Cloud Solution Architect

Title : Cloud Solution Architect

Location : Remote

LOA : Part time / 160 Hours

Job Description :

Services Description : To provide a remediation engagement to remediate Buyer’s Azure environment and security workflow within the guidance of Buyer’s CSS.

Objectives :

Provide structured support via a scoped “remediation and support hours” block to help execute or guide the implementation of critical fixes identified during the assessment.

Scope :

Team will remediate the Buyer’s Azure environment and security workflow. Areas of effort include :

Remediation services and support

Work with the team to solve critical issues

Support changes and service functionality

Approach : Remediation Support

Hands-on remediation guidance (e.g., policy adjustments, firewall reconfiguration, CNAPP tuning)

Solution validation / testing support (e.g., Defender for IoT deployment, traffic flow tests)

Co-implementation of playbook items from the roadmap

Team coaching and knowledge transfer sessions beyond initial workshop

On-demand advisory hours for architectural or compliance-related questions

Title : Sr. Security Cloud Architect

Location : Remote

LOA : 8 weeks, 40 hours / week

Services Description : To provide a focused 8-week engagement to evaluate Buyer’s Azure subscription(s), with an emphasis on security posture and network architecture around and to deliver a prioritized, actionable remediation roadmap and future-state connectivity design.

Objectives :

Review the Buyer’s Azure subscriptions, resource groups, and key services against Microsoft’s Azure Security Benchmark and best FinOps practices

Provide prioritized, risk-based remediation recommendations aligned to industry best practices

Analyze the security, infrastructure, and connectivity of Azure services supporting OT workloads

Deliver a risk-based, actionable set of recommendations aligned with industry frameworks (e.g., NIST CSF, IEC 62443, CIS Benchmarks) tailored to both Buyer’s CSS and OT risk profiles.

Develop a high-level, multi-phase roadmap for strengthening security posture and optimizing cloud architecture over the next 12–18 months.

Conduct workshops, guided sessions, and / or document review with Buyer teams to transfer knowledge and build operational confidence in managing OT and cloud-native security.

Deliver executive-level summaries and a detailed technical report to enable Buyer stakeholders to track progress and budget for implementation.

Scope :

Vendor’s team will evaluate the Buyer’s Azure infrastructure, services, and OT connectivity, and deliver a tactical, risk-driven roadmap for improving posture and performance. Core focus areas include :

Security Configurations

Azure AD, RBAC, Conditional Access, PIM / JIT access, identity protection

Defender for Cloud, Key Vault, MFA enforcement, CNAPP tools such as Prisma

Network Architecture & OT Connectivity

Review VNets, NSGs, Azure Firewall / NVAs, ExpressRoute, VPNs, Private Link

Analyze segmentation between IT and OT systems; inspect traffic paths from SCADA, PLCs, or IIoT devices to cloud services OT Service Integration & Data Flows

Azure IoT Hub, Azure Arc, Digital Twins, Azure Stack Edge