{"id":73371,"date":"2026-04-13T19:55:09","date_gmt":"2026-04-13T19:55:09","guid":{"rendered":"https:\/\/www.devopsschool.com\/blog\/cloud-consultant-role-blueprint-responsibilities-skills-kpis-and-career-path\/"},"modified":"2026-04-13T19:55:09","modified_gmt":"2026-04-13T19:55:09","slug":"cloud-consultant-role-blueprint-responsibilities-skills-kpis-and-career-path","status":"publish","type":"post","link":"https:\/\/www.devopsschool.com\/blog\/cloud-consultant-role-blueprint-responsibilities-skills-kpis-and-career-path\/","title":{"rendered":"Cloud Consultant: Role Blueprint, Responsibilities, Skills, KPIs, and Career Path"},"content":{"rendered":"\n

1) Role Summary<\/h2>\n\n\n\n

A Cloud Consultant designs, advises on, and helps implement cloud solutions that are secure, reliable, cost-effective, and aligned to a client or internal business unit\u2019s goals. The role blends technical depth (cloud platforms, networking, security, automation) with consultative skills (discovery, options analysis, stakeholder alignment, and implementation planning).<\/p>\n\n\n\n

This role exists in software companies and IT organizations because cloud adoption is rarely \u201clift-and-shift\u201d\u2014it requires architecture choices, operating model adjustments, governance, and hands-on enablement to realize business value (speed, scalability, resiliency, and cost control). Cloud Consultants translate business needs into cloud landing zones, migration plans, and modern infrastructure patterns while reducing delivery risk.<\/p>\n\n\n\n

Business value created<\/strong>\n– Accelerates cloud adoption and modernization while reducing rework and failure rates.\n– Improves security posture and compliance alignment through standardized patterns and guardrails.\n– Reduces cloud spend via FinOps-informed designs and operational optimizations.\n– Raises platform reliability through resilient architectures, observability, and runbook-driven operations.\n– Enables developer productivity through self-service infrastructure and automation.<\/p>\n\n\n\n

Role horizon:<\/strong> Current (widely established in modern IT and cloud practices).<\/p>\n\n\n\n

Typical teams\/functions interacted with<\/strong>\n– Cloud & Infrastructure (platform, networking, operations)\n– Application Engineering \/ Product Engineering\n– Security \/ IAM \/ GRC (governance, risk, and compliance)\n– SRE \/ DevOps \/ Release Engineering\n– Enterprise Architecture\n– Data\/Analytics platforms (as needed)\n– Finance \/ FinOps (cloud cost management)\n– IT Service Management (ITSM) \/ Service Desk\n– Vendors\/partners (cloud provider, MSP, security tooling)<\/p>\n\n\n\n

Seniority inference (conservative):<\/strong> Mid-level individual contributor (IC) consultant. May lead small workstreams but does not own a full practice or large team.<\/p>\n\n\n\n

Typical reporting line<\/strong>\n– Reports to: Cloud Consulting Manager<\/strong> or Cloud Platform & Consulting Lead<\/strong> within the Cloud & Infrastructure department.<\/p>\n\n\n\n

\n\n\n\n

2) Role Mission<\/h2>\n\n\n\n

Core mission:<\/strong>\nEnable secure, scalable, and cost-optimized cloud adoption by guiding stakeholders from discovery through solution design and implementation\u2014using proven patterns, automation, and governance to produce reliable outcomes.<\/p>\n\n\n\n

Strategic importance to the company<\/strong>\n– Cloud is a foundational capability for product delivery, operational scalability, and time-to-market.\n– Poor cloud decisions create long-lived cost, security, and reliability debt; the Cloud Consultant reduces this risk.\n– Standardizing on reference architectures and reusable modules improves consistency and accelerates delivery across teams.<\/p>\n\n\n\n

Primary business outcomes expected<\/strong>\n– Cloud solutions that meet security, reliability, performance, and cost requirements.\n– Successful migrations and modernization initiatives delivered with minimal disruption.\n– Cloud landing zones and guardrails that enable self-service while maintaining control.\n– Documented architectures, runbooks, and knowledge transfer that reduce dependency on single experts.\n– Measurable improvements in deployment speed, incident rates, and cloud spend efficiency.<\/p>\n\n\n\n

\n\n\n\n

3) Core Responsibilities<\/h2>\n\n\n\n

Strategic responsibilities<\/h3>\n\n\n\n
    \n
  1. Cloud adoption discovery and roadmap shaping<\/strong>: Lead structured discovery (current state, target outcomes, constraints) and translate into phased roadmaps.<\/li>\n
  2. Reference architecture contribution<\/strong>: Produce and refine cloud reference architectures, standards, and reusable patterns (networking, IAM, logging, secrets, backup).<\/li>\n
  3. Option analysis and trade-off facilitation<\/strong>: Present design options with clear trade-offs for cost, latency, resiliency, operational complexity, and vendor lock-in.<\/li>\n
  4. Cloud operating model input<\/strong>: Advise on responsibilities across product teams, platform teams, security, and operations (RACI, runbooks, escalation paths).<\/li>\n<\/ol>\n\n\n\n

    Operational responsibilities<\/h3>\n\n\n\n
      \n
    1. Stakeholder alignment and expectation management<\/strong>: Maintain alignment across engineering, security, operations, and leadership regarding scope, risks, and delivery sequencing.<\/li>\n
    2. Delivery planning and workstream leadership<\/strong>: Break down cloud initiatives into epics, stories, milestones, and acceptance criteria; lead small workstreams or squads as needed.<\/li>\n
    3. Implementation oversight and quality review<\/strong>: Review infrastructure changes and deployments for adherence to standards; validate readiness for production.<\/li>\n
    4. Operational readiness and handover<\/strong>: Ensure monitoring, alerting, incident response, and runbooks are in place prior to go-live; support knowledge transfer to ops teams.<\/li>\n<\/ol>\n\n\n\n

      Technical responsibilities<\/h3>\n\n\n\n
        \n
      1. Landing zone design and implementation support<\/strong>: Help implement account\/subscription structures, network topology, IAM, logging, and baseline security controls.<\/li>\n
      2. Infrastructure as Code (IaC)<\/strong>: Develop or guide Terraform\/Bicep\/CloudFormation modules and pipelines to deliver repeatable infrastructure.<\/li>\n
      3. Cloud networking and connectivity<\/strong>: Design VPC\/VNet patterns, routing, DNS, peering, VPN\/DirectConnect\/ExpressRoute, and segmentation aligned to security needs.<\/li>\n
      4. Identity and access management<\/strong>: Implement least-privilege IAM, role-based access control, and secure identity federation (SSO) patterns.<\/li>\n
      5. Security and compliance-by-design<\/strong>: Integrate security controls (encryption, key management, secrets, vulnerability scanning, policy-as-code).<\/li>\n
      6. Observability enablement<\/strong>: Ensure logs, metrics, traces, dashboards, and alerting align to SLO\/SLA needs; improve mean time to detect (MTTD).<\/li>\n
      7. Migration and modernization support<\/strong>: Plan and guide workload migrations (rehost, replatform, refactor), including data migration considerations and cutover plans.<\/li>\n
      8. Cost optimization and FinOps practices<\/strong>: Implement tagging standards, budgets\/alerts, cost allocation, rightsizing recommendations, and reserved capacity strategies.<\/li>\n<\/ol>\n\n\n\n

        Cross-functional or stakeholder responsibilities<\/h3>\n\n\n\n
          \n
        1. Workshops and enablement<\/strong>: Run architecture workshops, design reviews, and training sessions for engineers and stakeholders.<\/li>\n
        2. Vendor and partner coordination<\/strong>: Collaborate with cloud providers and tooling vendors for escalations, architecture validation, and service limit planning.<\/li>\n<\/ol>\n\n\n\n

          Governance, compliance, or quality responsibilities<\/h3>\n\n\n\n
            \n
          1. Architecture governance participation<\/strong>: Contribute to architecture review boards (ARBs) and produce artifacts required for approvals.<\/li>\n
          2. Change management and risk controls<\/strong>: Ensure changes follow change management processes appropriate to environment maturity (CAB where applicable), including rollback plans and risk assessments.<\/li>\n<\/ol>\n\n\n\n

            Leadership responsibilities (applicable to this mid-level IC scope)<\/h3>\n\n\n\n
              \n
            • Mentor and uplift peers<\/strong> through pairing, code reviews, and sharing reusable modules (no direct people management assumed).<\/li>\n
            • Lead by influence<\/strong> in cross-functional settings; escalate risks with clear mitigation plans.<\/li>\n<\/ul>\n\n\n\n
              \n\n\n\n

              4) Day-to-Day Activities<\/h2>\n\n\n\n

              Daily activities<\/h3>\n\n\n\n
                \n
              • Participate in customer\/internal stakeholder calls to clarify requirements and constraints.<\/li>\n
              • Review IaC pull requests for compliance with standards (tagging, IAM, network rules, logging).<\/li>\n
              • Produce or update architecture diagrams (logical + deployment views) and decision records.<\/li>\n
              • Troubleshoot environment issues (network reachability, IAM policy errors, pipeline failures).<\/li>\n
              • Support engineering teams with \u201coffice hours\u201d for cloud patterns and best practices.<\/li>\n
              • Monitor delivery progress and unblock dependencies (access, quotas, approvals, security reviews).<\/li>\n<\/ul>\n\n\n\n

                Weekly activities<\/h3>\n\n\n\n
                  \n
                • Run or attend design workshops (landing zone, network segmentation, workload migration).<\/li>\n
                • Conduct architecture reviews and threat modeling sessions (lightweight or formal depending on environment).<\/li>\n
                • Update backlog items and delivery plans; refine estimates with engineering and platform teams.<\/li>\n
                • Review cost reports and identify optimization opportunities (idle resources, overprovisioned compute).<\/li>\n
                • Align with Security\/GRC on policy changes and upcoming audit requirements.<\/li>\n
                • Publish weekly status updates (risks, decisions, progress vs milestones).<\/li>\n<\/ul>\n\n\n\n

