Multi-Cloud Network Architect V

Availity delivers revenue cycle and related business solutions for health care professionals who want to build healthy, thriving organizations. Availity has the powerful tools, actionable insights and expansive network reach that medical businesses need to get an edge in an industry constantly redefined by change.

At Availity, we're not just another Healthcare Technology company; we're pioneers reshaping the future of healthcare! With our headquarters in vibrant Jacksonville, FL, and an exciting office in Bangalore, India, along with an exceptional remote workforce across the United States, we're a global team united by a powerful mission.

We're on a mission to bring the focus back to what truly matters – patient care. As the leading healthcare engagement platform, we're the heartbeat of an industry that impacts millions. With over 2 million providers connected to health plans, and processing over 13 billion transactions annually, our influence is continually expanding.

Join our energetic, dynamic, and forward-thinking team where your ideas are celebrated, innovation is encouraged, and every contribution counts. We're transforming the healthcare landscape, solving communication challenges, and creating connections that empower the nation's premier healthcare ecosystem.

Reporting to the Manager of Cloud Engineering, the Multi-Cloud Network Architect V is responsible for defining and advancing Availity’s cloud network infrastructure across AWS as the primary environment, with integration to secondary cloud and on-prem sites. This role requires advanced expertise in designing, implementing, and securing high-availability network architectures (VPC/subnet design, routing, segmentation, hybrid connectivity, and egress controls), ensuring resilient connectivity for critical platforms including Oracle Database@AWS (ODB@AWS).

The architect drives infrastructure automation and standards via infrastructure-as-code, establishes network guardrails and observability, and partners with Security, Platform, and Application teams to deliver scalable, compliant, and cost-effective connectivity at enterprise scale.

Sponsorship, in any form, is not available for this position.

Location: Remote, US

Role qualifications:

• Bachelor's degree in computer science or related field, or equivalent work experience.
• 8+ years designing and operating large-scale enterprise networks and internet-facing edge services, including authoritative DNS, WAF/CDN, BGP/Anycast fundamentals, L3–L7 security, and TLS at scale.
• Experience operating an enterprise internet edge / application delivery platform (WAF/CDN/DNS/Zero Trust) such as Cloudflare or equivalent.
• Advanced proficiency designing, implementing, and securing AWS cloud network architectures, including VPCs, subnets, routing/route tables, network access controls (NACLs), VPC endpoints, and connectivity solutions.
• Experience with AWS networking components such as Direct Connect (DX), Transit Gateway (TGW), and network security policies/guardrails in multi-account environments.
• Experience designing and governing AWS PrivateLink patterns at scale, including VPC endpoint policies, endpoint services, and cross-account/cross-organization service exposure.
• Experience supporting Kubernetes networking in AWS (EKS), including ingress/egress patterns, load balancing, network policy controls, and IP/CIDR planning to prevent address exhaustion.
• Experience designing multi-account and landing-zone network patterns (hub-and-spoke, shared services VPCs, centralized ingress/egress, and inspection/egress controls) at enterprise scale.
• Proven network security architecture experience in AWS, including security group strategy, AWS Network Firewall, Gateway Load Balancer (GWLB) / inspection VPC patterns, and centralized policy enforcement.
• Strong traffic engineering and routing design skills, including TGW route domains/propagation, avoiding asymmetric routing, overlapping CIDR strategy, and IP address management (AWS IPAM or equivalent).
• Experience designing multi-region network architectures for high availability and disaster recovery, including failover patterns, dependency-aware routing, and blast-radius reduction.
• Experience with multiple Linux distributions, including Amazon Linux 2023, Amazon Linux 2, and Red Hat Enterprise Linux (RHEL).
• Skilled in deploying and managing regulated/government cloud solutions (e.g., AWS GovCloud) and aligning network/edge controls to compliance requirements, including FIPS enforcement in commercial environments.
• Strong DNS provider experience (e.g., DNS Made Easy/DigiCert or Route 53): health checks/failover, automation via REST APIs, and global change safety.
• Solid observability and SIEM experience for edge and network telemetry (e.g., Splunk) and metrics/APM platforms (e.g., New Relic).
• Expertise in Infrastructure as Code (IaC) and automation frameworks including Terraform, Terragrunt, OpenTofu, and Ansible, with Git-based workflows, policy-as-code, and scripting.
• Hands-on experience with GitLab CI/CD, including GitLab Runner (or equivalent runner/executor technologies) to automate infrastructure delivery.
• Familiarity with AWS serverless technologies such as AWS Lambda, API Gateway, and Step Functions, and how network/edge controls apply to them.
• Experience with AWS messaging and queuing technologies such as Amazon SQS, Amazon MQ, and Amazon SNS (or equivalent services) in production environments.
• Comfortable with change management and incident management ecosystems (e.g., ServiceNow) and CAB/CRB discipline.
• Excellent cross-functional leadership and external partner coordination.
• Experience managing Palo Alto and other firewalls, including maintaining and adjusting access configurations (NAT gateway IP allow-listing, security groups), coordinating firewall builds/deployments/configuration, and managing external-facing ALBs/NLBs and WAF rules relevant to firewall integration.

