Archimedes

Archimedes - Transforming the Specialty Drug Benefit - Archimedes is the industry leader in specialty drug management solutions. Founded with the goal of transforming the PBM industry to provide the necessary ingredients for the sustainability of the prescription drug benefit – alignment, value and transparency – Archimedes achieves superior results for clients by eliminating tightly held PBM conflicts of interest including drug spread, rebate retention and pharmacy ownership and delivering the most rigorous clinical management at the lowest net cost. .____________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________. Current associates must use SSO login option at https://employees-navitus.icims.com/ to be considered for internal opportunities.________We are committed to providing equal employment opportunity to all applicants and employees and comply with all applicable nondiscrimination regulations, including those related to protected veterans and individuals with disabilities. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, or handicap.

USD $0.00 - USD $0.00 /Yr.

0.00 - Ineligible

Core Business Hours- Remote or Hybrid 3 Days in Office- St. Louis, MO or Brentwood, TN

ATTENTION: Archimedes is unable to offer remote work to residents of Alaska, Arizona, Arkansas, California, Connecticut, Delaware, Hawaii, Idaho, Louisiana, Maine, Massachusetts, Michigan, Mississippi, Montana, Nebraska, Nevada, New Mexico, New York, North Carolina, North Dakota, Oregon, Rhode Island, South Carolina, South Dakota, Texas, Utah, Vermont, Washington, West Virginia, And Wyoming.

The Engineer, Cloud specializes in architecting and automating secure, scalable Azure environments. Cloud Engineer supports enterprise data platform initiatives, including Azure Data Lake Storage Gen2, Azure Databricks, and related analytics services. This role is responsible for designing and operating the cloud infrastructure, networking, security, identity, governance, and platform services that enable scalable, secure, and compliant lake house and AI workloads. The Engineer supports the organization's analytics, machine learning, and AI initiatives by implementing and operating cloud infrastructure, networking, security, identity, and platform services that enable secure, scalable, and compliant data, analytics, and AI workloads. The role assists in supporting Azure Databricks, Azure Data Lake Storage Gen2, Azure Machine Learning, Azure OpenAI, and related cloud-native platform services under the guidance of senior engineering staff.

The Engineer, Cloud focuses on designing infrastructure-as-code solutions and is responsible for deploying core Azure services, managing hybrid workloads, and implementing infrastructure-as-code using Terraform, Bicep, and ARM templates. Ensures network security, cost optimization, and high availability across IaaS and PaaS resources. The Engineer ensures high availability, performance, and security across IaaS and PaaS services, including Azure App Services, AKS, SQL, and networking components. Supports observability, incident response, and compliance with regulatory standards through advanced monitoring, security tooling, and ITSM practices. In addition, the Engineer supports observability through telemetry, monitoring, and alerting strategies using Azure-native tools. The Engineer plays a key role in incident response, disaster recovery, and continuous compliance with industry and regulatory standards (e.g., HIPAA, SOC 2, ISO 27001). This position requires cross-functional collaboration with DevOps, Security, Software Engineering, and Compliance teams to drive operational excellence, automation maturity, and audit readiness.

How do I make an impact on my team?

