Post Job Free
Sign in

Principal Azure Architect & Cloud/DevOps Leader

Location:
Grand Rapids, MI
Posted:
March 06, 2026

Contact this candidate

Resume:

Rajesh Rawat

Principal Azure Architect – Cloud & DevOps Lead

Mobile: 616-***-****

Email: ******.*********@*****.***

LinkedIn: linkedin.com/in/rajesh-rawat-27628b6b

PROFESSIONAL SUMMARY

Principal Azure Cloud Architect & Cloud & DevOps Lead with 12+ years of experience designing and governing enterprise-scale cloud platforms for regulated healthcare and life sciences organizations. Proven expertise in Azure hybrid architecture, Cloud Center of Excellence (CCoE) governance, identity and access management, security compliance (HIPAA, NIST, SOC 2), and large-scale application migration and modernization. Extensive experience supporting healthcare customers including CooperSurgical Johnson & Johnson, and Abiomed, delivering secure, resilient, and compliant Azure platforms for clinical, research, and business workloads.

Recognized for delivering:

End-to-end Azure cloud transformations (Landing Zones, migrations, modernization)

Infrastructure as Code (IaC): Terraform, Bicep, ARM, GitHub Actions, Azure DevOps

Secure and compliant cloud environments using Defender for Cloud, Azure Policy, PIM, RBAC, Key Vault

High-availability, DR, performance optimization, and workload resilience

Enterprise-wide governance, architectural blueprinting, and cross-functional technical leadership

CORE COMPETENCIES

Azure Cloud Architecture (IaaS, PaaS, SaaS)

Azure Landing Zones & CCoE Governance

Hybrid Cloud (Azure + On-Prem)

Healthcare Compliance (HIPAA, NIST, SOC 2)

Identity & Access Management (Azure Entra ID, RBAC, PIM, MFA)

Secure Networking (Hub-Spoke, ExpressRoute, Private Link)

DevSecOps & Infrastructure as Code (Terraform, Bicep)

Migration & Modernization (Rehost, Refactor, Rearchitect)

High Availability, DR, Backup & BC

FinOps & Cost Optimization

Stakeholder & Executive Collaboration

KEY SKILLS

Cloud Architecture & Design: Azure IaaS/PaaS/SaaS, Landing Zones, Hybrid Cloud, Enterprise Architecture

DevOps Leadership: CI/CD (Azure DevOps, GitHub), Automation, IaC (Terraform/Bicep), Release Engineering

Infrastructure Engineering: Compute, Networking, Storage, Security, Load Balancing, Backup/DR

Security & Compliance: Azure Security Benchmark, Defender for Cloud, PIM, RBAC, IAM, Governance

Container & Platform Services: AKS, Docker, API Management, App Services

Migration & Modernization: On-prem to Azure, Datacenter Exit, App Modernization, Cloud Adoption Framework

Scripting & Automation: PowerShell, Bash, Terraform, Runbooks

Cross-Functional Leadership: Stakeholder Management, Architecture Governance, Roadmaps, Team Leadership

TECHNICAL SKILLS

Cloud: Azure IaaS, PaaS, SaaS, Security Center, Azure Monitor, ADF, Logic Apps, App Gateway

DevOps: Azure DevOps, GitHub Actions, GitLab, CI/CD Pipelines, YAML, Release Engineering, Jenkins (Pipeline as Code, Shared Libraries, Plugins, HA Architecture),

IaC: Terraform, Bicep, ARM Templates, Ansible

Containers: AKS, Docker, Kubernetes ecosystem

Databases: Azure SQL, Synapse, MySQL, PostgreSQL, Cosmos DB

OS & Infra: Windows Server, Linux, VMware, Hyper-V, SAN/NAS

Networking: VNETs, VNET Peering, ExpressRoute, Private Endpoints, UDRs, NSGs, Firewall

Security: RBAC, PIM, MFA, Conditional Access, Encryption, Defender, Key Vault

Monitoring: Azure Monitor, Log Analytics, App Insights

Methods: Agile, ITIL, SCRUM, Architecture Governance

ENTERPRISE ARCHITECTURE & LEADERSHIP EXPERIENCE

Designed Azure infrastructure architectures including Landing Zones, hybrid cloud topologies, hub-and-spoke, and multi-region deployments.

