Senior IT Architecture Lead: Datacenter, Network & Security

We are seeking a Senior IT Architecture Expert to define, govern, and continuously optimize the end-to-end IT architecture across datacenter, network, security, servers, virtualization, and cloud
.

Our environment consists of one central datacenter in Germany and multiple office locations
, connected via secure WAN and VPN architectures, and standardized exclusively on Microsoft Hyper-V for on-premises virtualization
.

This role exists to:

• Eliminate fragmented infrastructure and network designs
• Ensure secure, scalable, and resilient connectivity between datacenter and offices
• Prevent technical debt caused by inconsistent or reactive technical decisions

This is not an operational role. The Architecture Expert defines what must be built and why
, not how day-to-day administration is performed
.

• The Architecture Expert acts as design authority across:
• Network & Connectivity Architecture (Datacenter + Offices)
• Firewall & Security Architecture (Sophos-based)
• Identity & Access Architecture

Key Responsibilities:

Define and maintain:

• Target-state infrastructure architecture
• Reference architectures and design principles

Design scalable and resilient datacenter architectures covering:

• Compute
• Storage
• Networking
• High availability and disaster recovery

Ensure infrastructure designs align with:

• Business continuity requirements
• Security and compliance standards
• Network & Connectivity Architecture (Critical Responsibility)

Own end-to-end network architecture for:

• Central datacenter in Germany
• Multiple branch and office locations

Design and govern:

• LAN and WAN architecture
• Site-to-site VPN connectivity
• Remote access connectivity models

Define and standardize:

• VLAN and network segmentation
• Redundancy and failover design

Ensure predictable performance, scalability, and availability across all locations

• Firewall & Security Architecture (Sophos Focus)

Act as architecture authority for Sophos Firewall environments

Design and govern:

• Perimeter and internal firewall architecture
• Network zone and segmentation models
• VPN security standards (site-to-site and remote access)

Define standards for:

• Firewall rule structure and lifecycle
• Secure inter-site traffic flows

Work closely with IT Security teams to ensure:

• Consistent security policy enforcement

Define and govern Hyper-V–based virtualization architecture as the exclusive on-premises virtualization platform

Establish approved architecture standards for:

• Hyper-V host and cluster design
• Storage Spaces Direct (where applicable)
• Virtual machine sizing and placement models

Define:

• Capacity and scalability guardrails
• High-availability and resiliency patterns

Review and approve:

This role does not perform day-to-day server or Hyper-V administration

Work in close collaboration with the Senior Server, Linux & Datacenter Expert
, who owns implementation and optimization

Design hybrid architectures integrating:

Define:

• Secure hybrid network connectivity
• Workload placement strategy
• Identity and access integration

Ensure cloud adoption aligns with:

• Security architecture
• Cost and operational efficiency
• Identity, Security & Compliance Architecture
• Active Directory

Ensure identity, network, and security architectures are fully aligned

Partner with IT Security teams to implement:

• Zero Trust principles
• Least-privilege access models

Ensure architectural compliance with regulatory and audit requirements

• Architecture Governance & Standards

Act as final design authority for:

• Network and firewall design

Review and approve:

• New office network designs
• Major infrastructure and connectivity changes

Enforce architecture standards and prevent design drift

Create and maintain:

• Datacenter and network topology diagrams
• Firewall and connectivity architecture documentation
• Approved reference architectures
• Accurate
• Maintained
• Actively used by operational teams

Required Languages

12+ years in enterprise IT roles

5+ years in senior infrastructure or solution architecture roles

• Hyper-V-based virtualization platforms

Strong background in network-centric infrastructure environments

Mandatory Technical Expertise

Network & Security

• Enterprise LAN and WAN architecture
• Firewall and VPN design (Sophos or equivalent)
• Network segmentation, redundancy, and failover

Infrastructure & Platforms

• Datacenter infrastructure architecture
• Hyper-V virtualization architecture (expert level)
• Windows and Linux server platform architecture
• Hybrid connectivity and identity integration

Soft Skills

• Strong decision-making and accountability
• Ability to challenge poor technical designs constructively
• Clear communication with technical and non-technical stakeholders
• High documentation and governance discipline

Certification Requirements

Mandatory (At Least One)

• Microsoft Certified:
  Azure Solutions Architect Expert
  OR
• TOGAF Certified

Strongly Preferred

• Microsoft Certified:
  Windows Server Hybrid Administrator Associate
• Cisco CCNP (Enterprise or Data Center)
• Sophos Firewall Engineer / Architect Certification

Nice to Have (Expert Signal)

• SABSA (Security Architecture)
• ITIL 4 – Strategic Leader
• AWS Solutions Architect – Professional

Success Criteria

• Stable and secure…