Enterprise Architect

Job Description:

Position Overview

The primary responsibilities of the Enterprise Architect include strategy, design, implementation, and support of enterprise technology solutions for both cloud and on-premise environments. Assessment of new technologies, and review of peer solution designs. Prospective candidates should reside in the Pacific or Mountain time zones and have the capability to attend regular off-hours calls. This position collaborates with other IT team resources to drive transformation of technology and operational processes. Members of this role focus on a subset of the following disciplines:

Microsoft 365 & Collaboration, Identity, Cloud Engineering, Infrastructure, Networking, Automation, Monitoring, Data Services, Virtualization, and Containers.

All duties are to be performed in accordance with departmental and Las Vegas Sands Corp.’s policies, practices, and procedures. All Las Vegas Sands Corp. Team Members are expected to conduct and carry themselves in a professional manner at all times. Team Members are required to observe the Company’s standards, work requirements and rules of conduct.

Essential Duties & Responsibilities

• Development of complex enterprise solution designs, standards, patterns, strategies, and roadmaps, showcasing authoritative decision-making skills in guiding architectural direction. Document and present solution designs in Architecture Review Board meetings, demonstrating confidence and expertise in advocating for optimal architectural choices.

• Perform regular reviews of proposed solution designs, assessing them against design patterns, standards, compliance requirements, and industry best practices to ensure a reliable and secure solution is implemented.

• Demonstrate deep hands-on expertise and guidance in Azure, Active Directory, and EntraID, encompassing holistic architecture, identity management, group policy, SSO, application integrations, and security best practices.

• Architect and implement highly secure application integrations between on-premises systems and various cloud and SaaS platforms, ensuring data integrity, confidentiality, and compliance with regulatory standards.

• Evaluate commercial products for functionality and requirements to utilize them in a solution.

• Implement and manage information governance strategies, including the development and enforcement of sensitivity labels, to ensure secure handling and protection of confidential data across the enterprise ecosystem.

• Work alongside project management teams to successfully monitor progress and implementation of initiatives from start to closure.

• Develop and implement enhancements to existing enterprise solutions, infrastructure, and services.

• Extract and refine technical requirements from both vendors and business stakeholders, translating them into resilient designs.

• Conduct comprehensive risk assessments and threat modeling for application integrations, identifying potential security vulnerabilities and implementing appropriate mitigation strategies to safeguard sensitive data and resources.

• Ability to manage multiple high-priority initiatives concurrently, ensuring focused effort and timely delivery of results according to deadlines.

• Strong attention to detail, reviewing solution designs and documentation for accuracy and compliance with standards.

• Establishes goals, monitors progress toward them, and ultimately achieves these goals

• Perform job duties in a safe manner.

• Attend work as scheduled on a consistent and regular basis.

• Perform other related duties as assigned.

Technical Skills

Candidates should demonstrate hands-on senior architect level technical acumen across most of these disciplines:

• Microsoft 365, Identity, and Collaboration architecture and administration.

• Windows administration, encompassing Active Directory, Group Policy, and system optimization.

• Cloud security best practices to protect data and applications.

• Identity strategies and integrations including LDAP, Kerberos, SAML, SCIM, OAuth, and OpenID Connect.

• Azure IaaS, PaaS, Storage, Data Factory, Logic Apps, and Automation.

• Application development platforms, service-oriented architectures, streams, orchestrators, web services, and APIs.

• Software vulnerabilities testing and remediation (OWASP/SANS CWE).

• Application integration architecture design and deployment with microservices, APIs and Enterprise Service Bus architectures.

• Virtualization technologies by vendors such as VMware, Microsoft, Redhat, Citrix,Oracle, and Docker.

• Data architecture, transformation, and visualization.

• Understanding of the Microsoft BI Stack, including: SSIS, SSAS, SSRS, and Power BI.

• Experience with data lakes, HDFS, Kafka, MongoDB, Elasticsearch, Oracle platforms, Spark and advanced analytic tools.

• Proficient in automated file handling with ETL tools and orchestration.

• Data analysis procedures, data backup, recovery, security, and integrity controls.

• Network architecture with Cisco, Azure, AWS, and F5.

• Network access and traffic control with Checkpoint, Palo Alto, Zscaler, Akamai, Azure, AWS, and SDWAN.

• Monitoring with ITRS, Nagios, SolarWinds, Datadog, Big Panda, App Dynamics, and Dynatrace.

• Project management and tracking in platforms such as Jira, Confluence, Sharepoint, and ServiceNow.

• Proficient designing complex architectural diagrams using Visio, ensuring clear communication.

Preferred Skills

• Infrastructure technologies from VMware, Linux, Microsoft, HCI, and Docker.

• Scripting with Python, PowerShell, Bash/KSH, JavaScript, and YAML.

• Configuration management with Ansible, Terraform, and Chef.

• Experience with SQL in IaaS/PaaS and private cloud platforms, as well as SSIS and SSAS.

• Experience with SAP, Infor, Workday, Azure, AWS, GCP.

• Data reporting and visualization using SSRS and Power BI.

• Network topologies, protocols, and standards.

• Container platforms and orchestration with Docker and Kubernetes.

• Cloud automation and configuration management with Ansible, Terraform, Chef.

• Endpoint Management, software packaging, and distribution with SCCM, Intune, and SyxSense.

Minimum Qualifications

• At least 21 years of age.

• Proof of authorization to work in the United States.

• Located in Mountain or Pacific time zones.

• Bachelor's degree preferred; advanced degree in technology preferred

• 8+ years of relevant work experience

• Experience in technical design, strategic planning, implementation, information security, and technology assessment

• Familiar with Enterprise Architecture concepts, design principles, best practices, standards, and processes

• Strong understanding of hospitality and gaming business processes and compliance constraints

• Ability to communicate clearly in a multicultural, multinational environment with both technical and non-technical business stakeholders, as well as executive level management.

• Understanding of business processes and fundamental corporate finance, management, and accounting principles

• Knowledge of secure coding best practices and security framework standards: NIST, COBIT, ISO

• Experience architecting solutions compliant with regulations such as: PCI, GLBA, SOX, Basel III

• Experience implementing controls for privacy legislation such as: HIPAA, COPPA, FCRA, GLB and GDPR

• Familiarity with continuous integration and deployment (CICD), DevOps, or SRE

• Must be able to work varied shifts, including nights, weekends, and holidays.

• Effective written and verbal communication skills in English

Physical Requirements

Must be able to:

• Physically access assigned workspace areas with or without reasonable accommodation.

• Work indoors and be exposed to various environmental factors such as, but not limited to, CRT, noise, and dust.

• Work remotely as necessary

• Utilize laptop and standard keyboard to perform essential functions of the job.