The Role
The Lead Cloud Architect designs, engineers, and optimizes Azure cloud environments, focuses on Site Reliability Engineering practices and oversees cloud infrastructure improvements with a cross-functional team.
Summary Generated by Built In
The work we do has an impact on millions of lives, and you can be a part of it.
We help protect our customers against life’s uncertainties. Regardless of where you work within the company, you’ll be helping provide protection and peace of mind when our customers need it most.
Join our cloud infrastructure team, the driving force behind our organization's cloud transformation. We architect, standardize, and engineer resilient Azure environments that fuel enterprise-wide innovation, ensuring scalability, security, and reliability as the "Secure Sandbox" for all cloud activities. Building on our established Azure presence and Infrastructure-as-Code (IaC) practices, we partner with Networking, Security, Enterprise Architecture, Operations, and various domain teams (e.g., Data & AI) to create "Paved Roads" for seamless cloud consumption and advanced platforms like Azure Kubernetes Service (AKS). As a peer among technical experts, you'll collaborate on collective decisions and innovations that mature our cloud ecosystem.
We're looking for a Lead Cloud Architect to evolve our Azure cloud platform in partnership with a team of peer engineers. In this hands-on individual contributor role, you'll leverage your expertise to strengthen resilient infrastructure, refine IaC and CI/CD artifacts, and elevate SRE practices—building on our solid foundation for even greater reliability. Reporting to the Senior Director of Cloud Infrastructure, you'll contribute to platform strategy through shared insights, joint problem-solving, and targeted improvements that advance our cloud maturity. Ideal for a seasoned Azure specialist excited by cloud-native SRE at scale; your work will emphasize enhancements and new solutions atop what we've already established, not starting from zero. Collaborating with Enterprise Architecture and Application Development teams, you'll support the design, implementation, and refinement of Azure and O365 services, delivering innovative IaC, orchestration, and automation while prioritizing top-tier Information Security.
Responsibilities
- Architect the Cloud Foundation: Partner with peers to refine Azure Landing Zone architectures, weaving in Networking, Security, and Enterprise Architecture needs into our secure platform. Evolve the "Secure Sandbox" for better multi-tenant isolation, compliance, and growth, including networking, monitoring, and automation. Offer senior architecture guidance for onboarding new cloud workloads.
- Build "Paved Roads" for Cloud Enablement: Collaborate to enhance reusable IaC modules (Bicep, ARM, Terraform) and CI/CD templates (Azure DevOps, GitHub Actions). Empower app and domain teams with refined governance, security, and cost controls. Orchestrate automated builds for O365 and cloud platforms company-wide, upholding standards via Azure Policy.
- Drive Site Reliability Engineering (SRE) Practices: Team with Operations to define SLOs/SLIs, using tools like Azure Monitor and Application Insights for advanced self-healing, remediation, and strategies (e.g., blue/green, canary). Support production with issue troubleshooting, 24/7 on-call rotation, and resolution of critical cloud incidents.
- Standardize Advanced Platforms: Optimize AKS and related services with peers, focusing on provisioning, scaling, observability, and security in hybrid/multi-cloud setups, including containers and Blob Storage. Shape the design, roadmap, and support for Azure and O365 applications.
- Foster Platform Resilience and Scalability: Engage in reviews, tuning, chaos engineering, incident response, and post-mortems to mitigate risks and boost metrics. Integrate security via Azure Defender, Sentinel, and Key Vault into DevOps. Lead disaster recovery planning and multi-site/multi-vendor operations. Apply proactive problem-solving to preempt issues and inform strategic decisions.
- Contribute to Team Excellence: Exchange knowledge via code reviews, troubleshooting, and sessions to mature practices. Join Agile sprints, standups, blameless post-mortems, and tech radars. Grasp development basics to build/update code for cloud maturity (e.g., Terraform, JSON, Git, Docker, Kubernetes, Ansible).
- Advance DevOps and Automation: Champion CI/CD and release strategies organization-wide. Research and deploy streamlined automations; craft PowerShell/VM scripts for ops support. Integrate monitoring/config services, self-developing as needed. Engage seniors and stakeholders to promote cloud best practices.
- Innovate with Identity and Emerging Tech: Apply on-prem/cloud IAM expertise for Entra ID, Federation, and Azure B2C. Explore services like Azure Arc or Confidential Computing for PoCs; analyze trends in reporting and forensics for regulated compliance.
