Principal Cloud Network Architect (part-time)

We are looking for a Principal Cloud Network Architect to support a large-scale network and infrastructure consolidation program following the acquisition of 5+ telecommunications and UCaaS companies. The current cloud environment is highly fragmented, spanning 40+ AWS accounts, isolated VPC architectures, and multiple legacy on-premises data centers.

This is a 6-8 month design engagement focused on defining the definitive target-state hybrid cloud routing fabric. The scope includes leveraging AWS Cloud WAN and Transit Gateway alongside Digital Realty interconnect capabilities and delivering production-ready blueprints to the core engineering organization. The role operates in close collaboration with the Lead Network Convergence Architect, ensuring seamless integration between cloud edge routing and the global MPLS/BGP/SD-WAN core.

Responsibilities:

• Architect the global cloud transit backbone by evaluating and defining the target-state AWS multi-account routing model, including a final design decision between AWS Cloud WAN and regional Transit Gateway (TGW) architectures to unify 40+ AWS accounts.
• Design the hybrid interconnect fabric across physical and cloud environments, including Layer 2/Layer 3 connectivity between legacy data centers and AWS using Digital Realty (PlatformDIGITAL / ServiceFabric) and AWS Direct Connect.
• Define the cloud-native security perimeter and identity access by engineering AWS WAF, AWS Shield Advanced, and centralized logging, while replacing raw credential management with AWS KMS/Secrets Manager and integrating AWS IAM with Entra ID for SSO.
• Standardize cloud routing boundaries for e-commerce and voice workloads, specifically architecting a split-routing model: securely steering SIP signaling through AWS while strictly keeping real-time RTP media on physical hardware to eliminate cloud latency and "noisy neighbor" impacts.
• Deliver a transition blueprint including Infrastructure-as-Code (IaC) migration templates and phased rollout strategy to enable migration from the current fragmented state to a unified cloud fabric without disruption to voice or e-commerce services.
• Drive strategic Cloud FinOps and architecture economics by auditing existing AWS spend, executing compute right-sizing, and implementing Reserved Instances and Savings Plans alongside structural cloud changes.

•  8+ years in IT infrastructure/architecture, with 5+ years of focus on AWS-native networking, multi-account transit architectures, and hybrid cloud convergence.
• Advanced AWS networking expertise, including AWS Cloud WAN, Transit Gateway, Direct Connect, VPC Lattice, Route 53, and cross-account governance (IAM / Resource Access Manager).
• Strong "Hybrid BGP Fluency" (AS-PATH, MED, Local Pref) to act as the cloud-side counterpart to core network engineers, seamlessly accepting route handoffs at AWS Direct Connect or Microsoft Meet-Me Room edges without creating routing loops.
• Deep expertise in AWS-native security perimeters (AWS WAF, Shield Advanced, GuardDuty, Security Hub) and enterprise identity federation.
• Proven track record designing cross-region AWS Disaster Recovery (DR) architectures and executing Cloud FinOps cost-optimization strategies.
• In-depth knowledge of Infrastructure as Code using Terraform and AWS CloudFormation for large-scale network and routing automation.
• Experience in M&A cloud consolidation, including unifying fragmented or “shadow IT” AWS environments into enterprise-grade governance models.