Developed enterprise-wide standards, reference architectures, governance models, and modernization roadmaps.

Led cloud adoption and infrastructure transformation for global environments across Azure & hybrid ecosystems.

Executed complex infrastructure integrations across M&A initiatives (AD consolidation, O365, cloud migration).

Architected enterprise identity platforms — AD, Entra ID, SSO, MFA, Conditional Access, Lifecycle Governance.

Designed high-availability and disaster recovery architectures aligned to stringent RTO/RPO standards.

Served as L4 escalation architect for infrastructure and DevOps, providing RCA, tuning, and long-term strategy.

Partnered with C-level leaders to define cloud investment strategies, cost models, and transformation plans.

PROFESSIONAL EXPERIENCE

Lam Research

Azure Cloud Architect

Dec 2024 – Present

Grand Rapids, MI (Remote)

Designed, implemented, and optimized Azure cloud infrastructure, ensuring high availability, scalability, and security across enterprise environments.

Architected CI/CD pipelines in Azure DevOps for automated build, deployment, and release workflows, improving delivery speed and reducing deployment errors.

Monitored, analyzed, and troubleshot Azure DevOps pipelines, builds, and releases to maintain consistent CI/CD performance and reduce operational disruptions.

Integrated Splunk with Azure Monitor and Log Analytics to centralize telemetry, enabling cross-platform visibility across CI/CD pipelines and Azure workloads.

Developed custom Splunk dashboards and alerts for Azure DevOps pipelines and Defender for Cloud logs, enhancing proactive monitoring, performance insights, and incident response.

Managed Azure DevOps source control repositories, implementing branching strategies, versioning standards, and team collaboration best practices.

Designed and implemented hybrid CI/CD pipelines integrating Jenkins with Azure DevOps and Terraform-based infrastructure

Enhanced CI/CD scalability by implementing container-based Jenkins agents deployed on Kubernetes.

Improved pipeline reliability and performance by optimizing build orchestration, artifact management, and parallel execution strategies.

Developed and maintained Infrastructure as Code (IaC) using Bicep and Azure.

DevOps, enabling repeatable, template-driven provisioning for cloud resources.

Architected Terraform-based automation frameworks for Azure Landing Zones and multi-subscription environments supporting semiconductor R&D workloads.

Built reusable Terraform modules for networking, compute, and storage, streamlining infrastructure provisioning and improving environment consistency.

Integrated Terraform pipelines with Azure DevOps using YAML, approvals, and policy enforcement for secure, auditable infrastructure releases.

Designed secure, compliant network and identity foundations (VNETs, RBAC, private endpoints) to protect intellectual property and data flows.

Integrated Azure Application Gateway with API Management Services to improve routing, observability, and application security while scaling API workloads.

Implemented and governed Azure Policies to enforce compliance, standardization, and consistent configuration across cloud subscriptions.

Automated daily operational and administrative tasks using Azure Automation Runbooks, reducing manual effort and improving service reliability.

Strengthened cloud security posture by applying Azure Security Benchmark, implementing security controls, and increasing Secure Score using Microsoft Defender.

Monitored and responded to security threats via Microsoft Defender for Cloud, performing remediation and escalating advanced alerts.

Automated vulnerability remediation workflows by integrating Defender with Azure Security Center, improving incident response efficiency.

Performed compliance audits and security assessments to ensure adherence to regulatory, organizational, and cloud governance standards.

Led cloud migration initiatives, including modernization and optimization of legacy applications for improved performance and scalability in Azure.

Delivered project plans, feature roadmaps, and technical documentation to align stakeholders, define deliverables, and support long-term cloud strategy.

IRIS / CooperSurgical

Azure Cloud Solution Architect – Healthcare & Life Sciences

Jan 2024 – Dec 2024

Grand Rapids, MI (Remote)

Led the design and implementation of secure, enterprise-grade Azure cloud platforms supporting regulated healthcare and life sciences workloads, ensuring compliance with HIPAA, NIST, and internal security standards.

