Cloud Architect
Mindsprint · Bengaluru, Karnataka, India
Full-time · Staff · Posted 1 month ago
Job Summary
Own the Cloud design, and governance of AWS-first cloud platforms, with strong focus on enterprise networking, hybrid connectivity, disaster recovery, and Infrastructure as Code. Drive secure, scalable, and cost-optimized architectures across multi-account AWS environments with supporting Azure integration.
What is the Role Expected to Do
Cloud Architecture & Landing Zone
Design and manage AWS Landing Zone (multi-account, OUs, account vending, SCPs) using Control Tower or custom frameworks
Define centralized networking and shared services architecture
Establish governance guardrails and baseline standards
Design AWS DR strategies- Pilot Light, Warm Standby, Active-Active
AWS Networking (Core Focus)
Architect and operate: VPC design (CIDR strategy, subnet segmentation, route tables, IGW/NAT, NACLs, SGs),Transit Gateway (TGW) with route propagation and segmentation, Private connectivity: Private Link, VPC Endpoints
Design hybrid connectivity Direct Connect (DX), Site-to-Site VPN (BGP-based)
Define North-south and east-west traffic flows and Ingress/egress patterns and NAT strategies
Design DNS architecture using Route53 (private/public zones, resolver endpoints)
Define Hub-Spoke/hub-mesh topologies and architect multi-region connectivity
Cost Optimization
Drive AWS & Azure cost optimization initiatives, including monitoring usage, implementing tagging standards, managing Savings Plans and Reserved Instances, and providing cost-saving recommendations based on FinOps model.
Cloud Operations & Reliability
Define architecture and best practices for Kubernetes clusters on AWS (EKS) including node groups/node pools, cluster networking, autoscaling, upgrades, monitoring, and troubleshooting.
Define and govern Azure-to-Amazon RDS migration strategies, including workload assessment, target architecture, cutover planning, and post-migration validation.
Execute application and database migrations to AWS and Azure, supporting on-premises and cross-cloud migration initiatives.
Monitor and optimize AWS and Azure environments, manage production incidents, perform RCA, and support SLA-driven operations.
Security & Governance
Implement WAF, NGFW, DDoS protection, micro-segmentation
Define and enforce guardrails (SCPs, policies, CSPM)
Qualifications
10+ years of industry experience on AWS.
Strong expertise in:
AWS Networking (VPC, TGW, DX, PrivateLink, Route53)
Terraform/CloudFormation
Strong fundamentals on Routing (BGP), DNS, VPN, firewall architectures
Certifications:
AWS: Solutions Architect Associate/Professional (preferred)
AWS Certifies DevOps Engineer-Professional(nice-to-have)
HashiCorp Certified: Terraform Associate (nice-to-have)
AZ-104 (nice-to-have)