Cloud Architect

Cloud Architects make the structural decisions that all other cloud work builds on. While developers choose which cloud service to use for a specific feature and administrators keep today's infrastructure running, the Cloud Architect determines what the overall architecture should look like: which platforms the organization uses, how they're connected, what governance framework controls their use, and how the architecture evolves to support the business over the next three to five years.

The work has two distinct modes. Strategy mode involves analyzing the organization's current cloud posture, understanding where the business is headed, and defining the architectural evolution that bridges the two. This includes platform selection decisions — should we standardize on a single cloud provider or deliberately operate across two? — governance design decisions — how should accounts be structured, what tagging standards should be mandatory, how should cost be allocated? — and security architecture decisions that affect how every workload in the organization handles identity, network access, and data protection.

Advisory mode involves the ongoing work of reviewing and influencing what other teams are building. Cloud Architects conduct architecture reviews for major workloads, provide guidance to Solutions Architects working on specific projects, and serve as the escalation point for technical decisions that affect the enterprise platform. This requires both deep technical expertise — knowing enough to identify architectural risks that aren't obvious — and communication skill — explaining those risks in terms that engineers, operations teams, and business leaders can all act on.

The governance dimension grows with organizational scale. Large organizations have hundreds of development teams, thousands of cloud accounts, and millions of monthly cloud spend — without architectural governance that establishes clear standards and controls, entropy accumulates in the form of redundant services, inconsistent security controls, and cost patterns that nobody can explain. The Cloud Architect defines the guardrails and then monitors whether they're actually working.

Cloud Architects also function as the organizational interface to cloud providers. They engage with AWS, Azure, or GCP technical account teams, participate in executive briefings on roadmap and strategy, and represent the organization's architectural requirements in vendor conversations. This relationship becomes substantive at the spending levels most large organizations reach.

Education:

• Bachelor's or master's degree in computer science, information systems, or engineering
• Graduate degrees are more common at the Cloud Architect level than below it, particularly at large enterprises with formal architecture governance

Experience:

• 10–15 years of IT experience with at least 5–7 years in cloud roles
• Track record of enterprise-level architectural decisions with documented outcomes
• Experience in multiple cloud roles — developer, administrator, solutions architect — that provides breadth of perspective

Certifications:

• AWS Certified Solutions Architect – Professional (expected)
• AWS Certified Advanced Networking – Specialty or AWS Certified Security – Specialty
• Azure Solutions Architect Expert (AZ-305) for Microsoft environments
• TOGAF Foundation and Practitioner for enterprise architecture governance
• Multiple cloud certifications (AWS + Azure, or AWS + GCP) for multi-cloud environments

Architectural knowledge:

• Enterprise networking: SD-WAN, Direct Connect/ExpressRoute, BGP, DNS architecture, CDN strategy
• Multi-cloud identity: federation patterns, Entra ID, AWS SSO, cross-cloud governance
• Security architecture: zero-trust principles, data loss prevention, CASB, CSPM tools
• Cloud governance platforms: AWS Control Tower, Azure Landing Zones, GCP Resource Manager — design and implementation
• Compliance frameworks: SOC 2, FedRAMP, HIPAA, PCI DSS, ISO 27001 — cloud control mapping

Business and communication skills:

• Building investment cases for cloud programs: TCO analysis, migration cost estimation, risk quantification
• Executive communication: presenting architectural recommendations to CTO, CISO, and board level
• Vendor management: enterprise cloud agreements, EDP/MACC negotiations, architecture advisory relationships
• Cross-organizational influence: driving standards adoption across teams without direct authority

Cloud architecture is one of the most compensated technical specializations in enterprise IT, and demand continues to grow as cloud adoption deepens and organizations find that the infrastructure decisions made during initial migrations need to be revisited, standardized, or replaced. The organizations that moved fastest to cloud often did so without adequate architectural governance, and they're now investing in Cloud Architects to fix what accumulated.

The regulatory environment is adding new architectural complexity. Data sovereignty requirements, financial services resilience regulations (DORA in Europe, FFIEC in the US), and healthcare data protection rules all impose constraints that need to be designed into cloud architecture at the platform level rather than addressed ad hoc by individual workload teams. Cloud Architects who understand compliance frameworks and can translate them into technical controls are in persistent demand at regulated organizations.

AI infrastructure is opening a new architectural domain. Organizations building AI-powered products or using AI in operations need architectural guidance on where to run AI workloads, how to manage the cost and latency characteristics of AI services, how to maintain governance over AI data access, and how to design for the failure modes of AI-augmented systems. This represents new work that most Cloud Architects are learning alongside the organizations that need the guidance.

Multi-cloud is becoming the standard enterprise posture rather than the exception, which increases the complexity of the Cloud Architect role and the corresponding compensation premium. Architects who can design and govern environments that span multiple providers, maintain consistent security controls across platforms, and avoid unnecessary platform lock-in are more valuable than single-platform specialists.

Career ceilings are high. Distinguished Cloud Architect and Enterprise Architecture Fellow roles exist at the largest organizations. VP of Cloud Engineering, CTO, and Chief Architect titles are natural progressions for architects who develop leadership scope alongside technical depth. Many experienced Cloud Architects also build successful consulting practices, leveraging accumulated experience in architectural patterns and organizational transformation into advisory engagements that command premium billing rates.

Dear Hiring Manager,

I'm applying for the Cloud Architect position at [Company]. I hold AWS Certified Solutions Architect – Professional and AWS Certified Security – Specialty certifications and have spent the last six years in cloud architecture roles, the past three as the enterprise cloud architect at [Company] — a $3.4 billion healthcare services company with 85 AWS accounts across three business units.

The program I'm most often asked to describe is the enterprise landing zone migration we completed 18 months ago. When I joined, each business unit had provisioned AWS accounts independently, with inconsistent security baselines, no centralized logging, and cost allocation that finance couldn't reconcile across divisions. I designed and implemented an AWS Organizations structure with Control Tower, defined the OU architecture by environment and data classification tier, wrote the SCPs that enforce security controls across all accounts, and built the account vending pipeline that provisions new accounts with compliant baselines in under 20 minutes. The migration took 14 months and covered all 85 accounts without service interruption.

On the security architecture side, I own the cloud security framework for the organization and represent architecture in HIPAA compliance reviews. I've mapped our AWS control set to the HIPAA Security Rule, worked with the compliance team on technical attestation for three BAA renewals, and led the architectural response to a CSPM tool finding that identified 12 S3 buckets with unintended public access — all remediated within 48 hours.

I'm looking for a role at an organization with larger scale and more complex multi-cloud architecture requirements. The combination of AWS and Azure governance work in your job description aligns with exactly where I want to develop next. I'd welcome a technical conversation about the architecture challenges you're working on.

[Your Name]