                  Monthly or quarterly activities<\/h3>\n\n\n\n
                    \n
                  • Create or refresh cloud capability maturity assessments and improvement plans.<\/li>\n
                  • Review SLO\/SLA attainment and propose resilience improvements (multi-AZ, backups, DR testing).<\/li>\n
                  • Participate in quarterly planning with platform and product engineering leaders.<\/li>\n
                  • Validate that landing zone standards remain aligned to provider changes and new services.<\/li>\n
                  • Run periodic access reviews and governance checks (tag compliance, policy drift).<\/li>\n<\/ul>\n\n\n\n

                    Recurring meetings or rituals<\/h3>\n\n\n\n
                      \n
                    • Cloud architecture\/design review board (ARB\/DRB)<\/li>\n
                    • Sprint planning\/review\/retro (when embedded in an agile squad)<\/li>\n
                    • Platform governance sync (security, networking, identity, operations)<\/li>\n
                    • FinOps review (cost allocation, anomalies, optimization actions)<\/li>\n
                    • Incident review \/ post-incident reviews (PIRs) when incidents occur<\/li>\n<\/ul>\n\n\n\n

                      Incident, escalation, or emergency work (context-dependent)<\/h3>\n\n\n\n
                        \n
                      • Assist in severity incidents<\/strong> where cloud infrastructure is involved (routing, IAM, service quotas, regional degradation).<\/li>\n
                      • Provide rapid triage and coordinate with cloud provider support.<\/li>\n
                      • Support incident commanders with infrastructure insights and safe mitigation steps.<\/li>\n
                      • Ensure follow-up items become tracked backlog work (prevent recurrence via automation\/guardrails).<\/li>\n<\/ul>\n\n\n\n
                        \n\n\n\n

                        5) Key Deliverables<\/h2>\n\n\n\n

                        Cloud Consultants are expected to produce tangible artifacts that can be reviewed, approved, implemented, and operated.<\/p>\n\n\n\n

                        Architecture & design<\/strong>\n– Cloud solution architecture documents (HLD\/LLD)\n– Architecture Decision Records (ADRs)\n– Reference architectures and pattern catalog entries\n– Network topology diagrams (VPC\/VNet, routing, segmentation)\n– Identity and access design (RBAC\/IAM model, role definitions)\n– Resilience and DR design (RTO\/RPO targets, failover approach)<\/p>\n\n\n\n

                        Implementation & automation<\/strong>\n– Landing zone implementation plan and baseline configuration\n– IaC modules (Terraform modules, Bicep templates, CloudFormation stacks)\n– CI\/CD pipeline templates for IaC deployment\n– Policy-as-code artifacts (e.g., Azure Policy, AWS SCPs, OPA policies) where applicable\n– Standard tagging strategy and enforcement mechanisms<\/p>\n\n\n\n

                        Operational readiness<\/strong>\n– Runbooks and operational playbooks (backup restore, certificate rotation, failover steps)\n– Monitoring\/alerting configuration and dashboards\n– Incident response integration notes (who to call, where to look, escalation steps)\n– Service catalog entries \/ self-service documentation (where a platform team exists)<\/p>\n\n\n\n

                        Migration & transformation<\/strong>\n– Migration assessment reports and workload classification\n– Cutover plans and rollback strategies\n– Risk registers and mitigation plans for cloud programs\n– Training materials and recorded enablement sessions<\/p>\n\n\n\n

                        Governance & reporting<\/strong>\n– Security control mapping (to internal policies or industry standards where relevant)\n– Compliance evidence packages (context-specific)\n– KPI dashboards and status reports for cloud initiatives\n– Cost optimization recommendations with estimated savings and effort<\/p>\n\n\n\n

                        \n\n\n\n

                        6) Goals, Objectives, and Milestones<\/h2>\n\n\n\n

                        30-day goals (onboarding and situational awareness)<\/h3>\n\n\n\n
                          \n
                        • Understand organization\u2019s cloud strategy, standards, and current-state architecture.<\/li>\n
                        • Gain access to cloud environments, CI\/CD tooling, monitoring systems, and documentation repositories.<\/li>\n
                        • Build relationships with key stakeholders (platform, security, networking, product engineering).<\/li>\n
                        • Deliver at least one small but meaningful<\/strong> improvement (e.g., tagging fix, IAM cleanup, pipeline stabilization, dashboard update).<\/li>\n
                        • Produce an initial assessment of top risks and quick wins for assigned initiative(s).<\/li>\n<\/ul>\n\n\n\n

                          60-day goals (active delivery contribution)<\/h3>\n\n\n\n
                            \n
                          • Lead discovery and design for at least one workload or platform enhancement.<\/li>\n
                          • Deliver a reviewed and approved architecture document (or ADR set) for a scoped project.<\/li>\n
                          • Contribute at least one reusable IaC module improvement or pattern update.<\/li>\n
                          • Establish measurable success criteria with stakeholders (SLOs, cost targets, delivery milestones).<\/li>\n
                          • Demonstrate ability to navigate governance (security approvals, ARB) efficiently.<\/li>\n<\/ul>\n\n\n\n

                            90-day goals (ownership of a workstream)<\/h3>\n\n\n\n
                              \n
                            • Own a defined cloud workstream end-to-end (design \u2192 implement support \u2192 readiness \u2192 handover).<\/li>\n
                            • Improve delivery outcomes: reduced cycle time for environment provisioning or deployment.<\/li>\n
                            • Demonstrate strong cross-functional influence by resolving at least one complex dependency (network, IAM, security).<\/li>\n
                            • Deliver operational artifacts (runbooks, monitoring dashboards) that are adopted by ops\/SRE.<\/li>\n
                            • Present a retrospective of outcomes, lessons learned, and next improvement recommendations.<\/li>\n<\/ul>\n\n\n\n

                              6-month milestones (repeatable impact)<\/h3>\n\n\n\n
                                \n
                              • Establish a repeatable approach for cloud engagements: discovery templates, reference designs, and governance pathways.<\/li>\n
                              • Reduce rework by increasing \u201cfirst-time approval\u201d rate for architecture\/security reviews.<\/li>\n
                              • Demonstrate measurable FinOps impact (cost savings\/avoidance) through implemented recommendations.<\/li>\n
                              • Mentor peers and contribute to an internal knowledge base or enablement series.<\/li>\n
                              • Strengthen reliability posture for supported workloads (documented SLOs and improved incident metrics).<\/li>\n<\/ul>\n\n\n\n

                                12-month objectives (scaled value and credibility)<\/h3>\n\n\n\n
                                  \n
                                • Be recognized as a go-to consultant for one or more cloud domains (networking, IAM, IaC, observability, migration).<\/li>\n
                                • Drive standardization: adoption of reference architectures\/patterns across multiple teams.<\/li>\n
                                • Improve cloud governance maturity with guardrails that enable self-service without sacrificing compliance.<\/li>\n
                                • Demonstrate quantifiable business outcomes (delivery speed, reliability improvements, cost optimization).<\/li>\n
                                • Support strategic planning: input into cloud roadmap, platform backlog, and capability investments.<\/li>\n<\/ul>\n\n\n\n

                                  Long-term impact goals (18\u201336 months, for workforce planning)<\/h3>\n\n\n\n
                                    \n
                                  • Create durable cloud capabilities: automation-first landing zones, scalable governance, and consistent engineering practices.<\/li>\n
                                  • Reduce organizational dependency on heroics by embedding repeatable patterns and knowledge transfer.<\/li>\n
                                  • Enable multi-team modernization and migration programs with fewer incidents and better predictability.<\/li>\n<\/ul>\n\n\n\n

                                    Role success definition<\/h3>\n\n\n\n

                                    Success is achieved when cloud solutions are delivered securely, reliably, and cost-effectively<\/strong>, stakeholders trust the consultant\u2019s recommendations, and the organization becomes more capable of self-sufficient cloud delivery.<\/p>\n\n\n\n

                                    What high performance looks like<\/h3>\n\n\n\n
                                      \n
                                    • Produces designs that are implementable, operable, and aligned to constraints.<\/li>\n
                                    • Anticipates risks (quotas, IAM sprawl, network complexity, compliance needs) and prevents escalations.<\/li>\n
                                    • Creates reusable assets that reduce future effort (modules, templates, standards).<\/li>\n
                                    • Communicates trade-offs clearly and drives decisions without unnecessary bureaucracy.<\/li>\n
                                    • Builds strong partnerships across security, engineering, and operations.<\/li>\n<\/ul>\n\n\n\n
                                      \n\n\n\n

                                      7) KPIs and Productivity Metrics<\/h2>\n\n\n\n

                                      A balanced measurement framework should combine delivery throughput, business outcomes, quality, reliability, and stakeholder satisfaction.<\/p>\n\n\n\n