Architected enterprise Azure Landing Zones using Management Groups, Azure Policy, RBAC, and subscription governance as part of a centralized Cloud Center of Excellence (CCoE) model.

Defined Azure target-state architectures aligned with the Microsoft Well-Architected Framework, supporting clinical, manufacturing, and research workloads.

Designed hub-and-spoke network architectures leveraging Azure Firewall, NSGs, UDRs, Private Endpoints, and Azure Virtual WAN for secure segmentation of PHI workloads.

Enabled hybrid connectivity using ExpressRoute and VPN Gateway, integrating on-prem clinical systems with Azure-hosted platforms.

Defined and articulated a scalable hybrid cloud strategy, aligning cloud modernization with organizational growth and long-term technology goals.

Architected and implemented Azure public cloud infrastructure in highly distributed, secure, and scalable environments.

Collaborated with cross-functional engineering teams to build and maintain hybrid cloud architecture with a focus on performance, resiliency, and security.

Continuously monitored hybrid cloud environments, identifying optimization opportunities and guiding cost-efficient improvements.

Automated cloud architecture and provisioning activities using Terraform, simplifying deployments and eliminating manual inefficiencies.

Developed, maintained, and optimized Azure DevOps automation scripts, IaC templates, and infrastructure build pipelines.

Configured Splunk forwarders for Azure resources to collect, normalize, and analyze logs across hybrid environments.

Designed Splunk-based alerting and reporting workflows for compliance, cost, and security visibility across multi-subscription deployments.

Monitored and troubleshot Azure DevOps pipelines, ensuring smooth CI/CD operations across all development teams.

Integrated Azure Application Gateway with API Management Services to improve traffic flow, security, and observability.

Managed Azure DevOps source control repositories, defining branching strategies and code governance standards.

Designed and operated Azure infra landing zones aligned to HIPAA/HITECH with strong PHI/PII protection, including encryption, segmentation, and strict RBAC.

Designed and implemented Azure DevOps CI/CD pipelines supporting scalable, automated software delivery.

Delivered feature roadmaps and project targets, aligning architecture efforts with business priorities.

Designed and managed CI/CD pipelines for automated deployments and release workflows across multiple environments.

Designed microservices-based architectures using Azure cloud-native services to support modular and scalable applications.

Analyzed business and application requirements to align technical architecture with enterprise needs.

Designed and implemented Azure PaaS and IaaS configurations supporting high availability, data redundancy, disaster recovery, and site resilience.

Birlasoft / Johnson & Johnson

Senior Azure Cloud Architect – Healthcare

Jan 2023 – Dec 2023

Grand Rapids, MI (Remote)

Designed and deployed secure public cloud infrastructure across highly distributed enterprise environments.

Enforced security guardrails using Azure Policy, Defender for Cloud, Secure Score, and Just-in-Time (JIT) access to protect sensitive healthcare workloads.

Supported healthcare data interoperability initiatives by enabling secure API integrations aligned with HL7/FHIR principles for downstream EMR and reporting systems.

Led application migration and modernization efforts, transitioning legacy healthcare applications to Azure App Service, AKS, Azure SQL Managed Instance, and Azure Storage.

Designed high availability and disaster recovery strategies using Availability Zones, Azure Site Recovery, geo-replicated storage, and automated backup policies.

Implemented DevSecOps pipelines using Terraform, Azure DevOps, and GitHub to automate infrastructure provisioning with embedded compliance and security validation.

Established FinOps practices, applying Azure Cost Management, tagging standards, budgets, and right-sizing strategies to optimize healthcare cloud spend.

Collaborated with clinical, security, infrastructure, and executive stakeholders, translating cloud architecture decisions into compliance, resiliency, and patient-safety outcomes.

Delivered reusable IaC templates, reference architectures, and design standards to support repeatable healthcare migrations across business units

Authored and maintained comprehensive Azure operations and process documentation for enterprise reuse.

Automated cloud provisioning and architectural workflows using Terraform.

