Cloud Architect - Multi Cloud

About Samtek

At Samtek, we're redefining cloud innovation as an engineer-owned and operated, SBA-certified minority-owned small business founded in 2018. Our mission is simple: empower federal agencies and large enterprises with cutting-edge DevSecOps and cloud transformation solutions that drive security, scalability, and speed. From cloud-native application development and platform engineering to robust security implementations, data center migrations, and seamless operations, we deliver modern IT services backed by over 50 years of collective expertise.

We're a diverse, collaborative team that's passionate about pushing the boundaries of technology. Our culture thrives on curiosity, inclusivity, and real impact—whether it's optimizing cloud environments for mission-critical operations or fostering innovation in a supportive, hybrid work setting. Join us to work on high-stakes projects that matter, grow alongside top talent, and be part of a company that's not just building the future of cloud computing, but shaping it.

Samtek: Where engineers lead, and excellence follows.

Samtek Inc is seeking a seasoned Multi-Cloud Architect to lead the strategy, design, and governance of hybrid and multi-cloud environments supporting the Centers for Medicare & Medicaid Services (CMS). You will architect secure, compliant, and cost-optimized solutions across Azure Government (GCC High), AWS GovCloud, and Google Cloud Platform (Anthos for Government), while driving cloud-native modernization for mission-critical healthcare systems. This role combines deep technical expertise with federal compliance leadership in a fast-paced, high-impact environment.

• Develop and maintain enterprise-wide multi-cloud reference architectures, landing zones, and policy-as-code
  frameworks using Azure Enterprise-Scale, AWS Control Tower, and GCP Organization Policy Service. •
• Establish cross-cloud governance models including tagging standards, cost allocation, security baselines, and compliance automation. •
• Lead Cloud Center of Excellence (CCoE) initiatives and present architectures to CMS Architecture Review Board (ARB) and Technical Review Board (TRB).

• Design Zero-Trust network topologies using Azure Private Link, AWS PrivateLink, Transit Gateway, and GCP VPC Service Controls.
• Implement identity federation across clouds with Azure Entra ID (formerly AAD), AWS IAM Identity Center, and Google Cloud Identity.
• Architect disaster recovery and high-availability solutions leveraging Azure Site Recovery, AWS Global Accelerator, and GCP multi-region buckets.

• Drive large-scale migrations (rehost, refactor, re-architect) of legacy CMS systems using Azure Migrate, AWS Migration Hub, and GCP Migrate for Compute Engine.
• Containerize workloads with Azure AKS, Amazon EKS, and Google GKE; orchestrate with Anthos Service Mesh across clouds.
• Modernize data platforms using Azure Synapse, AWS Redshift, and BigQuery with unified FHIR/HL7 pipelines.

• Build infrastructure-as-code pipelines with Terraform Enterprise, Bicep, AWS CDK, and Pulumi across all three clouds.
• Integrate security scanning (Prisma Cloud, Azure Defender, AWS GuardDuty) into CI/CD workflows.
• Automate compliance evidence collection for FedRAMP High, CMS ARS, and NIST 800-53 using tools like Sentinel,Config, and Security Command Center.

• Partner with cybersecurity, DevOps, and application teams to translate requirements into scalable multi-cloud designs.
• Author System Security Plans (SSP), Architecture Diagrams, and ATO packages.
• Mentor engineers and deliver brown-bag sessions on multi-cloud best practices.

• 8+ years of cloud architecture experience with at least 3 years designing multi-cloud/hybrid
  solutions.
• Hands-on expertise in Azure Government (GCC High), AWS
  GovCloud, and GCP for Government
• Proven track record delivering FedRAMP High or CMS ARS-compliant architectures.
• Mastery of IaC: Terraform (Enterprise), Bicep, AWS CDK, CloudFormation.
• Deep knowledge of enterprise identity (Entra ID, AWS SSO, Google Cloud Identity) and networking across clouds.
• Experience leading migrations of >500 workloads or >10TB data volumes.
• Strong scripting: Python, PowerShell, Bash, Go.
• U.S. citizenship and ability to obtain/maintain CMS Public Trust.

• Active certifications: Azure Solutions Architect Expert (AZ-305), AWS Solutions Architect Professional, Google Professional Cloud Architect.
• Additional certs: CISSP, CCSP, CISM, AWS Security Specialty, Azure Security Engineer (AZ-500).
• Prior CMS SPARC, ESIM, or EPMO task order experience.
• Expertise with Anthos, Azure Arc, or AWS Outposts for hybrid control plane.
• Experience with healthcare data standards (FHIR, HL7, DICOM) and Azure Health Data Services.
• Published whitepapers or conference talks on multi-cloud governance.