Qualifications
- Required
- Experience: 8+ years in cloud engineering (5+ in Azure architecture/SRE); hands-on in production-scale environments, high-availability, and root-cause analysis. Background in Cloud Development and Architecture; experience managing projects of varying scale.
- Technical Expertise:
- Proficient in Azure essentials: Landing Zones, AKS, VMs, Container Instances, Blob Storage, VNet, Entra ID, Policy/Blueprints. Design/manage IaaS/PaaS/SaaS (Load Balancers, App Gateways, DNS, Front Door, Storage, Monitor, Security Center, Log Analytics).
- IaC/CI/CD mastery (Bicep/ARM/Terraform, Azure DevOps/GitHub Actions, PowerShell/CLI); 2+ years in automation for CI/CD.
- SRE core: SLOs/SLIs, error budgets, observability (Azure Monitor/Prometheus/Grafana), automation (Logic Apps/Functions).
- Security: Defender, Sentinel, Key Vault; IAM depth (Entra ID, AD, Azure AD DS/Connect/B2C, MFA). Enterprise account/security models; Azure Policy implementation; Key Vault/encryption.
- 2+ years O365 and Azure AD B2C; 2+ years Kubernetes/Docker/Containers; 3+ years Azure (Functions, API Mgmt, Blobs, VMs, SQL, Event Grid), Microservices, .NET Core, PowerApps.
- Large-scale distributed systems, OSes, secure configs; deep Azure/cloud knowledge.
- Skills: Complex system problem-solving; container/microservices; requirements-to-architecture translation.
- Soft Skills: Collaborative communicator for partnerships/influence; agile/blameless culture; change/incident management. Mentor juniors; plan/manage technical implementations.
- Preferred
- Certifications: AZ-305, AZ-500, AZ-400, CKAD/CKA; AZ-300 A plus. Industry certs encouraged.
- Advanced Azure: Arc, AI/ML (e.g., ML on AKS), databases (Cosmos/SQL). Compute/Storage/Networking automation (Azure Automation/CLI/PowerShell).
- Chaos tools (Gremlin/Litmus), GitOps (Flux/ArgoCD), Ansible; regulated envs (HIPAA/GDPR/SOX).
- Open-source/internal tooling contributions.
- Bachelor's in CS/Engineering (or equivalent) strongly preferred
Employee Benefits:
We aim to protect the wellbeing of our employees and their families with a broad benefits offering. In addition to offering comprehensive health, dental and vision insurance, we support emotional wellbeing through mental health benefits and an employee assistance program. Work/life balance is important and Protective offers a variety of paid time away benefits (e.g., paid time off, paid parental leave, short-term disability, and a cultural observance day). The financial health of our employees is just as important as physical and emotional health. Some of the financial wellbeing benefits include contributions to healthcare accounts, a pension plan, and a 401(k) plan with Company matching. All employees are encouraged to protect their overall wellbeing by engaging in ProHealth Rewards, Protective’s platform to improve wellbeing while earning cash rewards.
Eligibility for certain benefits may vary by position in accordance with the terms of the Company’s benefit plans.
Accommodations for Applicants with a Disability:
If you require an accommodation to complete the application and recruitment process due to a disability, please email [email protected]. This information will be held in confidence and used only to determine an appropriate accommodation for the application and recruitment process.
Please note that the above email is solely for individuals with disabilities requesting an accommodation. General employment questions should not be sent through this process.
We are proud to be an equal opportunity employer committed to being inclusive and attracting, retaining, and growing an inclusive workforce.
Top Skills
Arm
Azure
Azure Active Directory
Azure Devops
Azure Kubernetes Service
Azure Monitor
Bicep
Github Actions
Grafana
Iac
Logic Apps
Powershell
Prometheus
Terraform
Am I A Good Fit?
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.
Success! Refresh the page to see how your skills align with this role.
The Company
What We Do
Protective Life Corporation (Protective) provides financial services through the production, distribution and administration of insurance and investment products throughout the United States. Protective traces its roots to its flagship company founded in 1907, Protective Life Insurance Company. Throughout its more than 110-year history, Protective’s growth and success can be largely attributed to its ongoing commitment to serving people and doing the right thing — for its employees, distributors and, most importantly, its customers. Protective’s home office is located in Birmingham, Alabama, and its 3,000+ employees work across the United States. As of June 30, 2020, Protective had assets of approximately $123 billion. Protective Life Corporation is a wholly owned subsidiary of Dai-ichi Life Holdings,