                                      KPI framework table<\/h3>\n\n\n\n
                                      \n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n
                                      Category<\/th>\nMetric name<\/th>\nWhat it measures<\/th>\nWhy it matters<\/th>\nExample target\/benchmark<\/th>\nFrequency<\/th>\n<\/tr>\n<\/thead>\n
                                      Output<\/td>\nArchitecture artifacts completed<\/td>\nNumber of HLD\/LLD\/ADRs delivered and accepted<\/td>\nIndicates tangible progress and decision clarity<\/td>\n2\u20134 major artifacts\/quarter (context-dependent)<\/td>\nMonthly\/Quarterly<\/td>\n<\/tr>\n
                                      Output<\/td>\nIaC contributions merged<\/td>\nMerged PRs to IaC repos (modules, pipelines, policies)<\/td>\nReusability and automation progress<\/td>\n4\u201310 meaningful merges\/month<\/td>\nMonthly<\/td>\n<\/tr>\n
                                      Outcome<\/td>\nTime-to-environment (TTE) reduction<\/td>\nReduction in time to provision standardized environments<\/td>\nAccelerates engineering delivery<\/td>\n20\u201350% reduction over 6\u201312 months<\/td>\nQuarterly<\/td>\n<\/tr>\n
                                      Outcome<\/td>\nMigration success rate<\/td>\n% of migrations completed without major rollback or extended downtime<\/td>\nIndicates effective planning and risk management<\/td>\n90%+ \u201cno major incident\u201d migrations<\/td>\nQuarterly<\/td>\n<\/tr>\n
                                      Quality<\/td>\nFirst-pass approval rate<\/td>\n% of designs passing ARB\/security review with minimal rework<\/td>\nGood designs reduce delays<\/td>\n70\u201385%+ first-pass approval<\/td>\nMonthly\/Quarterly<\/td>\n<\/tr>\n
                                      Quality<\/td>\nStandards compliance rate<\/td>\nAdherence to tagging, logging, IAM, network policies<\/td>\nPrevents drift and audit issues<\/td>\n90%+ compliant resources in scope<\/td>\nMonthly<\/td>\n<\/tr>\n
                                      Efficiency<\/td>\nLead time for decision<\/td>\nTime from discovery to a signed-off design decision<\/td>\nMeasures consultative efficiency<\/td>\n1\u20133 weeks for medium scope<\/td>\nMonthly<\/td>\n<\/tr>\n
                                      Efficiency<\/td>\nRework rate<\/td>\n% of work repeated due to unclear requirements or poor design<\/td>\nRework drives cost and delays<\/td>\n<10\u201315% rework on key deliverables<\/td>\nQuarterly<\/td>\n<\/tr>\n
                                      Reliability<\/td>\nIncident involvement outcomes<\/td>\nReduction in infra-caused incidents or faster resolution<\/td>\nTies designs to ops outcomes<\/td>\n15\u201330% fewer infra-caused incidents YoY<\/td>\nQuarterly<\/td>\n<\/tr>\n
                                      Reliability<\/td>\nMTTD\/MTTR improvements (supported services)<\/td>\nDetection and recovery times for services with consultant-led observability<\/td>\nObservability and runbooks reduce downtime<\/td>\n10\u201325% MTTR reduction over 6\u201312 months<\/td>\nQuarterly<\/td>\n<\/tr>\n
                                      Innovation\/Improvement<\/td>\nAutomation coverage<\/td>\n% of infra changes executed via pipeline\/IaC vs manual<\/td>\nManual changes increase risk<\/td>\n80\u201395% via IaC for in-scope components<\/td>\nQuarterly<\/td>\n<\/tr>\n
                                      Innovation\/Improvement<\/td>\nPattern adoption<\/td>\nNumber of teams adopting reference patterns\/modules<\/td>\nScales impact beyond one project<\/td>\n3\u20136 teams\/year adopting key patterns<\/td>\nQuarterly<\/td>\n<\/tr>\n
                                      Collaboration<\/td>\nStakeholder satisfaction score<\/td>\nFeedback from engineering\/security\/product owners<\/td>\nTrust and clarity affect outcomes<\/td>\n4.2\/5 or higher<\/td>\nQuarterly<\/td>\n<\/tr>\n
                                      Collaboration<\/td>\nEnablement impact<\/td>\nAttendance and outcomes of workshops\/training; reduced repetitive questions<\/td>\nImproves org capability<\/td>\n1 enablement session\/month + positive feedback<\/td>\nMonthly\/Quarterly<\/td>\n<\/tr>\n
                                      Financial<\/td>\nCost savings\/avoidance<\/td>\nVerified savings from rightsizing, reservations, decommissioning<\/td>\nCloud value includes cost discipline<\/td>\n5\u201315% savings on targeted scope\/year<\/td>\nQuarterly<\/td>\n<\/tr>\n
                                      Governance<\/td>\nAudit findings in scope<\/td>\nCount\/severity of audit issues tied to cloud controls in consultant scope<\/td>\nReduces compliance risk<\/td>\nZero high-severity findings attributable to scope<\/td>\nSemi-annual\/Annual<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n

                                      Notes on measurement<\/strong>\n– Targets must be calibrated to scope (number of workloads, maturity, and whether the role is internal platform consulting vs external consulting).\n– Avoid vanity counts (e.g., \u201c# of meetings\u201d). Prefer adoption, approval, and operational outcome metrics.\n– Pair KPIs with narrative context: many factors (provider outages, org restructures) affect outcomes.<\/p>\n\n\n\n

                                      \n\n\n\n

                                      8) Technical Skills Required<\/h2>\n\n\n\n

                                      Must-have technical skills<\/h3>\n\n\n\n
                                        \n
                                      1. \n

                                        Core cloud platform competency (AWS\/Azure\/GCP)<\/strong>\n – Description:<\/strong> Practical ability to design and implement core services (compute, networking, IAM, storage, logging).\n – Use:<\/strong> Architecture, troubleshooting, landing zone support, solution validation.\n – Importance:<\/strong> Critical.<\/p>\n<\/li>\n

                                      2. \n

                                        Cloud networking fundamentals<\/strong>\n – Description:<\/strong> VPC\/VNet design, routing, subnetting, security groups\/NSGs, DNS, load balancing basics.\n – Use:<\/strong> Connectivity, segmentation, hybrid access, service exposure patterns.\n – Importance:<\/strong> Critical.<\/p>\n<\/li>\n

                                      3. \n

                                        Identity and Access Management (IAM\/RBAC)<\/strong>\n – Description:<\/strong> Least privilege, role design, identity federation, service principals, secrets handling.\n – Use:<\/strong> Secure access patterns, onboarding teams, governance guardrails.\n – Importance:<\/strong> Critical.<\/p>\n<\/li>\n

                                      4. \n

                                        Infrastructure as Code (IaC)<\/strong>\n – Description:<\/strong> Terraform or native IaC (Bicep\/ARM, CloudFormation), module design, state management.\n – Use:<\/strong> Repeatable environments, drift reduction, standardized deployments.\n – Importance:<\/strong> Critical.<\/p>\n<\/li>\n

                                      5. \n

                                        Security fundamentals in cloud<\/strong>\n – Description:<\/strong> Encryption, key management, vulnerability concepts, secure network boundaries, baseline logging.\n – Use:<\/strong> Secure designs and compliance-by-design.\n – Importance:<\/strong> Critical.<\/p>\n<\/li>\n

                                      6. \n

                                        Linux and basic systems troubleshooting<\/strong>\n – Description:<\/strong> OS-level concepts, SSH, systemd, networking tools, logs.\n – Use:<\/strong> Diagnose issues in compute instances and containers.\n – Importance:<\/strong> Important.<\/p>\n<\/li>\n

                                      7. \n

                                        CI\/CD concepts for infrastructure<\/strong>\n – Description:<\/strong> Pipelines, environment promotion, approvals, artifact management, secrets injection.\n – Use:<\/strong> Automated IaC deployment and repeatable release processes.\n – Importance:<\/strong> Important.<\/p>\n<\/li>\n

                                      8. \n

                                        Observability basics<\/strong>\n – Description:<\/strong> Metrics\/logs\/traces, alerting principles, dashboard design.\n – Use:<\/strong> Operational readiness and ongoing reliability.\n – Importance:<\/strong> Important.<\/p>\n<\/li>\n<\/ol>\n\n\n\n

                                        Good-to-have technical skills<\/h3>\n\n\n\n
                                          \n
                                        1. \n

                                          Containers and orchestration (Docker\/Kubernetes)<\/strong>\n – Use:<\/strong> Many workloads move to managed Kubernetes or container services.\n – Importance:<\/strong> Important (but scope-dependent).<\/p>\n<\/li>\n

                                        2. \n

                                          Serverless design concepts<\/strong>\n – Use:<\/strong> Event-driven architecture patterns and cost-efficient scaling.\n – Importance:<\/strong> Optional (context-specific).<\/p>\n<\/li>\n

                                        3. \n

                                          Hybrid connectivity patterns<\/strong>\n – Use:<\/strong> VPN\/ExpressRoute\/Direct Connect, identity federation, on-prem dependencies.\n – Importance:<\/strong> Important in hybrid enterprises; Optional otherwise.<\/p>\n<\/li>\n

                                        4. \n

                                          Database and storage patterns in cloud<\/strong>\n – Use:<\/strong> Backup\/restore, encryption, performance and cost trade-offs.\n – Importance:<\/strong> Optional to Important depending on workload mix.<\/p>\n<\/li>\n

                                        5. \n

                                          Configuration management (Ansible, cloud-init)<\/strong>\n – Use:<\/strong> Bootstrapping, OS-level automation (where still needed).\n – Importance:<\/strong> Optional.<\/p>\n<\/li>\n<\/ol>\n\n\n\n

                                          Advanced or expert-level technical skills (for strong performers)<\/h3>\n\n\n\n
                                            \n
                                          1. \n

                                            Landing zone and multi-account\/subscription governance<\/strong>\n – Description:<\/strong> Complex org structures, policy enforcement, shared services design.\n – Use:<\/strong> Enterprise-scale cloud foundations.\n – Importance:<\/strong> Important (differentiator).<\/p>\n<\/li>\n

                                          2. \n

                                            Policy-as-code and guardrails engineering<\/strong>\n – Description:<\/strong> Azure Policy, AWS SCPs, OPA, Sentinel, custom admission controls.\n – Use:<\/strong> Prevent misconfiguration at scale.\n – Importance:<\/strong> Important.<\/p>\n<\/li>\n

                                          3. \n

                                            Resilience engineering and DR testing<\/strong>\n – Description:<\/strong> Multi-AZ\/region strategies, chaos testing concepts, backup verification.\n – Use:<\/strong> High availability and business continuity.\n – Importance:<\/strong> Important for production-critical systems.<\/p>\n<\/li>\n

                                          4. \n

                                            FinOps engineering<\/strong>\n – Description:<\/strong> Cost allocation models, unit economics, showback\/chargeback, cost anomaly detection.\n – Use:<\/strong> Sustainable cloud operations and optimization.\n – Importance:<\/strong> Important.<\/p>\n<\/li>\n

                                          5. \n

                                            Performance and scalability tuning<\/strong>\n – Description:<\/strong> Load testing implications, autoscaling strategies, caching\/CDN patterns.\n – Use:<\/strong> High-traffic products and customer-facing services.\n – Importance:<\/strong> Optional to Important.<\/p>\n<\/li>\n<\/ol>\n\n\n\n

                                            Emerging future skills for this role (2\u20135 years)<\/h3>\n\n\n\n
                                              \n
                                            1. \n

                                              Platform engineering and internal developer platforms (IDP)<\/strong>\n – Use:<\/strong> Building \u201cgolden paths,\u201d self-service templates, and developer experience improvements.\n – Importance:<\/strong> Important.<\/p>\n<\/li>\n