• Architect and deploy solutions using core Azure services, including Azure App Services, AKS, Azure SQL, Storage Accounts, Application Gateway, Azure Front Door, and Load Balancers.
• Design and deploy scalable, secure solutions using core Azure services including App Services, AKS, Azure SQL, Storage Accounts, Application Gateway, Azure Front Door, Load Balancers, and related PaaS/IaaS components.
• Design, implement, and support cloud infrastructure and networking services that enable Azure Data Lake Storage Gen2, Azure Databricks, analytics platforms, and AI workloads.
• Collaborate with Data Engineering and DevOps teams to establish secure, scalable, and automated cloud foundations for lakehouse architectures, data pipelines, and enterprise analytics platforms.
• Implement private networking, identity management, access controls, encryption, monitoring, and governance controls supporting Azure Databricks, Data Lake Storage, and related analytics services.
• Support cloud infrastructure and platform services utilized for machine learning, generative AI, intelligent automation, analytics, and data science workloads.
• Assist with deployment, configuration, monitoring, and operational support of Azure AI and analytics services including Azure Databricks, Azure Machine Learning, Azure OpenAI, Cognitive Services, and related cloud-native technologies.
• Support implementation of cloud networking, security, identity, governance, and compliance controls required for AI, analytics, and machine learning environments.
• Collaborate with Data Engineering, DevOps, and Software Engineering teams to support AI platform infrastructure, model deployment environments, analytics platforms, and automation solutions.
• Monitor performance, utilization, security posture, and operational health of cloud infrastructure supporting AI and advanced analytics workloads.
• Add to Experience.
• Support deployment and operation of Azure Databricks workspaces, Unity Catalog integrations, managed identities, private endpoints, and secure service connectivity across cloud environments.
• Partner with Data Engineering teams to optimize cloud infrastructure supporting data ingestion, transformation, storage, analytics, and machine learning workloads.
• Automate infrastructure provisioning with reusable, version-controlled modules using Terraform, Bicep, and ARM templates, with standardized reusable modules and GitOps practices using Azure DevOps Pipelines.
• Design scalable Virtual Network (VNet) architectures, including VNet peering, Private Endpoints, Service Endpoints, User Defined Routes (UDRs), Network Security Groups (NSGs), Azure Firewall, and ExpressRoute/VPN Gateway integrations.
• Manage hybrid workloads, supporting both Azure-native and lift-and-shift workloads across IaaS and PaaS resources.
• Develop and maintain infrastructure automation scripts using Azure CLI, PowerShell, and Python.
• Implement and enforce tagging policies, naming standards, resource locks, and subscription-level policies using Azure Policy and Management Groups.
• Configure and monitor autoscaling, high availability, zone redundancy, and backup/restore for critical services across production and non-production environments.
• Develop automation tooling using Azure CLI, PowerShell, and Python to streamline provisioning, governance, and operational workflows.
• Implement governance frameworks using Azure Policy, Management Groups, resource locks, tagging policies, and naming conventions for enterprise-scale environments.
• Configure high availability and performance features, including autoscaling, zone redundancy, backup and disaster recovery across all critical environments.
• Lead cost management efforts through Azure Cost Management, budget tracking, right-sizing recommendations, Reserved Instances, and cost anomaly detection.
• Serve as Tier 2 escalation for complex infrastructure incidents and requests, working closely with operations and support teams.
• Adopt ITSM best practices, contributing to incident, problem, and change management workflows using Jira Service Management or equivalent tools.
• Drive cost optimization using Azure Cost Management, budgets, recommendations, and Reserved Instance planning.
• Act as a Tier 2 escalation point for cloud infrastructure and platform-related incidents and service requests.
• Manage cloud identity and access using Microsoft Entra ID (formerly Azure Active Directory), including configuration of user roles, enterprise applications, and secure authentication policies.
• Implement secure external identity integrations using Entra B2B (guest access) and Entra B2C (customer identity), including custom policies, user flows, and application federation.
• Administer Microsoft Intune for mobile device management (MDM) and mobile application management (MAM), enforcing compliance policies, conditional access, and device posture assessments.
• Leverage ITSM best practices to support incident, change, and problem management processes.
• Collaborate with IT and DevOps teams via Jira Service Management and ticketing systems to track work, escalate issues, and drive resolution.
• Assist in root cause analysis, change approvals, and cross-functional resolution of infrastructure-related production issues.
• Maintain knowledge base documentation, FAQs, and standard operating procedures for service desk support alignment.
• Set up and tune observability tools including Azure Monitor, Log Analytics, Application Insights, Network Watcher, and Connection Monitor.
• Develop Kusto Query Language (KQL) dashboards for operational visibility and alerting.
• Support incident response and RCA using Activity Logs, Diagnostics Settings, and Change Analysis.
• Implement secure identity and access management using Azure Active Directory, RBAC, Privileged Identity Management (PIM), Conditional Access, and Managed Identities.
• Secure secrets and certificates using Azure Key Vault with access policies and key rotation.
• Support SSO and OAuth2/OpenID Connect configurations for internal and external applications registered in Entra ID, managing permissions, scopes, and consent frameworks.
• Configure Microsoft Defender for Cloud, Azure Security Center, Just-in-Time VM Access, and Sentinel integrations for threat detection and response.
• Apply best practices aligned to the Azure Security Benchmark and Well-Architected Framework.
• Ensure infrastructure compliance for regulatory standards such as HIPAA, SOC 2, and ISO 27001, and maintain an audit-readiness posture.
• Participate in, adhere to and support compliance, people and culture, and learning programs.
• Perform other duties as assigned.

