Capital Health is the region's leader in providing progressive, quality patient care with significant investments in our exceptional physicians, nurses and staff, as well as advanced technology. Capital Health is a dynamic health care resource accredited by the DNV that includes two hospitals, an outpatient center, satellite ED, and an expansive network of primary and specialty care. Capital Health Medical Group is made up of more thanĀ 600 physicians and other providersĀ who offer primary and specialty care, as well as hospital-based services, to patients throughout the region.
Capital Health recognizes that attracting the best talent is key to our strategy and success as an organization.Ā As a result, we aim for flexibility in structuring competitive compensation offers to ensure we can attract the best candidates.
The listed pay range or pay rate reflects compensationĀ for aĀ full-time equivalent (1.0 FTE)Ā position. Actual compensation may differ depending on assigned hours and position status (e.g., part-time).
Pay Range:
$119,392.00 - $156,000.00Scheduled Weekly Hours:
40Position Overview
SUMMARY
The IT Cloud and Security Architect is a senior technical leader responsible for setting the strategic direction and architectural design of secure, scalable, and resilient cloud infrastructureprimarily in Microsoft Azure. This role defines and governs enterprise cloud architecture across infrastructure domains such as networking, identity, hybrid connectivity, and security, ensuring alignment with organizational, technical, and compliance goals.
As the primary architect for Capital Healthās cloud transformation, this position sets reference standards, leads architecture reviews, and drives the adoption of cloud-native services, Zero Trust models, and infrastructure automation. The role balances strategic vision with technical depth and cross-functional collaboration across multiple cloud and hybrid platforms, including Azure, AWS, and SaaS ecosystems.
MINIMUM REQUIREMENTS
Education
Required:Bachelorās degree in Computer Science, Engineering, or related field; or equivalent work experience
Preferred: Masterās degree or advanced certifications in cloud architecture, infrastructure, or cybersecurity
Experience
10+ years of progressive IT experience, with:
5+ years in cloud infrastructure architecture, primarily in Azure
Demonstrated success in designing hybrid and multi-cloud architectures
Experience developing infrastructure governance and automation strategies
Proven track record operating in compliance-heavy sectors (e.g., healthcare, finance)
KNOWLEDGE AND SKILLS
Deep expertise in Azure infrastructure: VNets, subnets, Application Gateway, Azure Firewall, Load Balancers, NSGs, Route Tables, Azure DNS
Advanced knowledge of hybrid networking: VPN Gateway, ExpressRoute, SD-WAN
Strong background in identity and access architecture: Azure AD / Microsoft Entra ID, RBAC, conditional access, federation
Proficient in infrastructure-as-code and automation tools: Terraform, Bicep, ARM templates, GitHub Actions, Azure DevOps
Familiarity with cloud-native security tools: Microsoft Defender for Cloud, Azure Key Vault, Policies, Sentinel
Solid understanding of Zero Trust architecture, segmentation, and governance enforcement
Working knowledge of compliance frameworks (HIPAA, NIST, PCI-DSS, CIS Benchmarks)
PREFERRED CERTIFICATIONS
Microsoft Certified: Azure Solutions Architect Expert
Microsoft Certified: Cybersecurity Architect Expert
Microsoft Certified: Azure Network Engineer Associate
Microsoft Certified: Identity and Access Administrator Associate
AWS Certified Solutions Architect
AWS Certified Security
Google Professional Cloud Architect
ESSENTIAL FUNCTIONS
Define and maintain enterprise reference architectures for Azure and hybrid environments
Lead cloud architecture design reviews to ensure security, scalability, and compliance
Architect secure, highly available cloud and hybrid networks using ExpressRoute, VPN, and private endpoints
Govern the use of cloud services through tagging, policies, resource locks, and security baselines
Drive the adoption of Zero Trust principles in identity, networking, and infrastructure design
Collaborate with DevOps teams to define reusable infrastructure-as-code modules and patterns
Guide the selection and integration of security tools for logging, threat detection, and monitoring
Provide architectural oversight for cloud compliance and regulatory initiatives
Mentor engineering and operations teams in cloud best practices
ADDITIONAL RESPONSIBILITIES
Influence and contribute to the cloud roadmap, platform strategy, and capability maturity
Support internal/external audit processes and risk assessments
Stay abreast of evolving cloud services, architectural patterns, and security trends
Lead technical evaluations of new tools and emerging technologies
AREAS OF RESPONSIBILITY
Azure and hybrid cloud infrastructure strategy
Enterprise network, compute, identity, and storage architecture
Cloud-native security, Zero Trust, and compliance enforcement
Infrastructure-as-code governance and automation enablement
Cloud platform performance, availability, and cost optimization
KEY METRICS FOR SUCCESS
Adoption of well-architected, standardized Azure services
Reduction in misconfigurations and configuration drift via automation
Improved cloud risk posture and audit outcomes
Effective architectural governance across cloud and hybrid environments
capitalhealth