                                            2. \n

                                              Secure supply chain for infrastructure (SLSA, provenance, signing)<\/strong>\n – Use:<\/strong> Stronger assurance for IaC pipelines and artifacts.\n – Importance:<\/strong> Important in regulated or security-forward orgs.<\/p>\n<\/li>\n

                                            3. \n

                                              AI-assisted operations and policy management<\/strong>\n – Use:<\/strong> Faster troubleshooting, anomaly detection, compliance drift remediation suggestions.\n – Importance:<\/strong> Optional (growing).<\/p>\n<\/li>\n

                                            4. \n

                                              Multi-cloud governance and portability patterns<\/strong>\n – Use:<\/strong> Vendor risk management and resilience strategies.\n – Importance:<\/strong> Optional (context-specific).<\/p>\n<\/li>\n<\/ol>\n\n\n\n

                                              \n\n\n\n

                                              9) Soft Skills and Behavioral Capabilities<\/h2>\n\n\n\n
                                                \n
                                              1. \n

                                                Consultative discovery and problem framing<\/strong>\n – Why it matters:<\/strong> Cloud work fails when requirements are unclear or assumptions are untested.\n – How it shows up:<\/strong> Asks structured questions, validates constraints, captures success criteria and non-goals.\n – Strong performance:<\/strong> Produces crisp problem statements and avoids over-engineering.<\/p>\n<\/li>\n

                                              2. \n

                                                Executive-friendly communication<\/strong>\n – Why it matters:<\/strong> Cloud decisions require trade-offs that leaders must understand.\n – How it shows up:<\/strong> Summarizes options, risks, costs, and timelines without jargon.\n – Strong performance:<\/strong> Stakeholders can repeat the rationale and support the decision.<\/p>\n<\/li>\n

                                              3. \n

                                                Stakeholder management and alignment<\/strong>\n – Why it matters:<\/strong> Security, networking, product, and platform often have competing priorities.\n – How it shows up:<\/strong> Drives alignment meetings, surfaces conflicts early, clarifies ownership.\n – Strong performance:<\/strong> Fewer surprise blockers; faster approvals and smoother delivery.<\/p>\n<\/li>\n

                                              4. \n

                                                Pragmatic decision-making under constraints<\/strong>\n – Why it matters:<\/strong> Time, budget, skill gaps, and compliance requirements are real constraints.\n – How it shows up:<\/strong> Chooses \u201cgood enough\u201d patterns with clear mitigations and future improvements.\n – Strong performance:<\/strong> Delivers workable solutions and avoids paralysis-by-analysis.<\/p>\n<\/li>\n

                                              5. \n

                                                Attention to operational detail (operability mindset)<\/strong>\n – Why it matters:<\/strong> Cloud solutions must be supported 24\/7 with clear runbooks and monitoring.\n – How it shows up:<\/strong> Insists on dashboards, alerts, on-call readiness, and rollback plans.\n – Strong performance:<\/strong> Fewer production surprises; faster incident recovery.<\/p>\n<\/li>\n

                                              6. \n

                                                Influence without authority<\/strong>\n – Why it matters:<\/strong> Consultants often guide teams they don\u2019t manage.\n – How it shows up:<\/strong> Uses data, prototypes, and clear documentation to persuade.\n – Strong performance:<\/strong> Teams adopt patterns voluntarily because they trust the rationale.<\/p>\n<\/li>\n

                                              7. \n

                                                Structured documentation and knowledge transfer<\/strong>\n – Why it matters:<\/strong> Sustainability requires reducing dependence on individuals.\n – How it shows up:<\/strong> Produces clear diagrams, ADRs, runbooks, and \u201chow-to\u201d guides.\n – Strong performance:<\/strong> Teams can operate and extend solutions after handover.<\/p>\n<\/li>\n

                                              8. \n

                                                Risk management and escalation discipline<\/strong>\n – Why it matters:<\/strong> Cloud risks (security exposure, data loss, outages) can be severe.\n – How it shows up:<\/strong> Maintains risk logs, escalates early with mitigation plans.\n – Strong performance:<\/strong> Prevents high-severity incidents through proactive controls.<\/p>\n<\/li>\n

                                              9. \n

                                                Learning agility<\/strong>\n – Why it matters:<\/strong> Cloud services and best practices evolve rapidly.\n – How it shows up:<\/strong> Keeps up with platform changes, validates assumptions, experiments safely.\n – Strong performance:<\/strong> Continuously improves standards and avoids outdated designs.<\/p>\n<\/li>\n<\/ol>\n\n\n\n

                                                \n\n\n\n

                                                10) Tools, Platforms, and Software<\/h2>\n\n\n\n

                                                Tools vary by cloud provider and organizational maturity. The list below reflects common enterprise usage.<\/p>\n\n\n\n

                                                \n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n
                                                Category<\/th>\nTool, platform, or software<\/th>\nPrimary use<\/th>\nCommon \/ Optional \/ Context-specific<\/th>\n<\/tr>\n<\/thead>\n
                                                Cloud platforms<\/td>\nAWS<\/td>\nPrimary cloud services (IAM, VPC, EC2, RDS, CloudWatch, etc.)<\/td>\nContext-specific (common in AWS orgs)<\/td>\n<\/tr>\n
                                                Cloud platforms<\/td>\nMicrosoft Azure<\/td>\nPrimary cloud services (Entra ID, VNets, AKS, Azure Monitor, etc.)<\/td>\nContext-specific (common in Azure orgs)<\/td>\n<\/tr>\n
                                                Cloud platforms<\/td>\nGoogle Cloud Platform (GCP)<\/td>\nPrimary cloud services (IAM, VPC, GKE, Cloud Monitoring, etc.)<\/td>\nContext-specific<\/td>\n<\/tr>\n
                                                IaC<\/td>\nTerraform<\/td>\nDeclarative infrastructure provisioning, reusable modules<\/td>\nCommon<\/td>\n<\/tr>\n
                                                IaC<\/td>\nAWS CloudFormation<\/td>\nNative IaC for AWS<\/td>\nOptional (context-specific)<\/td>\n<\/tr>\n
                                                IaC<\/td>\nAzure Bicep \/ ARM templates<\/td>\nNative IaC for Azure<\/td>\nOptional (context-specific)<\/td>\n<\/tr>\n
                                                CI\/CD<\/td>\nGitHub Actions<\/td>\nPipeline automation for app and IaC<\/td>\nCommon<\/td>\n<\/tr>\n
                                                CI\/CD<\/td>\nGitLab CI<\/td>\nPipeline automation and runners<\/td>\nOptional<\/td>\n<\/tr>\n
                                                CI\/CD<\/td>\nAzure DevOps Pipelines<\/td>\nEnterprise CI\/CD and release management<\/td>\nOptional (common in Azure-heavy orgs)<\/td>\n<\/tr>\n
                                                Source control<\/td>\nGit (GitHub\/GitLab\/Bitbucket)<\/td>\nVersion control, PR reviews, change traceability<\/td>\nCommon<\/td>\n<\/tr>\n
                                                Containers<\/td>\nDocker<\/td>\nContainer packaging<\/td>\nCommon<\/td>\n<\/tr>\n
                                                Orchestration<\/td>\nKubernetes (EKS\/AKS\/GKE)<\/td>\nContainer orchestration<\/td>\nOptional to Common (depends on stack)<\/td>\n<\/tr>\n
                                                Observability<\/td>\nPrometheus<\/td>\nMetrics collection<\/td>\nOptional (common in Kubernetes environments)<\/td>\n<\/tr>\n
                                                Observability<\/td>\nGrafana<\/td>\nDashboards and visualization<\/td>\nOptional to Common<\/td>\n<\/tr>\n
                                                Observability<\/td>\nCloudWatch \/ Azure Monitor \/ Cloud Logging<\/td>\nNative monitoring and logging<\/td>\nCommon (provider-dependent)<\/td>\n<\/tr>\n
                                                Logging<\/td>\nOpenTelemetry<\/td>\nInstrumentation standard for traces\/metrics\/logs<\/td>\nOptional (growing)<\/td>\n<\/tr>\n
                                                Security<\/td>\nCloud provider IAM tooling<\/td>\nRoles, policies, access reviews<\/td>\nCommon<\/td>\n<\/tr>\n
                                                Security<\/td>\nHashiCorp Vault<\/td>\nSecrets management<\/td>\nOptional (context-specific)<\/td>\n<\/tr>\n
                                                Security<\/td>\nCloud-native secrets (Secrets Manager\/Key Vault\/Secret Manager)<\/td>\nSecrets management<\/td>\nCommon<\/td>\n<\/tr>\n
                                                Security<\/td>\nWiz \/ Prisma Cloud<\/td>\nCloud security posture management (CSPM)<\/td>\nOptional (context-specific)<\/td>\n<\/tr>\n
                                                Security<\/td>\nSnyk \/ Trivy<\/td>\nVulnerability scanning (containers\/IaC)<\/td>\nOptional<\/td>\n<\/tr>\n
                                                Policy \/ governance<\/td>\nAzure Policy<\/td>\nGuardrails and compliance<\/td>\nContext-specific<\/td>\n<\/tr>\n
                                                Policy \/ governance<\/td>\nAWS Organizations + SCPs<\/td>\nMulti-account governance<\/td>\nContext-specific<\/td>\n<\/tr>\n
                                                ITSM<\/td>\nServiceNow<\/td>\nIncident\/change\/problem management<\/td>\nOptional to Common (enterprise)<\/td>\n<\/tr>\n
                                                Collaboration<\/td>\nJira<\/td>\nBacklog, delivery tracking<\/td>\nCommon<\/td>\n<\/tr>\n
                                                Collaboration<\/td>\nConfluence<\/td>\nDocumentation, knowledge base<\/td>\nCommon<\/td>\n<\/tr>\n
                                                Collaboration<\/td>\nMicrosoft Teams \/ Slack<\/td>\nCommunication and coordination<\/td>\nCommon<\/td>\n<\/tr>\n
                                                Diagramming<\/td>\nLucidchart \/ draw.io<\/td>\nArchitecture diagrams<\/td>\nCommon<\/td>\n<\/tr>\n
                                                Scripting<\/td>\nPython<\/td>\nAutomation scripts, tooling integrations<\/td>\nOptional<\/td>\n<\/tr>\n
                                                Scripting<\/td>\nPowerShell<\/td>\nAutomation in Windows\/Azure contexts<\/td>\nOptional (context-specific)<\/td>\n<\/tr>\n
                                                Scripting<\/td>\nBash<\/td>\nAutomation and troubleshooting<\/td>\nCommon<\/td>\n<\/tr>\n
                                                Cost management<\/td>\nAWS Cost Explorer \/ Azure Cost Management<\/td>\nSpend analysis and budgets<\/td>\nCommon<\/td>\n<\/tr>\n
                                                FinOps<\/td>\nApptio Cloudability<\/td>\nAdvanced cost allocation and optimization<\/td>\nOptional (enterprise)<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n
                                                \n\n\n\n

