India

Role Purpose

We are seeking a Senior IT Architecture Expert to define, govern, and continuously optimize the end-to-end IT architecture across datacenter, network, security, servers, virtualization, and cloud.

Our environment consists of one central datacenter in Germany and multiple office locations, connected via secure WAN and VPN architectures, and standardized exclusively on Microsoft Hyper-V for on-premises virtualization.

This role exists to:

• Eliminate fragmented infrastructure and network designs
• Ensure secure, scalable, and resilient connectivity between datacenter and offices
• Prevent technical debt caused by inconsistent or reactive technical decisions

This is not an operational role. The Architecture Expert defines what must be built and why, not how day-to-day administration is performed.

Architecture Ownership Scope

• The Architecture Expert acts as design authority across:
• Datacenter & Infrastructure Architecture
• Network & Connectivity Architecture (Datacenter + Offices)
• Firewall & Security Architecture (Sophos-based)
• Server & Platform Architecture (Windows & Linux)
• Hyper-V Virtualization Architecture (exclusive platform)
• Cloud & Hybrid Architecture
• Identity & Access Architecture

Key Responsibilities:

1. Enterprise Infrastructure & Datacenter Architecture

Define and maintain:

• Target-state infrastructure architecture
• Reference architectures and design principles

Design scalable and resilient datacenter architectures covering:

• Compute
• Storage
• Networking
• High availability and disaster recovery

Ensure infrastructure designs align with:

• Business continuity requirements
• Security and compliance standards

2. Network & Connectivity Architecture (Critical Responsibility)

Own end-to-end network architecture for:

• Central datacenter in Germany
• Multiple branch and office locations

Design and govern:

• LAN and WAN architecture
• Site-to-site VPN connectivity
• Remote access connectivity models

Define and standardize:

• IP addressing strategy
• VLAN and network segmentation
• Redundancy and failover design

Ensure predictable performance, scalability, and availability across all locations

3. Firewall & Security Architecture (Sophos Focus)

Act as architecture authority for Sophos Firewall environments

Design and govern:

• Perimeter and internal firewall architecture
• Network zone and segmentation models
• VPN security standards (site-to-site and remote access)

Define standards for:

• Firewall rule structure and lifecycle
• Secure inter-site traffic flows

Work closely with IT Security teams to ensure:

• Secure-by-design network architecture
• Consistent security policy enforcement

4. Server, Virtualization & Platform Architecture

Define and govern Hyper-V–based virtualization architecture as the exclusive on-premises virtualization platform

Establish approved architecture standards for:

• Hyper-V host and cluster design
• Windows Failover Clustering
• Storage Spaces Direct (where applicable)
• Virtual machine sizing and placement models

Define:

• Capacity and scalability guardrails
• High-availability and resiliency patterns

Review and approve:

• Hyper-V cluster designs
• Major platform architecture changes

This role does not perform day-to-day server or Hyper-V administration

Work in close collaboration with the Senior Server, Linux & Datacenter Expert, who owns implementation and optimization

5. Cloud & Hybrid Architecture

Design hybrid architectures integrating:

• On-premises datacenter
• Cloud platforms (Microsoft Azure)

Define:

• Secure hybrid network connectivity
• Workload placement strategy
• Identity and access integration

Ensure cloud adoption aligns with:

• Network architecture
• Security architecture
• Cost and operational efficiency

6. Identity, Security & Compliance Architecture

Define architecture for:

• Active Directory
• Microsoft Entra ID (Azure AD)

Ensure identity, network, and security architectures are fully aligned

Partner with IT Security teams to implement:

• Zero Trust principles
• Least-privilege access models

Ensure architectural compliance with regulatory and audit requirements

7. Architecture Governance & Standards

Act as final design authority for:

• Infrastructure architecture
• Network and firewall design
• Hyper-V platform architecture

Review and approve:

• New office network designs
• Major infrastructure and connectivity changes

Enforce architecture standards and prevent design drift

8. Documentation & Architecture Visibility

Create and maintain:

• Datacenter and network topology diagrams
• Firewall and connectivity architecture documentation
• Approved reference architectures

Ensure documentation is:

• Accurate
• Maintained
• Actively used by operational teams

Required Languages

12+ years in enterprise IT roles

5+ years in senior infrastructure or solution architecture roles

Proven experience designing:

• Enterprise datacenters
• Multi-site network architectures
• Hyper-V-based virtualization platforms

Strong background in network-centric infrastructure environments

Mandatory Technical Expertise

Network & Security

• Enterprise LAN and WAN architecture
• Firewall and VPN design (Sophos or equivalent)
• Network segmentation, redundancy, and failover

Infrastructure & Platforms

• Datacenter infrastructure architecture
• Hyper-V virtualization architecture (expert level)
• Windows and Linux server platform architecture

Cloud & Hybrid

• Microsoft Azure architecture fundamentals
• Hybrid connectivity and identity integration

Soft Skills

• Strong decision-making and accountability
• Ability to challenge poor technical designs constructively
• Clear communication with technical and non-technical stakeholders
• High documentation and governance discipline

Certification Requirements

Mandatory (At Least One)

• Microsoft Certified: Azure Solutions Architect Expert
  OR
• TOGAF Certified

Strongly Preferred

• Microsoft Certified: Azure Stack HCI
• Microsoft Certified: Windows Server Hybrid Administrator Associate
• Cisco CCNP (Enterprise or Data Center)
• Sophos Firewall Engineer / Architect Certification

Nice to Have (Expert Signal)

• SABSA (Security Architecture)
• ITIL 4 – Strategic Leader
• AWS Solutions Architect – Professional

Success Criteria

• Stable and secure connectivity across all Germany locations
• Clear, standardized network and Hyper-V architecture
• Reduced incidents caused by architectural weaknesses
• Strong alignment between network, security, and infrastructure layers