What our team expects from you?

• Education: Bachelor’s degree or equivalent work experience required.
• Certification/Licenses: Microsoft certifications such as Azure Solutions Architect Expert, Azure Administrator Associate, or Azure Security Engineer Associate preferred.
• Experience:
  • 5+ years of experience in cloud infrastructure, systems engineering, or SRE roles focused on Azure required.
  • Deep experience with Azure resource design, automation, and deployment strategies using Terraform, Bicep, and/or ARM required.
  • Proficient in scripting with PowerShell, Azure CLI, or Python for automation and diagnostics.
  • Strong understanding of Azure networking, firewalls, DNS, load balancing, and hybrid connectivity solutions required.
  • Experience supporting Azure Data Lake Storage Gen2, Azure Databricks, lake house architectures, and enterprise analytics platforms preferred.
  • Familiarity with data platform security, data governance controls, Unity Catalog, private connectivity patterns, and cloud-native analytics architectures preferred.
  • Familiarity with cloud infrastructure supporting machine learning, artificial intelligence, analytics, or data science workloads preferred.
  • Exposure to Azure Machine Learning, Azure OpenAI, Cognitive Services, Databricks ML, MLflow, or similar AI and analytics platforms preferred.
  • Understanding of cloud security, governance, networking, and operational considerations supporting AI and machine learning environments preferred.
  • Hands-on experience with Azure-native observability tools and ability to craft KQL-based dashboards and alerts required.
  • Solid grasp of RBAC, identity federation, Key Vault, and platform security controls required.
  • Familiarity with governance structures including Management Groups, Blueprints, and Policy Definitions required.
  • Experience supporting AKS, Azure Functions, or containerized workloads in production preferred.
  • Familiarity with DevSecOps pipelines using Azure DevOps, integrating security, compliance, and testing stages preferred.
  • Experience with Zero Trust architecture, Microsoft Entra, and Conditional Access Policies preferred.
  • Skills & Technologies:
    • Compute & Platform: Azure VMs, App Services, AKS, Azure Functions, Virtual Desktop
    • Infrastructure as Code: Terraform, Bicep, ARM, Azure CLI, PowerShell
    • Networking: VNets, NSGs, UDRs, Azure Firewall, VPN Gateway, ExpressRoute, App Gateway, Front Door, Private Link
    • Data Platform Infrastructure: Azure Data Lake Storage Gen2 (ADLS), Azure Databricks, Unity Catalog, Delta Lake, Private Endpoints, Managed Identities, Analytics Platform Infrastructure, Lakehouse Architecture Foundations
    • AI & Advanced Analytics Platforms: Azure Machine Learning, Azure OpenAI, Azure AI Services, Cognitive Services, Databricks ML, MLflow, AI Platform Infrastructure Fundamentals
    • Monitoring & Logging: Azure Monitor, Application Insights, Log Analytics, KQL, Network Watcher
    • Security & Identity: Azure AD, RBAC, Key Vault, Defender for Cloud, PIM, Conditional Access
    • Automation & CI/CD: Azure DevOps Pipelines, GitHub Actions, scripting (PowerShell, Python), Runbooks
    • Governance & Cost: Azure Policy, Management Groups, Cost Management, Azure Blueprints
    • Version Control: Git (Azure Repos, GitHub)

What can you expect from Archimedes? 

• Top of the industry benefits for Health, Dental, and Vision insurance 
• 20 days paid time off 
• 4 weeks paid parental leave 
• 9 paid holidays 
• 401K company match of up to 5% - No vesting requirement 
• Adoption Assistance Program 
• Flexible Spending Account 
• Educational Assistance Plan and Professional Membership assistance 
• Referral Bonus Program – up to $750! 

Remote

US