Lead Azure Migration Architect

To serve as the central technical authority for the Azure subscription migration program. This individual will architect the migration strategy, orchestrate the automated cutover of application workloads, coordinate multiple engineering teams, and take end-to-end ownership of the technical execution, ensuring a secure and efficient transition to the new landing zone.

• Hub-and-Spoke Architecture: Deep, practical knowledge of designing, implementing, and migrating between hub environments.
• VNet Peering & Transit: Expertise in managing Global VNet Peering and the complexities of re-peering spokes to a new hub.
• Routing & Traffic Control: Mastery of User-Defined Routes (UDRs) for controlling traffic flow during phased migrations.
• Network Security: Proficient in Azure Firewall, NSGs, and ASGs.
• Connectivity & DNS: Solid understanding of ExpressRoute, VPN Gateways, and Azure Private DNS Zones.

• Azure Policy: A profound understanding of policy inheritance through Management Groups and the ability to analyze and remediate the impact of reparenting subscriptions.
• Management Groups & RBAC: Expertise in designing MG structures and managing RBAC inheritance during subscription moves.
• Microsoft Entra ID: Strong foundation in identity management, service principals, and managed identities.

• High Proficiency: Demonstrable, hands-on experience with Terraform or Bicep.
• Scripting: Advanced skills in PowerShell or Azure CLI for automation and validation.

• CI/CD Pipeline Expertise: Deep understanding of Azure DevOps Pipelines or GitHub Actions. Proven ability to design and implement robust pipelines for automating deployment, testing, and validation steps during the cutover process.
• Holistic Dependency Analysis: Meticulous ability to map and understand complex application dependencies across different service models:
• IaaS: Virtual machine connectivity, storage dependencies, and dependencies on shared infrastructure services.
• PaaS: VNet integration for App Services, Private Endpoints for Azure SQL/Storage, and dependencies on services like Key Vault, Service Bus, or Event Hubs.
• SaaS: Connectivity patterns to external services (e.g., Microsoft 365, Salesforce APIs) and how they are affected by changes in network egress points.
• Application-Aware Migration: Experience using tools like Azure Migrate Application and Code Assessment to analyze workloads, identify decoupling points, and plan for refactoring or re-platforming applications into the new landing zone.
• Containerization Concepts: Familiarity with Azure Kubernetes Service (AKS) and Azure Container Apps (ACA) as potential targets for decoupled application components.

• Wave Planning & Execution: Proven ability to break down a large-scale migration into logical, manageable waves.
• Technical Mentorship: Can effectively guide and unblock engineers performing both infrastructure and application cutover tasks.
• Cross-functional Collaboration: Acts as the critical bridge between central platform/networking teams and individual application development/DevOps teams.
• Runbook Development: Capable of creating highly detailed runbooks that cover both infrastructure and application-level steps.
• Stakeholder Communication: Can clearly communicate complex technical risks, statuses, and plans to project managers and other stakeholders.

• Meticulous & Detail-Oriented: A natural tendency to scrutinize every detail, from firewall rules and application connection strings to pipeline variables.
• High Accountability: Takes complete ownership of the technical success of each migration wave, including the successful cutover of the applications within them.
• Systematic Problem-Solver: Approaches complex challenges with a calm, logical methodology.
• Proactive Risk Management: Constantly thinking ahead to identify potential failure points at both the infrastructure and application layers.

• Experience: 7+ years in IT, with at least 5 years in a senior Azure-focused role that blends platform engineering and DevOps practices.
• Proven Track Record: Demonstrable experience leading large-scale Azure migration projects that involved significant automation and application-level changes.
• Recommended Certifications:
• AZ-305: Designing Microsoft Azure Infrastructure Solutions (Architect Expert)
• AZ-700: Designing and Implementing Azure Networking Solutions (Networking Specialty)
• AZ-400: Designing and Implementing Microsoft DevOps Solutions (DevOps Expert)