                                                11) Typical Tech Stack \/ Environment<\/h2>\n\n\n\n

                                                Infrastructure environment<\/h3>\n\n\n\n
                                                  \n
                                                • One primary public cloud (AWS or Azure most commonly), sometimes multi-cloud for specific products or regions.<\/li>\n
                                                • A landing zone<\/strong> approach:<\/li>\n
                                                • Multiple accounts\/subscriptions organized by environment (dev\/test\/prod) and domain.<\/li>\n
                                                • Shared services account\/subscription (network hub, logging, identity integrations).<\/li>\n
                                                • Centralized security and audit logging.<\/li>\n
                                                • Hybrid connectivity is common in enterprises:<\/li>\n
                                                • Site-to-site VPN and\/or private links (Direct Connect\/ExpressRoute).<\/li>\n
                                                • DNS integration between on-prem and cloud (split-horizon patterns).<\/li>\n
                                                • Network segmentation patterns:<\/li>\n
                                                • Hub-and-spoke or shared VPC\/VNet models.<\/li>\n
                                                • Subnet tiers for private services vs public ingress.<\/li>\n<\/ul>\n\n\n\n

                                                  Application environment<\/h3>\n\n\n\n
                                                    \n
                                                  • Mix of:<\/li>\n
                                                  • VM-based workloads (legacy apps, COTS, specialized systems).<\/li>\n
                                                  • Containerized microservices (Kubernetes-managed or managed container services).<\/li>\n
                                                  • Managed PaaS services (databases, caches, queues).<\/li>\n
                                                  • Serverless functions for event processing (context-specific).<\/li>\n
                                                  • CI\/CD pipelines and GitOps patterns may be present, but maturity varies.<\/li>\n<\/ul>\n\n\n\n

                                                    Data environment<\/h3>\n\n\n\n
                                                      \n
                                                    • Managed relational databases (RDS\/Azure SQL), object storage (S3\/Blob), and messaging\/streaming services.<\/li>\n
                                                    • Data governance may be handled by a central data platform team; Cloud Consultant coordinates for integration patterns, encryption, and access controls.<\/li>\n<\/ul>\n\n\n\n

                                                      Security environment<\/h3>\n\n\n\n
                                                        \n
                                                      • Central IAM identity provider integration (Azure Entra ID\/Okta\/Ping).<\/li>\n
                                                      • Security tooling:<\/li>\n
                                                      • Vulnerability scanning (containers\/IaC) varies by org maturity.<\/li>\n
                                                      • CSPM may be adopted in security-forward organizations.<\/li>\n
                                                      • Common security baseline expectations:<\/li>\n
                                                      • Encryption in transit and at rest.<\/li>\n
                                                      • Central log aggregation and retention.<\/li>\n
                                                      • Break-glass access controls and privileged access management (enterprise).<\/li>\n<\/ul>\n\n\n\n

                                                        Delivery model<\/h3>\n\n\n\n
                                                          \n
                                                        • The Cloud Consultant typically works in one of these models:<\/li>\n
                                                        • Embedded consultant<\/strong> in product teams for a migration\/modernization initiative.<\/li>\n
                                                        • Platform consulting<\/strong> within a Cloud Center of Excellence (CCoE) providing patterns, reviews, and enablement.<\/li>\n
                                                        • Professional services<\/strong> model for external customers (if company offers services).<\/li>\n<\/ul>\n\n\n\n

                                                          Agile or SDLC context<\/h3>\n\n\n\n
                                                            \n
                                                          • Agile delivery (Scrum\/Kanban) is common; architecture governance is typically lightweight but may be formal in regulated environments.<\/li>\n
                                                          • Change management ranges from \u201cPR approvals + pipeline controls\u201d to formal CAB processes.<\/li>\n<\/ul>\n\n\n\n

                                                            Scale or complexity context<\/h3>\n\n\n\n
                                                              \n
                                                            • Medium to large environments: multiple teams deploying independently, shared platform services, and a need for governance to prevent drift.<\/li>\n
                                                            • Complexity drivers: hybrid connectivity, compliance requirements, multi-region needs, data residency, and high availability requirements.<\/li>\n<\/ul>\n\n\n\n

                                                              Team topology<\/h3>\n\n\n\n
                                                                \n
                                                              • Platform team(s): landing zones, shared services, pipelines.<\/li>\n
                                                              • Product\/application teams: build and run workloads.<\/li>\n
                                                              • Security: sets guardrails and monitors compliance.<\/li>\n
                                                              • Operations\/SRE: on-call and reliability engineering (sometimes embedded).<\/li>\n<\/ul>\n\n\n\n
                                                                \n\n\n\n

                                                                12) Stakeholders and Collaboration Map<\/h2>\n\n\n\n

                                                                Internal stakeholders<\/h3>\n\n\n\n
                                                                  \n
                                                                • Cloud Platform Team \/ CCoE<\/strong>: Align on landing zone patterns, shared modules, and governance.<\/li>\n
                                                                • Network Engineering<\/strong>: IP ranges, routing, firewall rules, DNS, hybrid connectivity.<\/li>\n
                                                                • Security \/ IAM \/ GRC<\/strong>: Controls, policies, threat modeling, access reviews, audit evidence.<\/li>\n
                                                                • SRE \/ Operations<\/strong>: Monitoring, on-call readiness, incident response, runbooks.<\/li>\n
                                                                • Product Engineering \/ App Teams<\/strong>: Workload requirements, deployment patterns, non-functional requirements.<\/li>\n
                                                                • Enterprise Architecture<\/strong>: Alignment to enterprise standards, technology strategy, exception handling.<\/li>\n
                                                                • FinOps \/ Finance<\/strong>: Cost allocation, budgets, optimization opportunities.<\/li>\n
                                                                • ITSM \/ Service Management<\/strong>: Change\/incident processes and service catalog alignment.<\/li>\n<\/ul>\n\n\n\n

                                                                  External stakeholders (if applicable)<\/h3>\n\n\n\n
                                                                    \n
                                                                  • Cloud provider support\/solutions architects<\/strong>: Service limits, architecture validation, escalations.<\/li>\n
                                                                  • Vendors (CSPM, SIEM, networking appliances)<\/strong>: Integrations, licensing, roadmap alignment.<\/li>\n
                                                                  • Customers (in a services context)<\/strong>: Discovery, requirements, approvals, knowledge transfer.<\/li>\n<\/ul>\n\n\n\n

                                                                    Peer roles<\/h3>\n\n\n\n
                                                                      \n
                                                                    • DevOps Engineer \/ Platform Engineer<\/li>\n
                                                                    • Cloud Security Engineer<\/li>\n
                                                                    • Solutions Architect (broader application architecture scope)<\/li>\n
                                                                    • SRE<\/li>\n
                                                                    • Systems\/Network Engineer<\/li>\n
                                                                    • Delivery Manager \/ Project Manager (context-specific)<\/li>\n<\/ul>\n\n\n\n

                                                                      Upstream dependencies<\/h3>\n\n\n\n
                                                                        \n
                                                                      • Access provisioning (IAM), network connectivity approvals, security baseline definitions.<\/li>\n
                                                                      • Availability of landing zone or platform capabilities.<\/li>\n
                                                                      • Legal\/compliance input for data residency and regulatory controls.<\/li>\n<\/ul>\n\n\n\n

                                                                        Downstream consumers<\/h3>\n\n\n\n
                                                                          \n
                                                                        • Application teams using cloud patterns and landing zone services.<\/li>\n
                                                                        • Operations\/SRE teams who run production.<\/li>\n
                                                                        • Security teams consuming logs and compliance data.<\/li>\n
                                                                        • Finance teams using tagging and cost allocation outputs.<\/li>\n<\/ul>\n\n\n\n

                                                                          Nature of collaboration<\/h3>\n\n\n\n
                                                                            \n
                                                                          • The role is primarily influence-based<\/strong>:<\/li>\n
                                                                          • Collaborates through workshops, design reviews, shared backlogs, PR reviews.<\/li>\n
                                                                          • Enables teams via templates and guardrails rather than manual gatekeeping.<\/li>\n<\/ul>\n\n\n\n

                                                                            Typical decision-making authority<\/h3>\n\n\n\n
                                                                              \n
                                                                            • Recommends architectures and patterns; final approval may sit with architecture governance bodies and service owners.<\/li>\n
                                                                            • Can approve tactical implementation details within agreed patterns.<\/li>\n<\/ul>\n\n\n\n

                                                                              Escalation points<\/h3>\n\n\n\n
                                                                                \n
                                                                              • Cloud Consulting Manager \/ Platform Lead<\/strong> for scope, priority conflicts, resourcing, escalations.<\/li>\n
                                                                              • Security leadership<\/strong> for risk acceptance decisions.<\/li>\n
                                                                              • Network leadership<\/strong> for connectivity constraints or major topology changes.<\/li>\n
                                                                              • Engineering leadership<\/strong> for timeline trade-offs or platform adoption enforcement.<\/li>\n<\/ul>\n\n\n\n
                                                                                \n\n\n\n

                                                                                13) Decision Rights and Scope of Authority<\/h2>\n\n\n\n

                                                                                Can decide independently (within agreed standards)<\/h3>\n\n\n\n
                                                                                  \n
                                                                                • Technical implementation details inside approved reference architectures (e.g., module structure, pipeline steps, dashboard layouts).<\/li>\n
                                                                                • Recommendations for rightsizing and cost improvements for non-production resources (subject to owner approval).<\/li>\n
                                                                                • Documentation standards for deliverables, ADR format, and runbook structure.<\/li>\n
                                                                                • Triage approach for incidents related to cloud infrastructure and initial mitigation suggestions.<\/li>\n<\/ul>\n\n\n\n

