Multi-Cloud Architect

Position Overview

Samtek Inc is seeking a seasoned Multi-Cloud Architect to lead the strategy, design, and governance of hybrid and multi-cloud environments supporting the Centers for Medicare & Medicaid Services (CMS). You will architect secure, compliant, and cost-optimized solutions across Azure Government (GCC High), AWS GovCloud, and Google Cloud Platform (Anthos for Government), while driving cloud-native modernization for mission-critical healthcare systems. This role combines deep technical expertise with federal compliance leadership in a fast-paced, high-impact environment.

Key Responsibilities

Multi-Cloud Strategy & Governance

• Develop and maintain enterprise-wide multi-cloud reference architectures, landing zones, and policy-as-code
  frameworks using Azure Enterprise-Scale, AWS Control Tower, and GCP Organization Policy Service. •
• Establish cross-cloud governance models including tagging standards, cost allocation, security baselines, and compliance automation. •
• Lead Cloud Center of Excellence (CCoE) initiatives and present architectures to CMS Architecture Review Board (ARB) and Technical Review Board (TRB).

Secure Cloud Design & Implementation

• Design Zero-Trust network topologies using Azure Private Link, AWS PrivateLink, Transit Gateway, and GCP VPC Service Controls.
• Implement identity federation across clouds with Azure Entra ID (formerly AAD), AWS IAM Identity Center, and Google Cloud Identity.
• Architect disaster recovery and high-availability solutions leveraging Azure Site Recovery, AWS Global Accelerator, and GCP multi-region buckets.

Migration & Modernization Leadership

• Drive large-scale migrations (rehost, refactor, re-architect) of legacy CMS systems using Azure Migrate, AWS Migration Hub, and GCP Migrate for Compute Engine.
• Containerize workloads with Azure AKS, Amazon EKS, and Google GKE; orchestrate with Anthos Service Mesh across clouds.
• Modernize data platforms using Azure Synapse, AWS Redshift, and BigQuery with unified FHIR/HL7 pipelines.

Automation & DevSecOps

• Build infrastructure-as-code pipelines with Terraform Enterprise, Bicep, AWS CDK, and Pulumi across all three clouds.
• Integrate security scanning (Prisma Cloud, Azure Defender, AWS GuardDuty) into CI/CD workflows.
• Automate compliance evidence collection for FedRAMP High, CMS ARS, and NIST 800-53 using tools like Sentinel,Config, and Security Command Center.

Collaboration & Documentation

• Partner with cybersecurity, DevOps, and application teams to translate requirements into scalable multi-cloud designs.
• Author System Security Plans (SSP), Architecture Diagrams, and ATO packages.
• Mentor engineers and deliver brown-bag sessions on multi-cloud best practices.

Required Skills & Experience

• 8+ years of cloud architecture experience with at least 3 years designing multi-cloud/hybrid
  solutions.
• Hands-on expertise in Azure Government (GCC High), AWS
  GovCloud, and GCP for Government
• Proven track record delivering FedRAMP High or CMS ARS-compliant architectures.
• Mastery of IaC: Terraform (Enterprise), Bicep, AWS CDK, CloudFormation.
• Deep knowledge of enterprise identity (Entra ID, AWS SSO, Google Cloud Identity) and networking across clouds.
• Experience leading migrations of >500 workloads or >10TB data volumes.
• Strong scripting: Python, PowerShell, Bash, Go.
• U.S. citizenship and ability to obtain/maintain CMS Public Trust.

Preferred Qualifications

• Active certifications: Azure Solutions Architect Expert (AZ-305), AWS Solutions Architect Professional, Google Professional Cloud Architect.
• Additional certs: CISSP, CCSP, CISM, AWS Security Specialty, Azure Security Engineer (AZ-500).
• Prior CMS SPARC, ESIM, or EPMO task order experience.
• Expertise with Anthos, Azure Arc, or AWS Outposts for hybrid control plane.
• Experience with healthcare data standards (FHIR, HL7, DICOM) and Azure Health Data Services.
• Published whitepapers or conference talks on multi-cloud governance.