Developed and maintained Azure DevOps automation scripts, pipelines, and IaC templates.

Troubleshot Azure DevOps builds, pipelines, and CI/CD environments to ensure operational continuity.

Integrated Application Gateway with API Management Services for improved routing and enhanced API security.

Managed Azure DevOps source control repositories, branching strategies, and governance.

Integrated Splunk with Azure Sentinel and Defender for Cloud to enhance threat detection, correlation, and response across enterprise workloads.

Automated the ingestion of Azure activity logs into Splunk using REST APIs and Event Hubs for unified cloud monitoring and incident analysis.

Automated operational workflows using Azure Automation Runbooks.

Enforced governance using Azure Policies, RBAC, and Azure Security Center.

Designed and deployed CI/CD pipelines for automated build, test, and deployment processes.

Strengthened cloud security posture by applying Azure Security Benchmark and increasing Secure Score via Microsoft Defender.

Monitored and responded to security alerts across VMs, networks, databases, and application workloads using Defender for Cloud.

Performed ongoing compliance audits and regulatory adherence checks across cloud resources.

Automated vulnerability remediation using integrated Defender and Security Center workflows.

Delivered roadmap documents outlining architecture direction, milestones, and deliverables.

Designed microservices architectures and supported distributed application deployments on Azure.

Analyzed business and software requirements to align architecture decisions with enterprise needs.

Utilized Azure Log Analytics for monitoring logs and performance insights.

Architected Azure PaaS and IaaS services ensuring HA, DR, DLP, and fault tolerance.

Built and maintained Azure Data Factory pipelines for ETL and orchestration workloads.

Designed and operated Azure landing zones aligned to HIPAA/HITECH with encryption, segmentation, and strict RBAC for PHI/PII workloads.

Deployed and integrated VNets with Logic Apps & Service Bus for enterprise connectivity.

Interfaced with business leaders to gather requirements and shape cloud infrastructure solutions.

Implemented security controls using Azure Policy, RBAC, Azure Security Center, and Defender for Cloud.

Conducted RCA, post-incident reviews, and corrective actions for resilient cloud operations.

Supported cross-team collaboration to deploy secure and scalable cloud solutions.

Implemented blue-green deployments for safe, zero-downtime releases.

Hands-on experience with Terraform for provisioning Azure PaaS databases (Synapse, SQL, Cosmos DB, AAS, Blob/ADLS).

Participated in Agile processes including PI Planning, daily stand-up’s, sprint planning, and reviews.

Supported RFP responses as Azure SME for Sales/Pre-Sales initiatives.

Good understanding of Kubernetes concepts—Secrets, ConfigMaps, Services, and cluster integrations.

Integrated Application Gateway with AKS for secure ingress and routing.

Virtusa / Abiomed

Azure Technical Lead – Healthcare Cloud Platform

Aug 2022 – Dec 2022

Grand Rapids, MI (Remote)

Engaged as Azure Technical Lead for rapid cloud onboarding of healthcare device applications.

Assessed on-prem application architecture and defined migration and integration approach.

Conducted architecture workshops and produced target-state solution designs.

Guided development teams on refactoring workloads for PaaS and container platforms.

Established secure connectivity between enterprise network and Azure workloads.

Built container hosting platform using Azure Kubernetes Service for application modernization.

Implemented API layer using Azure API Management for partner and downstream integrations.

Designed workflow orchestration using Logic Apps and messaging patterns using Service Bus.

Created reusable Terraform modules to standardize environment provisioning.

Implemented CI/CD onboarding pipelines enabling teams to deploy into Azure platform.

Introduced secrets management using Key Vault and managed identities.

Enabled operational monitoring dashboards using Azure Monitor and Log Analytics.

Performed migration cutover planning and release coordination with application teams.

Experience migrating servers from Rackspace to Azure using Azure Migrate tools, with specific focus on healthcare environments supporting Epic integrations.

Planning and executing large-scale migrations of Windows and Linux servers from Rackspace to Azure, including assessment, wave planning, cutover, and post-migration stabilization.

