Jobs via Dice
Lead Technical Enterprise Architect - Secure Cloud
Jobs via Dice, Fort Worth, Texas, United States, 76102
Lead Technical Enterprise Architect – Secure Cloud
Location: Fort Worth, TX | Salary: $150,000 - $170,000 | 1 day ago
Job Description The Lead Technical Enterprise Architect provides overarching technical and architectural leadership across Microsoft GCC-High, Azure Government, and related secure cloud environments. This role translates client mission and compliance requirements into secure, scalable, and maintainable enterprise cloud architectures that align with CMMC Level 2, NIST SP 800-171, and DoD Cloud Computing SRG requirements. It serves as the primary liaison between the client and internal delivery team, ensuring all design and implementation adhere to compliance standards, best practices, and client objectives. The role leads a multidisciplinary team responsible for secure landing zones, Entra ID, Intune, Azure Virtual Desktop, Windows 365, Defender for Cloud, and other Microsoft 365 GCC-High services.
Job Responsibilities As a Lead Technical Enterprise Architect, you will be responsible for the following:
Architecture Leadership & Design
Develop and maintain the enterprise architecture roadmap for Azure Government and GCC-High environments.
Lead the design of secure Azure Landing Zones, including hub‑and‑spoke networking, ExpressRoute integration, and hybrid connectivity to on‑premises systems.
Ensure architectural compliance with DoD SRG, NIST SP 800-171, and CMMC Level 2.
Direct solutioning for identity, endpoint management, monitoring, and security including Entra ID P2, Intune, Defender for Cloud, Sentinel, and Azure Monitor.
Incorporate redundancy, performance optimization, and cost efficiency into all designs.
Client Liaison & Requirements Translation
Serve as the primary technical point of contact for the client and lead all architecture‑related discussions and reviews.
Translate client requirements into actionable designs, work packages, and technical tasks.
Communicate architectural risks, constraints, and trade‑offs clearly to both technical and business stakeholders.
Maintain full traceability from client requirements through technical implementation.
Team Oversight & Delivery Execution
Lead a cross‑functional team of cloud engineers, system administrators, network specialists, and security analysts.
Define priorities, assign tasks, and oversee all engineering deliverables to ensure alignment with the architecture plan.
Review technical documentation, diagrams, and SOPs for accuracy and completeness.
Conduct peer reviews, enforce configuration standards, and provide technical mentorship.
Collaborate with the project manager or Scrum Master to track progress, resolve blockers, and ensure on‑schedule delivery.
Compliance, Governance & Risk Management
Enforce compliance with CMMC Level 2, NIST SP 800-171, and FedRAMP High controls.
Define and oversee governance policies for access control, configuration baselines, and data protection.
Review and approve technical changes following established change‑management procedures.
Partner with the ISSM and compliance team to maintain audit readiness and continuous compliance.
Continuous Improvement & Innovation
Identify opportunities to enhance security posture, automation, and cost optimization.
Evaluate new Microsoft capabilities (e.g., Windows 365 GCC‑High, Copilot for M365, Purview).
Recommend modernization strategies that align with client missions and evolving compliance requirements.
Required Qualifications
U.S. Citizenship is required.
Eligible for DoD Secret clearance or higher.
Bachelor’s degree in computer science, Information Systems, or related field.
10+ years of progressive IT experience, including at least 5 years in enterprise or cloud architecture.
3+ years of experience working within Azure Government and Microsoft 365 GCC‑High environments.
Proven success leading cross‑functional technical teams and serving as a client‑facing technical lead.
Technical Expertise
Azure Landing Zone architectures (Hub‑and‑Spoke, SCCA, IL4/IL5).
Entra ID P2, Conditional Access, PIM, MFA, and RBAC design.
Intune endpoint management and device compliance.
AVD, FSLogix, and Windows 365 Government implementations.
Defender for Cloud, Defender for Endpoint, Sentinel, and Purview.
Azure networking (VNETs, NSGs, VPN Gateway, ExpressRoute, Private Link).
Infrastructure‑as‑Code using ARM, Bicep, or Terraform.
Certifications (Preferred)
Microsoft Certified: Azure Solutions Architect Expert.
Microsoft Certified: Cybersecurity Architect Expert or Enterprise Administrator Expert.
CISSP, CISM, or CCSP.
ITIL v4 Foundation.
Desired Qualifications
Prior work supporting Federal, DoD, or Defense Industrial Base (DIB) programs.
Familiarity with DevSecOps pipelines, CI/CD automation, and IaC best practices.
Strong understanding of cost optimization and FinOps principles in Azure Government.
Demonstrated experience in client‑facing leadership and enterprise governance boards.
Compensation and Benefits Base salary range: $150,000 – $170,000.
Eligible for variable compensation, bonus, or commission.
Full‑time regular employee benefits include paid time off, medical/dental/vision insurance, 401(k), and other benefits to eligible employees.
Note: Compensation levels are determined by various factors and may be adjusted at the company’s discretion.
Disclaimer All qualified applicants will be considered for employment based on their skills, and merit.
Please be aware that Capgemini may capture your image (video or screenshot) during the interview process and that image may be used for verification, including during the hiring and onboarding process.
Applicants for employment in the US must have valid work authorization that does not now and/or will not in the future require sponsorship of a visa for employment authorization in the US by Capgemini.
Capgemini discloses salary range information in compliance with state and local pay transparency obligations. The disclosed range represents the lowest to highest salary we, in good faith, believe we would pay for this role at the time of this posting, although we may ultimately pay more or less than the disclosed range, and the range may be modified in the future.