                                                                                  Requires team approval (platform\/engineering\/security collaboration)<\/h3>\n\n\n\n
                                                                                    \n
                                                                                  • Changes to shared IaC modules used by multiple teams.<\/li>\n
                                                                                  • Updates to landing zone baseline (logging, IAM role structures, network patterns).<\/li>\n
                                                                                  • Selection of monitoring\/alert thresholds and SLO definitions impacting on-call load.<\/li>\n
                                                                                  • Security control implementations that affect developer workflows (e.g., MFA enforcement changes, new policy constraints).<\/li>\n<\/ul>\n\n\n\n

                                                                                    Requires manager\/director\/executive approval<\/h3>\n\n\n\n
                                                                                      \n
                                                                                    • Major architecture shifts (e.g., new primary orchestration platform, new region strategy).<\/li>\n
                                                                                    • Vendor\/tool selection with licensing cost or enterprise-wide footprint.<\/li>\n
                                                                                    • Exceptions to security policies or acceptance of high risks.<\/li>\n
                                                                                    • Significant budget impacts (new reserved instance strategy, new paid services at scale).<\/li>\n
                                                                                    • Commitments to customer scope\/timelines (in professional services model).<\/li>\n<\/ul>\n\n\n\n

                                                                                      Budget, vendor, delivery, hiring, compliance authority<\/h3>\n\n\n\n
                                                                                        \n
                                                                                      • Budget:<\/strong> Typically advisory; may provide cost estimates and optimization plans but does not own budgets.<\/li>\n
                                                                                      • Vendor:<\/strong> Can evaluate and recommend; final selection usually by leadership\/procurement.<\/li>\n
                                                                                      • Delivery:<\/strong> Owns scoped deliverables and workstreams; not the program owner unless assigned.<\/li>\n
                                                                                      • Hiring:<\/strong> No direct authority; may participate in interviews and technical assessments.<\/li>\n
                                                                                      • Compliance:<\/strong> Ensures designs meet controls; risk acceptance is escalated to authorized leaders.<\/li>\n<\/ul>\n\n\n\n
                                                                                        \n\n\n\n

                                                                                        14) Required Experience and Qualifications<\/h2>\n\n\n\n

                                                                                        Typical years of experience<\/h3>\n\n\n\n
                                                                                          \n
                                                                                        • 3\u20137 years<\/strong> in infrastructure, cloud engineering, DevOps, SRE, or solutions engineering roles.<\/li>\n
                                                                                        • At least 2+ years<\/strong> hands-on with one major cloud platform (AWS or Azure commonly).<\/li>\n<\/ul>\n\n\n\n

                                                                                          Education expectations<\/h3>\n\n\n\n
                                                                                            \n
                                                                                          • Bachelor\u2019s degree in Computer Science, Information Systems, Engineering, or equivalent experience.<\/li>\n
                                                                                          • Equivalent experience may include military technical training, bootcamps with strong hands-on work, or extensive industry experience.<\/li>\n<\/ul>\n\n\n\n

                                                                                            Certifications (relevant; not always required)<\/h3>\n\n\n\n

                                                                                            Common (role-relevant)<\/strong>\n– AWS Certified Solutions Architect \u2013 Associate (or equivalent)\n– Microsoft Certified: Azure Administrator Associate or Azure Solutions Architect Expert (depending on focus)<\/p>\n\n\n\n

                                                                                            Optional \/ context-specific<\/strong>\n– HashiCorp Terraform Associate\n– Kubernetes certifications (CKA\/CKAD) if Kubernetes-heavy environment\n– Security certifications (e.g., Security+, CCSP) in regulated\/security-forward orgs\n– ITIL Foundation (helpful in ITSM-heavy enterprises)<\/p>\n\n\n\n

                                                                                            Prior role backgrounds commonly seen<\/h3>\n\n\n\n
                                                                                              \n
                                                                                            • Cloud Engineer \/ DevOps Engineer \/ Platform Engineer<\/li>\n
                                                                                            • Systems Engineer \/ Infrastructure Engineer<\/li>\n
                                                                                            • Network Engineer with cloud exposure<\/li>\n
                                                                                            • SRE with infrastructure design responsibilities<\/li>\n
                                                                                            • Solutions Engineer supporting customer implementations<\/li>\n<\/ul>\n\n\n\n

                                                                                              Domain knowledge expectations<\/h3>\n\n\n\n
                                                                                                \n
                                                                                              • Strong understanding of:<\/li>\n
                                                                                              • Shared responsibility model in cloud<\/li>\n
                                                                                              • Basic security controls and governance concepts<\/li>\n
                                                                                              • Cost drivers (compute sizing, storage classes, data transfer)<\/li>\n
                                                                                              • Operational readiness (monitoring, incident response)<\/li>\n
                                                                                              • Industry domain specialization is typically not required<\/strong> unless the company is regulated (finance\/healthcare\/public sector), where compliance literacy becomes more important.<\/li>\n<\/ul>\n\n\n\n

                                                                                                Leadership experience expectations (for this title)<\/h3>\n\n\n\n
                                                                                                  \n
                                                                                                • Not expected to have formal people management experience.<\/li>\n
                                                                                                • Expected to demonstrate workstream leadership<\/strong>, mentoring, and influence.<\/li>\n<\/ul>\n\n\n\n
                                                                                                  \n\n\n\n

                                                                                                  15) Career Path and Progression<\/h2>\n\n\n\n

                                                                                                  Common feeder roles into this role<\/h3>\n\n\n\n
                                                                                                    \n
                                                                                                  • Infrastructure Engineer (on-prem to cloud transition)<\/li>\n
                                                                                                  • DevOps Engineer \/ SRE (with growing architecture responsibilities)<\/li>\n
                                                                                                  • Systems\/Network Engineer (cloud networking specialization)<\/li>\n
                                                                                                  • Implementation Consultant (generalist) moving into cloud specialization<\/li>\n<\/ul>\n\n\n\n

                                                                                                    Next likely roles after this role<\/h3>\n\n\n\n
                                                                                                      \n
                                                                                                    • Senior Cloud Consultant<\/strong> (larger scope, more complex engagements, stronger governance leadership)<\/li>\n
                                                                                                    • Cloud Solutions Architect<\/strong> (broader application + integration architecture)<\/li>\n
                                                                                                    • Platform Engineer \/ Senior Platform Engineer<\/strong> (more build-focused on internal platforms)<\/li>\n
                                                                                                    • Cloud Security Engineer \/ Cloud Security Architect<\/strong> (security specialization)<\/li>\n
                                                                                                    • SRE \/ Reliability Architect<\/strong> (operability specialization)<\/li>\n
                                                                                                    • Cloud Consulting Lead \/ Practice Lead<\/strong> (services org track; may include people leadership)<\/li>\n<\/ul>\n\n\n\n

                                                                                                      Adjacent career paths<\/h3>\n\n\n\n
                                                                                                        \n
                                                                                                      • FinOps Specialist\/Lead<\/strong> (cost governance and optimization)<\/li>\n
                                                                                                      • Enterprise Architect<\/strong> (cross-domain architecture)<\/li>\n
                                                                                                      • Technical Program Manager (Cloud)<\/strong> (large transformation programs)<\/li>\n
                                                                                                      • Customer Success \/ Technical Account Manager<\/strong> (if vendor-facing org)<\/li>\n<\/ul>\n\n\n\n

                                                                                                        Skills needed for promotion (Cloud Consultant \u2192 Senior Cloud Consultant)<\/h3>\n\n\n\n
                                                                                                          \n
                                                                                                        • Proven ability to run multiple concurrent engagements<\/strong> with predictable delivery.<\/li>\n
                                                                                                        • Stronger architecture depth in at least one domain (networking, IAM, Kubernetes, observability, DR).<\/li>\n
                                                                                                        • Demonstrated measurable outcomes (cost savings, incident reduction, cycle time improvements).<\/li>\n
                                                                                                        • Strong governance navigation and ability to design guardrails that scale.<\/li>\n
                                                                                                        • Higher-quality written artifacts and executive-level communication.<\/li>\n<\/ul>\n\n\n\n

                                                                                                          How this role evolves over time<\/h3>\n\n\n\n
                                                                                                            \n
                                                                                                          • Early: executes within existing patterns; improves documentation and modules.<\/li>\n
                                                                                                          • Mid: shapes patterns and standards; leads workstreams and cross-team initiatives.<\/li>\n
                                                                                                          • Later: influences platform roadmap; becomes domain specialist; mentors broadly; drives maturity improvements.<\/li>\n<\/ul>\n\n\n\n
                                                                                                            \n\n\n\n

                                                                                                            16) Risks, Challenges, and Failure Modes<\/h2>\n\n\n\n

                                                                                                            Common role challenges<\/h3>\n\n\n\n
                                                                                                              \n
                                                                                                            • Ambiguous requirements<\/strong>: Stakeholders want \u201cmove to cloud\u201d without defining measurable outcomes.<\/li>\n
                                                                                                            • Organizational friction<\/strong>: Security, networking, and engineering priorities conflict.<\/li>\n
                                                                                                            • Legacy constraints<\/strong>: Tight coupling to on-prem systems, unsupported OS\/app stacks, and rigid release processes.<\/li>\n
                                                                                                            • Skill and maturity gaps<\/strong>: Teams may lack IaC discipline, monitoring practices, or cloud fundamentals.<\/li>\n
                                                                                                            • Cloud sprawl<\/strong>: Uncontrolled resource creation leads to cost and security drift.<\/li>\n<\/ul>\n\n\n\n

                                                                                                              Bottlenecks<\/h3>\n\n\n\n
                                                                                                                \n
                                                                                                              • Access provisioning delays (IAM approvals, identity federation work).<\/li>\n
                                                                                                              • Network change lead times (firewall rules, DNS updates, private link approvals).<\/li>\n
                                                                                                              • Security review queues and evidence requirements (especially in regulated environments).<\/li>\n
                                                                                                              • Provider quotas\/service limits discovered late.<\/li>\n<\/ul>\n\n\n\n

