Senior Cloud Solutions Architect

Quantam Solutions provides IT solutions and consulting for various clients. We offer competitive hourly wages, health benefits, paid time off, and a 401(k) plan. We are currently seeking a Senior Cloud Architect/Engineer. Candidates will be able to work either hybrid or fully remote. Candidates that can work hybrid are preferred. Job Description: Design, build, and govern a cloud landing zone and enterprise architecture for systems & IT services supporting our client’s Child Support Program on a major cloud provider (AWS or Azure) so it is secure, resilient, observable, and ready for migration and cutover. Duties & Responsibilities: Perform technical planning, architecture development, and specification updates for the cloud environment; deliver reference architectures that pass security review. Define and implement the landing zone with Infrastructure-as-Code: AWS: VPC/subnets, PrivateLink, ALB/NLB/WAF, KMS/Secrets Manager, RDS/Aurora/SQL Server patterns, backup/DR. Azure: VNets/subnets, Private Endpoint, Application Gateway/Firewall, Key Vault, Azure SQL patterns, backup/DR. Design observability (App Insights/Log Analytics or CloudWatch/CloudTrail/OpenSearch) and baseline SLOs with alert runbooks. Integrate enterprise identity (Entra ID or AWS IAM/IAM Identity Center) and secrets management (Key Vault or KMS/Secrets Manager). Partner with the Database Architect on data connectivity, encryption, and performance; support cutover and rollback readiness. Deliverables: Cloud reference architecture and landing zone with IaC templates (Bicep/Terraform or CloudFormation/Terraform). Identity and security integration blueprint. Disaster recovery plan and test results; operational runbooks. Cloud readiness findings and modernization work plans. Required Skill Sets: Over eight years of experience with enterprise cloud architecture/engineering (AWS or Azure), with at least one re-platform or migration delivered. Hands-on with: Networking: VNets/VPCs, subnets, Private Endpoint/PrivateLink, routing, perimeter controls (AppGW/Firewall or ALB/NLB/WAF). Identity/secrets: Entra ID or AWS IAM/Identity Center; Key Vault or KMS/Secrets Manager. Data tier: Azure SQL or AWS RDS/Aurora/SQL Server; encryption and DR patterns. IaC: Bicep/Terraform or CloudFormation/Terraform. Produced reference architectures that supported security sign-off and go-live. Preferred Qualifications: State/federal modernization AWS Solutions Architect Professional. And/or Azure Solutions Architect Expert Tools & Platforms: Azure Portal/CLI or AWS Console/CLI; Bicep/Terraform or CloudFormation/Terraform; Entra ID or IAM/Identity Center; App Insights/Log Analytics or CloudWatch/CloudTrail; Key Vault or KMS; GitHub/Azure DevOps. Performance Measures: Successful landing zone reviews and security signoffs. Documented RPO/RTO and DR test pass rate. Deployment reliability and baseline performance targets met. Submission & Screening: Present an anonymized landing zone you designed and explain identity, security, and DR choices. Provide IaC samples (non-trivial) and walk through them. #ind Job Types: Full-time, Contract Pay: $67.00 - $72.00 per hour Expected hours: 40 per week Benefits: 401(k) Dental insurance Health insurance Health savings account Life insurance Paid time off Referral program Vision insurance Application Question(s): How many years of experience do you have designing or engineering enterprise cloud architectures using AWS or Azure? Have you designed and implemented a cloud landing zone that successfully passed security review and supported production go-live? Education: Bachelor's (Required) Work Location: Hybrid remote in Frankfort, KY 40601