Preferred Qualifications:

• AWS Certified Solutions Architect (Associate or Professional) and/or AWS Certified Advanced Networking – Specialty.
• Proficient with AWS Organizations, Service Control Policies (SCPs), and centralized logging/security models across multi-account environments.
• Demonstrated experience integrating third-party networking and security tools into cloud-native environments (e.g., Palo Alto, HashiCorp Vault, Netskope ZTNA, and Zscaler Cloud Connector).
• Deep experience with Cloudflare (DNS, WAF, Rulesets, Bot, Zero Trust/Access, Logpush) in production environments.
• Palo Alto Networks NGFW (virtual and cloud deployments), including policy design, NAT, routing integration, and operational troubleshooting.
• Netskope ZTNA, including segmentation policy design and integration with identity and cloud network controls.
• Zscaler (GSE and Cloud Connector), including connector placement patterns, traffic steering, and high-availability designs.
• Infoblox (DNS/DHCP/IPAM), including authoritative inventory management, automation/integrations, and operational governance.
• SolarWinds DPA (or equivalent) integration for monitoring/telemetry and performance troubleshooting in hybrid environments.
• Experience integrating edge/network telemetry into enterprise logging and metrics platforms (Splunk and New Relic), including dashboards, alerting, and operational runbooks.
• Experience implementing cloud area networking / SASE overlays (e.g., Alkira) for multi-cloud connectivity and segmentation.
• F5 (LTM/ASM) familiarity and migration patterns toward cloud/edge services.
• Background in healthcare information technology, including partner connectivity constraints and allow-listing at scale, PHI-adjacent data flows, and auditability in regulated/zero-trust contexts.
• Experience delivering solutions in regulated environments (e.g., FedRAMP, HITRUST, DoD IL4+), including audit-ready change controls and segmentation strategies.
• Architecture documentation and cloud diagrams (e.g., Lucidscale) and diagram-to-runtime reconciliation.
• Practical knowledge of Oracle Database@AWS / OCI interconnect patterns (peering, DRG, FastConnect/VPN, throughput tuning) or equivalent database-adjacent network designs.

What you will be doing:

• Serve as the de facto point of contact for cloud network architecture—setting standards and reference architectures for AWS as the primary cloud, with secondary support for Azure and on-prem connectivity.
• Own enterprise DNS end-to-end (authoritative and private): zone/record lifecycle, health checks and failover, registrar/NS management, reverse DNS, and automation via API/IaC integrated with change and incident workflows.
• Own internet-facing edge patterns and reliability: TLS standards, global load balancing, caching/headers, rate limiting, DDoS posture, and threat-signal integration with SIEM.
• Lead AWS network architecture for application and shared-services environments: VPC/subnet strategy, routing/NACL patterns, Transit Gateway and Direct Connect designs, VPC endpoints, Cloud WAN, NAT/egress controls, and scalable segmentation for east-west traffic.
• Design and validate resilient hybrid connectivity across AWS, ODB@AWS (OCI in AWS), Azure (as applicable), and on-prem sites—addressing overlapping CIDRs, DNS/resolver strategy, peering/transit patterns, throughput tuning, and failover/DR requirements.
• Modernize VPN, partner, and site-to-site connectivity (carriers/SASE overlays/cloud networking) with policy-driven segmentation, strong observability, and actionable alerting (e.g., Splunk, log pipelines).
• Provide architectural leadership for the enterprise edge platform (e.g., Cloudflare) across WAF/CDN/DNS/Zero Trust—defining standards, guiding migrations and cutovers, maintaining rule hygiene, and ensuring logs/telemetry flow to the SIEM.
• Operate well: participate in on-call for edge/network incidents, lead complex incident response/RCAs, codify runbooks, and continuously reduce MTTR and change risk via automation and pre-flight validation.
• Mentor and uplevel Cloud Engineering and peer teams; contribute reference architectures, ADRs, and reusable Terraform modules/policies.
• Deploy and evolve edge/network infrastructure daily using Terraform and Git-based workflows, with guardrails, validation, and automated rollbacks.
• Collaborate with Engineering and DevOps to enhance platform products and operational tooling, including ticket workflows, change execution, and event/incident management integrations.
• Automate scalable infrastructure and develop automated reporting that promotes best practices (standardized DNS/edge patterns, safe change adoption, and cost-aware usage).
• Create action plans to mitigate unnecessary infrastructure growth/footprint, and deliver recommendations for cloud service optimization across edge and network services.

