation approaches and support DR readiness testing (runbooks, exercises, evidence)
• Embed security controls (IAM, encryption, segmentation/connectivity, centralized logging/monitoring, SIEM integration) and support audit readiness for ISO 27001, NIS-2, GDPR
• Define IaC standards and reusable patterns; set clear delivery standards (reviews, quality checks, operational readiness) to keep configurations consistent over time
• Drive automation initiatives that improve lead time, reliability, and maintainability
• Improve reliability through standardization, lifecycle management, and proactive capacity planning; mentor engineers/architects and drive cross-team alignment
• Lead PoCs/assessments and support vendor evaluation, sourcing decisions, and licensing considerations

Required Skills & Experience

• Experience: Typically 8+ years in infrastructure, including 35+ years in architecture/design authority roles; proven track record delivering enterprise-scale modernization
• Networking: routing, firewalls, VPN, DNS, load balancing, SD-WAN, SASE
• Compute/Virtualization: VMware; Windows & Linux
• Storage & Backup: SAN/NAS, object storage, backup/restore strategies, restore validation
• Identity/IAM: AD, Microsoft Entra ID, SSO, MFA, RBAC
• Monitoring & Logging: observability tooling, SIEM integration, telemetry requirements
• Cloud/Hybrid: Strong hybrid architecture experience with at least one of Azure/AWS/GCP (landing zone concepts, governance/guardrails, identity integration, connectivity patterns, security baselines)
• Automation: IaC/automation experience such as Terraform (preferred); scripting with PowerShell or Python; Ansible familiarity is a plus
• Communication: Strong documentation skills (target architecture/roadmaps, reference patterns, HLD/LLD, ADRs, diagrams, runbooks) and stakeholder management to drive alignment on architecture decisions

Nice to Have

• Kubernetes/container platforms (AKS/EKS/OpenShift), service mesh, ingress patterns.
• Zero Trust architecture and secure connectivity patterns
• Micro-segmentation experience (concepts/patterns/solutions; typically with Network/Security teams)
• Experience supporting regulated environments (ISO 27001, NIS-2, GDPR) and audit activities
• Certifications: TOGAF, Azure/AWS Solutions Architect, CCNP, VMware VCAP, NSE4

What Success Looks Like (First 12 Months)

• Target architecture + roadmap adopted; standards used consistently
• Faster, safer delivery via repeatable patterns and automation (less drift)
• Improved reliability and validated DR readiness
• Cost/capacity improvements via standardization and lifecycle hygiene
• Improved audit readiness through clear evidence and remediation follow-through