Ability to analyze existing Rackspace networking, security groups, and storage configurations and translate them into equivalent Azure architectures while minimizing downtime and risk during migration.

Resolved deployment and runtime issues during production stabilization phase.

Produced runbooks and handover documentation for operations teams post-migration.

HCL Technologies

Azure Architect

May 2020 – June 2022

Noida, India

Led a technical operations team responsible for deployment, optimization, and support of enterprise Azure environments.

Translated business requirements into scalable cloud architectures, leading migrations to modern Azure solutions.

Provisioned and managed Azure cloud services following best practices and cost-optimization strategies.

Implemented Splunk Enterprise integration with Azure Log Analytics, providing unified monitoring across IaaS and PaaS resources.

Automated infrastructure provisioning using Terraform integrated within Jenkins pipelines.

Customized Jenkins pipelines based on application architecture, microservices deployments, and containerized workloads (AKS/Kubernetes).

Designed AKS-based platforms with integrated security controls for regulated environments

Implemented centralized monitoring using Azure Monitor, Log Analytics, and Application Insights.

Supported SOC teams by integrating Azure security telemetry into SIEM platforms.

Created Splunk dashboards and custom queries (SPL) to analyze performance trends, detect anomalies, and support incident management processes.

Built and deployed .NET Core microservices using Azure Kubernetes Service (AKS).

Migrated data from on-prem SAN/NAS to Azure using Azure NetApp Files and Azure File Sync.

Deep expertise across Azure data and analytics services including Data Lake, Data Factory, Databricks, Synapse, and Azure SQL.

Architected and implemented enterprise-grade Jenkins CI/CD pipelines (Pipeline as Code – Groovy), supporting multi-application build, test, and deployment workflows across cloud and on-prem environments.

Designed and deployed highly available Jenkins architecture (Master–Agent model) with fault-tolerant configurations and auto-scaling build agents.

Integrated Jenkins with Azure, on-prem data centers, and hybrid infrastructure for seamless application delivery.

Built reusable Jenkins Shared Libraries and standardized pipeline templates to reduce duplication and improve governance.

Integrated Jenkins with GitHub, Azure DevOps Repos, SonarQube, Nexus, and artifact repositories for end-to-end DevSecOps automation.

Implemented Role-Based Access Control (RBAC), credential management, and secrets integration with Azure Key Vault.

Configured and managed SonarQube integration within Jenkins pipelines for automated code quality checks and governance enforcement.

Optimized CI/CD toolchain by evaluating and integrating complementary tools including GitHub Actions, Bamboo, and Azure services.

Automated infrastructure provisioning using Terraform integrated within Jenkins pipelines.

Automated database deployments using DACPAC and CI/CD integration.

Designed and implemented Azure API Management, cloud security, and hybrid cloud integration solutions.

Deployed Azure workloads using Azure PowerShell, Azure CLI, ARM templates, and Terraform.

Generated CI/CD metrics dashboards and executive-level status reports outlining pipeline health, deployment frequency, and build stability.

Authored architectural documentation, onboarding guides, and DevOps governance standards for enterprise-wide adoption.

Developed automation scripts using Python and PowerShell to enhance pipeline orchestration and operational efficiency.

Implemented cloud governance, networking, and infrastructure automation via Terraform, GitHub, Jenkins, and Ansible.

Troubleshot performance, connectivity, and application issues across Azure environments.

Integrated ARM templates/Bicep into CI/CD for repeatable and reliable deployments.

Designed and executed enterprise migrations from on-premises to Azure IaaS and hybrid models.

Defined Azure networking architecture including VNETs, ExpressRoute, and VPN gateways.

Provided technical leadership for cloud operations, monitoring, and optimization.

Implemented Azure RBAC governance, security center monitoring, and operational policies.

Engaged with business stakeholders to design cloud roadmaps, long-term strategies, and technology adoption plans.

Continuously evaluated new Azure features and recommended opportunities for cost and performance improvement.

Hands-on across Azure services including VMs, VNETs, Application Gateway, Auto scaling, AAD, Automation, Key Vault, Log Analytics, Monitor, PIM, Update Management, and File Sync.