Equal Opportunity Employer Capgemini is an Equal Opportunity Employer. The employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the notice from the Department of Labor.
Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities.
#J-18808-Ljbffr
Job Description The Lead Technical Enterprise Architect provides overarching technical and architectural leadership across Microsoft GCC-High, Azure Government, and related secure cloud environments. This role translates client mission and compliance requirements into secure, scalable, and maintainable enterprise cloud architectures that align with CMMC Level 2, NIST SP 800-171, and DoD Cloud Computing SRG requirements. It serves as the primary liaison between the client and internal delivery team, ensuring all design and implementation adhere to compliance standards, best practices, and client objectives. The role leads a multidisciplinary team responsible for secure landing zones, Entra ID, Intune, Azure Virtual Desktop, Windows 365, Defender for Cloud, and other Microsoft 365 GCC-High services.
Job Responsibilities As a Lead Technical Enterprise Architect, you will be responsible for the following:
Architecture Leadership & Design
Develop and maintain the enterprise architecture roadmap for Azure Government and GCC-High environments.
Lead the design of secure Azure Landing Zones, including hub‑and‑spoke networking, ExpressRoute integration, and hybrid connectivity to on‑premises systems.
Ensure architectural compliance with DoD SRG, NIST SP 800-171, and CMMC Level 2.
Direct solutioning for identity, endpoint management, monitoring, and security including Entra ID P2, Intune, Defender for Cloud, Sentinel, and Azure Monitor.
Incorporate redundancy, performance optimization, and cost efficiency into all designs.
Client Liaison & Requirements Translation
Serve as the primary technical point of contact for the client and lead all architecture‑related discussions and reviews.
Translate client requirements into actionable designs, work packages, and technical tasks.
Communicate architectural risks, constraints, and trade‑offs clearly to both technical and business stakeholders.
Maintain full traceability from client requirements through technical implementation.
Team Oversight & Delivery Execution
Lead a cross‑functional team of cloud engineers, system administrators, network specialists, and security analysts.
Define priorities, assign tasks, and oversee all engineering deliverables to ensure alignment with the architecture plan.
Review technical documentation, diagrams, and SOPs for accuracy and completeness.
Conduct peer reviews, enforce configuration standards, and provide technical mentorship.
Collaborate with the project manager or Scrum Master to track progress, resolve blockers, and ensure on‑schedule delivery.
Compliance, Governance & Risk Management
Enforce compliance with CMMC Level 2, NIST SP 800-171, and FedRAMP High controls.
Define and oversee governance policies for access control, configuration baselines, and data protection.
Review and approve technical changes following established change‑management procedures.
Partner with the ISSM and compliance team to maintain audit readiness and continuous compliance.
Continuous Improvement & Innovation
Identify opportunities to enhance security posture, automation, and cost optimization.
Evaluate new Microsoft capabilities (e.g., Windows 365 GCC‑High, Copilot for M365, Purview).
Recommend modernization strategies that align with client missions and evolving compliance requirements.
Required Qualifications
U.S. Citizenship is required.
Eligible for DoD Secret clearance or higher.
Bachelor’s degree in computer science, Information Systems, or related field.
10+ years of progressive IT experience, including at least 5 years in enterprise or cloud architecture.
3+ years of experience working within Azure Government and Microsoft 365 GCC‑High environments.
Proven success leading cross‑functional technical teams and serving as a client‑facing technical lead.
Technical Expertise
Azure Landing Zone architectures (Hub‑and‑Spoke, SCCA, IL4/IL5).
Entra ID P2, Conditional Access, PIM, MFA, and RBAC design.
Intune endpoint management and device compliance.
AVD, FSLogix, and Windows 365 Government implementations.
Defender for Cloud, Defender for Endpoint, Sentinel, and Purview.
Azure networking (VNETs, NSGs, VPN Gateway, ExpressRoute, Private Link).
Infrastructure‑as‑Code using ARM, Bicep, or Terraform.
Certifications (Preferred)
Microsoft Certified: Azure Solutions Architect Expert.
Microsoft Certified: Cybersecurity Architect Expert or Enterprise Administrator Expert.
CISSP, CISM, or CCSP.
ITIL v4 Foundation.
Desired Qualifications
Prior work supporting Federal, DoD, or Defense Industrial Base (DIB) programs.
Familiarity with DevSecOps pipelines, CI/CD automation, and IaC best practices.
Strong understanding of cost optimization and FinOps principles in Azure Government.
Demonstrated experience in client‑facing leadership and enterprise governance boards.
Compensation and Benefits Base salary range: $150,000 – $170,000.
Eligible for variable compensation, bonus, or commission.
Full‑time regular employee benefits include paid time off, medical/dental/vision insurance, 401(k), and other benefits to eligible employees.
Note: Compensation levels are determined by various factors and may be adjusted at the company’s discretion.
Disclaimer All qualified applicants will be considered for employment based on their skills, and merit.
Please be aware that Capgemini may capture your image (video or screenshot) during the interview process and that image may be used for verification, including during the hiring and onboarding process.
Applicants for employment in the US must have valid work authorization that does not now and/or will not in the future require sponsorship of a visa for employment authorization in the US by Capgemini.
Capgemini discloses salary range information in compliance with state and local pay transparency obligations. The disclosed range represents the lowest to highest salary we, in good faith, believe we would pay for this role at the time of this posting, although we may ultimately pay more or less than the disclosed range, and the range may be modified in the future.
Equal Opportunity Employer Capgemini is an Equal Opportunity Employer. The employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the notice from the Department of Labor.
Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities.
#J-18808-Ljbffr