                                                                                                                Anti-patterns (what to avoid)<\/h3>\n\n\n\n
                                                                                                                  \n
                                                                                                                • \u201cConsole-driven production\u201d without IaC or change traceability.<\/li>\n
                                                                                                                • One-off designs per team with no shared standards or patterns.<\/li>\n
                                                                                                                • Over-segmentation of networks\/IAM to the point that delivery becomes impossible.<\/li>\n
                                                                                                                • Treating landing zones as static rather than evolving products.<\/li>\n
                                                                                                                • Pushing complexity to application teams without providing enablement or guardrails.<\/li>\n<\/ul>\n\n\n\n

                                                                                                                  Common reasons for underperformance<\/h3>\n\n\n\n
                                                                                                                    \n
                                                                                                                  • Strong technical skills but weak stakeholder management (decisions stall).<\/li>\n
                                                                                                                  • Producing theoretical architectures that are not implementable with available skills\/time.<\/li>\n
                                                                                                                  • Poor documentation and inadequate handover to operations.<\/li>\n
                                                                                                                  • Not understanding cost implications (designs that are secure but financially unsustainable).<\/li>\n
                                                                                                                  • Inability to prioritize: tries to solve everything rather than deliver a phased approach.<\/li>\n<\/ul>\n\n\n\n

                                                                                                                    Business risks if this role is ineffective<\/h3>\n\n\n\n
                                                                                                                      \n
                                                                                                                    • Increased likelihood of security incidents and audit findings due to misconfigurations.<\/li>\n
                                                                                                                    • Higher cloud costs from poor sizing, data egress surprises, and lack of tagging\/governance.<\/li>\n
                                                                                                                    • Delivery delays and rework caused by unclear architecture decisions.<\/li>\n
                                                                                                                    • Lower reliability and more incidents due to missing observability and runbooks.<\/li>\n
                                                                                                                    • Reduced developer productivity and slower time-to-market.<\/li>\n<\/ul>\n\n\n\n
                                                                                                                      \n\n\n\n

                                                                                                                      17) Role Variants<\/h2>\n\n\n\n

                                                                                                                      By company size<\/h3>\n\n\n\n
                                                                                                                        \n
                                                                                                                      • Startup\/small company<\/strong><\/li>\n
                                                                                                                      • More hands-on building; fewer governance bodies.<\/li>\n
                                                                                                                      • Broader scope: may own both architecture and implementation.<\/li>\n
                                                                                                                      • Tooling may be lighter (GitHub Actions, Terraform, basic monitoring).<\/li>\n
                                                                                                                      • Mid-market<\/strong><\/li>\n
                                                                                                                      • Mix of delivery and governance; emerging platform team.<\/li>\n
                                                                                                                      • Strong need for standardization and reusable modules.<\/li>\n
                                                                                                                      • Large enterprise<\/strong><\/li>\n
                                                                                                                      • Heavier governance, stricter security\/compliance, formal ITSM.<\/li>\n
                                                                                                                      • More specialization (network, IAM, security) and more stakeholders.<\/li>\n
                                                                                                                      • Higher emphasis on landing zones, multi-account governance, and audit evidence.<\/li>\n<\/ul>\n\n\n\n

                                                                                                                        By industry<\/h3>\n\n\n\n
                                                                                                                          \n
                                                                                                                        • Regulated (finance\/healthcare\/public sector)<\/strong><\/li>\n
                                                                                                                        • Stronger evidence requirements, data residency concerns, encryption standards, and access review rigor.<\/li>\n
                                                                                                                        • More formal risk acceptance process; more documentation.<\/li>\n
                                                                                                                        • Non-regulated<\/strong><\/li>\n
                                                                                                                        • Faster experimentation; focus on operational excellence and cost discipline may vary.<\/li>\n<\/ul>\n\n\n\n

                                                                                                                          By geography<\/h3>\n\n\n\n
                                                                                                                            \n
                                                                                                                          • Data residency and sovereign cloud requirements may shape region selection and service availability.<\/li>\n
                                                                                                                          • Time zone distribution may increase emphasis on asynchronous documentation and follow-the-sun operations.<\/li>\n<\/ul>\n\n\n\n

                                                                                                                            Product-led vs service-led company<\/h3>\n\n\n\n
                                                                                                                              \n
                                                                                                                            • Product-led<\/strong><\/li>\n
                                                                                                                            • Focus on internal platform enablement and reliability outcomes.<\/li>\n
                                                                                                                            • KPIs strongly tied to deployment frequency, incident reduction, and developer experience.<\/li>\n
                                                                                                                            • Service-led \/ consultancy<\/strong><\/li>\n
                                                                                                                            • More customer-facing discovery, proposals\/SOW inputs, and structured deliverable sign-offs.<\/li>\n
                                                                                                                            • Stronger emphasis on time tracking, utilization (if applicable), and scope control.<\/li>\n<\/ul>\n\n\n\n

                                                                                                                              Startup vs enterprise operating model<\/h3>\n\n\n\n
                                                                                                                                \n
                                                                                                                              • Startup<\/strong><\/li>\n
                                                                                                                              • Decisions are faster; consultant may be de facto architect and implementer.<\/li>\n
                                                                                                                              • Higher tolerance for incremental governance.<\/li>\n
                                                                                                                              • Enterprise<\/strong><\/li>\n
                                                                                                                              • Requires navigation of formal boards, standardized controls, and change management.<\/li>\n<\/ul>\n\n\n\n

                                                                                                                                Regulated vs non-regulated environment<\/h3>\n\n\n\n
                                                                                                                                  \n
                                                                                                                                • Regulated environments add:<\/li>\n
                                                                                                                                • Control mapping, evidence collection, audit trails, stronger IAM controls.<\/li>\n
                                                                                                                                • Segregation of duties and stronger production access management.<\/li>\n<\/ul>\n\n\n\n
                                                                                                                                  \n\n\n\n

                                                                                                                                  18) AI \/ Automation Impact on the Role<\/h2>\n\n\n\n

                                                                                                                                  Tasks that can be automated (or heavily accelerated)<\/h3>\n\n\n\n
                                                                                                                                    \n
                                                                                                                                  • Drafting initial architecture documentation<\/strong> from templates (HLD\/LLD outlines, ADR scaffolding).<\/li>\n
                                                                                                                                  • IaC generation and refactoring assistance<\/strong> (module boilerplate, naming consistency, policy snippets).<\/li>\n
                                                                                                                                  • Log analysis and incident triage support<\/strong> (pattern detection, correlation suggestions).<\/li>\n
                                                                                                                                  • Cost anomaly detection and recommendations<\/strong> (identifying idle resources, unusual spend).<\/li>\n
                                                                                                                                  • Compliance drift reporting<\/strong> (summarizing policy violations and recommending remediations).<\/li>\n<\/ul>\n\n\n\n

                                                                                                                                    Tasks that remain human-critical<\/h3>\n\n\n\n
                                                                                                                                      \n
                                                                                                                                    • Stakeholder alignment and decision facilitation<\/strong>: negotiating trade-offs and securing buy-in.<\/li>\n
                                                                                                                                    • Accountability for risk decisions<\/strong>: interpreting context and deciding what is acceptable.<\/li>\n
                                                                                                                                    • Deep troubleshooting and systems thinking<\/strong>: complex multi-layer failures require expert reasoning.<\/li>\n
                                                                                                                                    • Architecture ownership<\/strong>: ensuring designs are coherent, operable, and aligned to strategy.<\/li>\n
                                                                                                                                    • Change leadership and enablement<\/strong>: building capability in teams through coaching and workshops.<\/li>\n<\/ul>\n\n\n\n

                                                                                                                                      How AI changes the role over the next 2\u20135 years<\/h3>\n\n\n\n
                                                                                                                                        \n
                                                                                                                                      • Cloud Consultants will be expected to:<\/li>\n
                                                                                                                                      • Use AI copilots responsibly to accelerate documentation and IaC, while maintaining review rigor.<\/li>\n
                                                                                                                                      • Integrate AI-based observability and security insights into operations (AIOps, SecOps analytics).<\/li>\n
                                                                                                                                      • Improve governance automation (policy-as-code + automated remediation suggestions).<\/li>\n
                                                                                                                                      • Spend more time on system design, product\/platform thinking, and stakeholder outcomes<\/strong> rather than manual configuration.<\/li>\n<\/ul>\n\n\n\n

                                                                                                                                        New expectations caused by AI, automation, or platform shifts<\/h3>\n\n\n\n
                                                                                                                                          \n
                                                                                                                                        • Higher bar for:<\/li>\n
                                                                                                                                        • Quality control<\/strong> (verifying AI-generated IaC and avoiding insecure defaults).<\/li>\n
                                                                                                                                        • Standardization<\/strong> (codifying patterns so AI-assisted delivery stays consistent).<\/li>\n
                                                                                                                                        • Data handling<\/strong> (ensuring sensitive architecture details are not leaked into unapproved tools).<\/li>\n
                                                                                                                                        • Increased emphasis on:<\/li>\n
                                                                                                                                        • Automation-first delivery and measurable outcomes.<\/li>\n
                                                                                                                                        • Building internal \u201cgolden paths\u201d that reduce cognitive load for engineers.<\/li>\n<\/ul>\n\n\n\n
                                                                                                                                          \n\n\n\n

                                                                                                                                          19) Hiring Evaluation Criteria<\/h2>\n\n\n\n

                                                                                                                                          What to assess in interviews<\/h3>\n\n\n\n
                                                                                                                                            \n
                                                                                                                                          1. \n

                                                                                                                                            Cloud fundamentals and architecture reasoning<\/strong>\n – Can the candidate design a secure, resilient, cost-aware solution?\n – Do they understand IAM, networking, logging, and shared responsibility?<\/p>\n<\/li>\n

                                                                                                                                          2. \n

                                                                                                                                            Hands-on IaC capability<\/strong>\n – Can they explain state management, module design, environments, and drift control?\n – Do they write maintainable code with reviewability and safety in mind?<\/p>\n<\/li>\n