Implemented and managed Databricks solutions including access control, cost management, and performance tuning.

Provided Tier-3 escalation support and problem management leadership.

Genpact

Senior SysOps Consultant

Oct 2019 – May 2020

Noida, India

Managed and provisioned cloud services across AWS and Azure, ensuring security and cost efficiency.

Monitored cloud environments using New Relic, CloudWatch, and Azure Security Center for proactive issue resolution.

Implemented governance controls using Azure RBAC.

Hands-on expertise across Azure infrastructure services including VMs, VNETs, App

Gateway, AAD, Automation, Storage, Recovery Vault, Logic Apps, Monitoring, and Policies.

Provided L3 support ensuring proper incident and problem management workflows.

Collaborated with network, security, application, and architecture teams to deliver enterprise cloud solutions.

GoInfinity Technologies

Cloud Network Infrastructure Specialist

Mar 2019 – July 2019

Noida, India

Designed Azure cloud architectures supporting complex enterprise workloads

Architected solutions using Azure PaaS services including SQL, HDInsight, and Service Bus.

Lead technical execution and provided architectural oversight during client engagements.

Provided Azure thought leadership through documentation, architecture guidance, and knowledge sharing.

Configured Azure App Gateway, Databricks backup (IaC-based), VNET storage, and ADLS integration.

Developed automation using PowerShell and ARM templates for simplified deployment.

Provided architectural guidance for Azure PaaS-based application solutions.

i2K2 Networks

Cloud Solution Engineer

Apr 2018 – Feb 2019

Noida, India

Proactively monitored cloud environments to prevent outages and high-severity incidents.

Designed multi-tier cloud architectures aligned with client scalability and security needs.

Supported environment hardening aligned with Azure security standards.

Designed Azure public cloud infrastructure for large-scale enterprise workloads.

Implemented Databricks DLT, DR setups, and managed PaaS/SaaS Databricks environments.

Advised development teams on Azure architecture patterns and best practices.

Reviewed and validated Azure architecture designs for production deployment.

Shree InfoSoft

Application Support Engineer

Jan 2017 – Mar 2018

Gurgaon, India

Supported AD and Azure AD integrations, identity management, and directory services.

Worked with DNS, DHCP, PKI, and certificate-based authentication architectures.

Hands-on experience with SSO, SAML, OAuth, and OpenID authentication flows.

Deployed applications on IIS, Apache Tomcat, and JBoss.

Supported Azure AD identity management, MFA, conditional access, and privileged governance.

Performed vulnerability assessments and security reviews across AD and Azure AD environments.

Tech Mahindra

Application Support Engineer

May 2016 – Jan 2017

Noida, India

Deployed and maintained applications on IIS, Apache, and JBoss.

Managed SQL Server administration tasks and deployments.

Supported ticketing through BMC Remedy and managed CAB change processes.

Installed and configured SSL certificates for secure applications.

Expedien eSolutions

Asst. Consultant – System & Networking

June 2013 – May 2016

Noida, India

Administered SQL Server 2005–2014, backups, restores, jobs, and user management.

Managed Windows Server 2003–2012 infrastructures and core services (AD, DHCP, IIS, WSUS).

Worked with Linux distributions including Ubuntu, CentOS, and Debian.

Configured email clients with POP/IMAP for enterprise environments.

Managed Microsoft Azure Server and Hyper-V environments.

Installed and maintained SSL certificate infrastructure.

Licenses & certifications

MCITP - HCL, Prometric

MCITP: Server Administrator on Windows Server 2008 - Microsoft

MCPS: Microsoft Certified Professional - Microsoft

MCSA: Windows Server 2008 - Microsoft

MCTS: Windows Server 2008 Network Infrastructure, Configuration - Microsoft

MCTS: Windows Server 2008 Network Infrastructure, Configuration

Microsoft Certified: Azure Administrator Associate

Microsoft Certified: Azure Solutions Architect Expert

Education

MCA - Information Technology

Sikkim Manipal Institute of Technology – SMU

Passed - Feb 2018

B. Com

Delhi University

Passed - June 2014



Contact this candidate