We’re looking for an experienced
Azure Cloud Architect to lead our cloud architecture as part of our IT Team partnering
closely with Security, Transformation, Risk, and Data teams to deliver
compliant, high‑quality solutions. You will join a hands‑on
IT team and work continuously with our Cloud Service Provider (CSP). Our
environment is SaaS‑heavy, including our core banking platform (Avaloq), so one of
your most critical responsibilities will be to lead technical impact
assessments whenever SaaS changes affect our Azure cloud.
Responsibilities
- Own the Azure Landing Zone: Design and evolve our landing zone
- Security & Compliance by design: Embed controls (Conditional Access, Privileged Access, Key Vault, Defender, Sentinel) and ensure regulatory compliance (Swiss banking, ISO 27001)
- Lead SaaS Impact Assessments: Evaluate technical, security, and architectural impacts of SaaS changes (including Avaloq) on Azure networking, identity, integrations, and governance
- Network & connectivity architecture: Architect hub‑spoke, VNets, virtualWAN, private endpoints, hybrid connectivity (ExpressRoute/VPN), firewalls/WAF, and segmentation aligned with zero‑trust principles
- Identity & access management: Manage Entra ID integration, RBAC, PIM, and app/service principal lifecycles
- Observability & resilience: Implement logging, metrics, tracing (Log Analytics, Application Insights), backup/DR, and cost optimisation (FinOps)
- Governance & documentation: Maintain architectural blueprints, standards, and reference architecture
- Maintenance of Azure Kubernetes Clusters
- Hands‑on support when needed: Step into operational tasks, troubleshoot escalations, and assist with helpdesk activities during critical incidents
- Mentor & influence across teams: Coach team members, collaborate with transformation, risk & security, and steer vendors/CSPs to deliver robust outcomes