                                                                                                                                          3. \n

                                                                                                                                            Security-by-design<\/strong>\n – Can they identify common misconfigurations and propose guardrails?\n – Do they understand encryption, secrets, and least privilege patterns?<\/p>\n<\/li>\n

                                                                                                                                          4. \n

                                                                                                                                            Operational readiness mindset<\/strong>\n – Can they define monitoring, alerting, SLOs, and incident response expectations?\n – Do they produce runbooks and plan for rollback?<\/p>\n<\/li>\n

                                                                                                                                          5. \n

                                                                                                                                            Consulting behaviors<\/strong>\n – Discovery approach, stakeholder management, expectation setting, and communication clarity.\n – Ability to frame options and facilitate decisions.<\/p>\n<\/li>\n

                                                                                                                                          6. \n

                                                                                                                                            Cost and FinOps literacy<\/strong>\n – Can they explain cost drivers and propose practical optimizations?<\/p>\n<\/li>\n<\/ol>\n\n\n\n

                                                                                                                                            Practical exercises or case studies<\/h3>\n\n\n\n

                                                                                                                                            Recommended (choose 1\u20132 depending on time)<\/strong>\n– Architecture case study (60\u201390 minutes):<\/strong>\n Design a landing zone + workload migration approach for a business unit with hybrid connectivity and compliance needs. Deliver:\n – Target architecture (diagram + written rationale)\n – Key risks and mitigations\n – MVP scope vs later phases\n – Operability plan (monitoring\/runbooks)\n– IaC review exercise (45\u201360 minutes):<\/strong>\n Provide a Terraform snippet with issues (missing tags, overly permissive IAM, public exposure). Ask candidate to identify issues and propose improvements.\n– Incident scenario (30 minutes):<\/strong>\n \u201cProduction outage after network change\u201d or \u201cIAM permission denied during deploy.\u201d Ask for triage steps and safe mitigations.<\/p>\n\n\n\n

                                                                                                                                            Strong candidate signals<\/h3>\n\n\n\n
                                                                                                                                              \n
                                                                                                                                            • Explains trade-offs clearly and asks clarifying questions before proposing solutions.<\/li>\n
                                                                                                                                            • Demonstrates practical experience with at least one major cloud platform plus IaC.<\/li>\n
                                                                                                                                            • Shows ability to design for operability: logging, monitoring, runbooks, and ownership.<\/li>\n
                                                                                                                                            • Understands governance and can work within constraints without stalling delivery.<\/li>\n
                                                                                                                                            • Communicates succinctly with both engineers and non-technical stakeholders.<\/li>\n<\/ul>\n\n\n\n

                                                                                                                                              Weak candidate signals<\/h3>\n\n\n\n
                                                                                                                                                \n
                                                                                                                                              • Jumps to a preferred solution without discovery.<\/li>\n
                                                                                                                                              • Over-focuses on tooling rather than outcomes and constraints.<\/li>\n
                                                                                                                                              • Treats security as an afterthought or relies on \u201cwe\u2019ll fix later.\u201d<\/li>\n
                                                                                                                                              • Proposes architectures that require unrealistic skills or timelines for the organization.<\/li>\n<\/ul>\n\n\n\n

                                                                                                                                                Red flags<\/h3>\n\n\n\n
                                                                                                                                                  \n
                                                                                                                                                • Normalizes manual changes in production without traceability.<\/li>\n
                                                                                                                                                • Cannot explain basic IAM concepts (roles, trust relationships, least privilege).<\/li>\n
                                                                                                                                                • Blames stakeholders rather than managing alignment and risks.<\/li>\n
                                                                                                                                                • Ignores cost implications or dismisses FinOps concerns.<\/li>\n
                                                                                                                                                • Produces vague documentation or resists writing things down.<\/li>\n<\/ul>\n\n\n\n

                                                                                                                                                  Scorecard dimensions<\/h3>\n\n\n\n

                                                                                                                                                  Use a consistent, weighted scorecard to reduce bias:<\/p>\n\n\n\n

                                                                                                                                                  \n\n\n\n\n\n\n\n\n\n
                                                                                                                                                  Dimension<\/th>\nWhat \u201cmeets bar\u201d looks like<\/th>\nWeight (example)<\/th>\n<\/tr>\n<\/thead>\n
                                                                                                                                                  Cloud architecture fundamentals<\/td>\nSound designs; understands networking\/IAM\/security basics<\/td>\n20%<\/td>\n<\/tr>\n
                                                                                                                                                  IaC and automation<\/td>\nCan write\/review Terraform; understands pipelines and safety<\/td>\n20%<\/td>\n<\/tr>\n
                                                                                                                                                  Security and governance<\/td>\nPractical guardrails; can navigate compliance constraints<\/td>\n15%<\/td>\n<\/tr>\n
                                                                                                                                                  Operability and reliability<\/td>\nMonitoring\/runbooks\/SLO awareness; incident discipline<\/td>\n15%<\/td>\n<\/tr>\n
                                                                                                                                                  Consulting and communication<\/td>\nStrong discovery, alignment, documentation, executive clarity<\/td>\n20%<\/td>\n<\/tr>\n
                                                                                                                                                  Cost\/FinOps literacy<\/td>\nUnderstands cost drivers; proposes optimizations<\/td>\n10%<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n
                                                                                                                                                  \n\n\n\n

                                                                                                                                                  20) Final Role Scorecard Summary<\/h2>\n\n\n\n
                                                                                                                                                  \n\n\n\n\n\n\n\n\n\n\n\n\n\n
                                                                                                                                                  Item<\/th>\nSummary<\/th>\n<\/tr>\n<\/thead>\n
                                                                                                                                                  Role title<\/strong><\/td>\nCloud Consultant<\/td>\n<\/tr>\n
                                                                                                                                                  Role purpose<\/strong><\/td>\nGuide and deliver secure, reliable, and cost-optimized cloud solutions through discovery, architecture, IaC-enabled implementation support, and operational readiness.<\/td>\n<\/tr>\n
                                                                                                                                                  Top 10 responsibilities<\/strong><\/td>\n1) Lead discovery and define cloud outcomes 2) Produce solution architectures and ADRs 3) Design\/enable landing zones and guardrails 4) Implement\/guide IaC modules and pipelines 5) Design IAM\/RBAC and least-privilege access 6) Design cloud networking and connectivity 7) Embed security-by-design and compliance mapping 8) Enable observability and operational readiness 9) Support migrations and cutovers with risk management 10) Drive cost optimization and tagging governance<\/td>\n<\/tr>\n
                                                                                                                                                  Top 10 technical skills<\/strong><\/td>\n1) AWS\/Azure\/GCP core services 2) Cloud networking 3) IAM\/RBAC 4) Terraform\/IaC 5) Cloud security fundamentals 6) CI\/CD for infrastructure 7) Linux troubleshooting 8) Observability basics 9) Containers\/Kubernetes (often) 10) FinOps fundamentals<\/td>\n<\/tr>\n
                                                                                                                                                  Top 10 soft skills<\/strong><\/td>\n1) Discovery\/problem framing 2) Executive communication 3) Stakeholder management 4) Pragmatic decision-making 5) Operability mindset 6) Influence without authority 7) Documentation\/knowledge transfer 8) Risk management\/escalation 9) Learning agility 10) Facilitation and workshop leadership<\/td>\n<\/tr>\n
                                                                                                                                                  Top tools or platforms<\/strong><\/td>\nTerraform, Git (GitHub\/GitLab\/Bitbucket), GitHub Actions\/GitLab CI\/Azure DevOps, AWS\/Azure\/GCP, CloudWatch\/Azure Monitor, Kubernetes (EKS\/AKS\/GKE), Jira\/Confluence, ServiceNow (enterprise), Lucidchart\/draw.io, Cost Management tools<\/td>\n<\/tr>\n
                                                                                                                                                  Top KPIs<\/strong><\/td>\nFirst-pass approval rate, standards compliance rate, automation coverage (% IaC), time-to-environment reduction, cost savings\/avoidance, migration success rate, incident metric improvements (MTTR\/infra-caused incidents), stakeholder satisfaction, pattern adoption, audit findings in scope<\/td>\n<\/tr>\n
                                                                                                                                                  Main deliverables<\/strong><\/td>\nArchitecture docs (HLD\/LLD), ADRs, landing zone plans, IaC modules\/templates, CI\/CD pipeline templates, policy\/guardrails, observability dashboards\/alerts, runbooks, migration plans\/cutovers, cost optimization reports, training materials<\/td>\n<\/tr>\n
                                                                                                                                                  Main goals<\/strong><\/td>\n90-day: own a workstream end-to-end with adopted deliverables and readiness artifacts. 6\u201312 months: scale impact via reusable patterns, measurable cost\/reliability improvements, and improved governance efficiency.<\/td>\n<\/tr>\n
                                                                                                                                                  Career progression options<\/strong><\/td>\nSenior Cloud Consultant; Cloud Solutions Architect; Senior Platform Engineer; Cloud Security Engineer\/Architect; SRE\/Reliability Architect; Cloud Consulting Lead\/Practice Lead (service org track).<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n","protected":false},"excerpt":{"rendered":"

                                                                                                                                                  A Cloud Consultant designs, advises on, and helps implement cloud solutions that are secure, reliable, cost-effective, and aligned to a client or internal business unit\u2019s goals. The role blends technical depth (cloud platforms, networking, security, automation) with consultative skills (discovery, options analysis, stakeholder alignment, and implementation planning).<\/p>\n","protected":false},"author":61,"featured_media":0,"comment_status":"open","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"_kad_post_transparent":"","_kad_post_title":"","_kad_post_layout":"","_kad_post_sidebar_id":"","_kad_post_content_style":"","_kad_post_vertical_padding":"","_kad_post_feature":"","_kad_post_feature_position":"","_kad_post_header":false,"_kad_post_footer":false,"_kad_post_classname":"","_joinchat":[],"footnotes":""},"categories":[24455,24467],"tags":[],"class_list":["post-73371","post","type-post","status-publish","format-standard","hentry","category-cloud-infrastructure","category-consultant"],"_links":{"self":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts\/73371","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/users\/61"}],"replies":[{"embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/comments?post=73371"}],"version-history":[{"count":0,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts\/73371\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/media?parent=73371"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/categories?post=73371"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/tags?post=73371"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}