Availity culture and benefits:

• Availity is a certified “Great Place to Work”, a “Best Workplaces for Technology Companies”, a “Best Workplaces for Women” and a “Best Workplaces for Millennials”!
• Culture is important to us and there are many ways for you to make your mark here!
• We have several Diversity & Inclusion teams and various ways to engage with fellow Availity associates. “AvaiLadies”, “Beyond Black”, “HOLA”, “Availity Pride”, “VetAvaility” a Young Professionals Group and “She Can Code IT” a group for women in tech are some of the groups you can get involved in.
• Availity is a culture of continuous learning. We have many resources and experts in our tech stack and in our industry that can help get you there too!
• We offer a competitive salary, bonus structure, generous HSA company contribution, healthcare, vision, dental benefits and a 401k match program that you can take advantage of on day one!
• We offer unlimited PTO for salaried associates + 9 paid holidays. Hourly associates start at 19 days of PTO and go up from there with all the same holiday benefits.
• Interested in wellness? We allow our associates to reimburse up to $250/year for gym memberships, participation in racing events, weight management programs, etc.
• Interested in furthering your education? We offer education reimbursement!
• Availity offers Paid Parental Leave for both moms and dads, both birth parents and adoptive parents.
• Want to work for an organization that gives back to the community? You’re at the right place! Availity partners with various organizations, both locally and nationally, to raise awareness, funds and morale as our staff members volunteer their time and funds to engage the organizations campaign.

Next steps:

After you apply, you will receive text/email messages thanking you for applying and then you will continue to receive more text/email messages alerting you as to where you are in the recruitment process.

Interview process:

• Recruiter resume review 
• Manager resume review 
• Recruiter video interview
• Manager video interview
• Panel video interview
• Senior Leadership video interview

#LI-BD1

Video Camera Usage:

Availity fosters a collaborative and open culture where communication and engagement are central to our success.  As a remote first company, we are also camera-first and provide all associates with camera/video capability to simulate the office environment. If you are not able to use your camera for all virtual meetings, you should not apply for this role.

Having cameras on helps create a more connected, interactive, and productive environment, allowing teams to communicate more effectively and build stronger working relationships.  The usage of cameras also enhances security and protects sensitive company information. Video participation is required to ensure that only authorized personnel are present in meetings and to prevent unauthorized access, data breaches, preventing social engineering, or the sharing of confidential information with non-participants.

Disclaimers:

Availity is an equal opportunity employer and makes decisions in employment matters without regard to race, religious creed, color, age, sex, sexual orientation, gender identity, gender expression, genetic information, national origin, religion, marital status, medical condition, disability, military service, pregnancy, childbirth and related medical conditions, or any other classification protected by federal, state, and local laws and ordinances.

 

Availity is a drug-free workplace. Candidates are required to pass a drug test before beginning employment.

 

NOTICE: Federal law requires all employers to verify the identity and employment eligibility of all persons hired to work in the United States. When required by state law or federal regulation, Availity uses I-9, Employment Eligibility Verification in conjunction with E-Verify to determine employment eligibility. Learn more about E-Verify at http://www.dhs.gov/e-verify.

Click the links below to view Federal Employment Notices.

Family & Medical Leave Act  Equal Employment Law Poster  Pay Transparency  Employee Polygraph Protection Act  IER Right to Work Poster  Important Notice about Employee Rights to Organize and Bargain Collectively with Their Employers