Cloud Architect

Haventree Bank is a private Canadian Schedule 1 bank specializing in alternative mortgage programs and insured GIC deposits. We help hardworking Canadians from coast-to-coast achieve homeownership by offering flexible mortgage solutions. Our insured GIC deposits offer competitive rates and are available through a variety of wealth management platforms.

About Haventree Bank
Headquartered in Toronto, Ontario, Haventree Bank (Haventree) is a mission driven alternative mortgage lender. The name Haventree is representative of the bank's mission to help its customers find a place of refuge and to lay down new roots for the future. Haventree exists to be a catalyst of financial security and upward mobility for Canadians who are underserved by the traditional financial system.

Position Summary
Reporting to the Director, Infrastructure & IT Operations, the Cloud Architect works with internal IT, business, and 3rd party suppliers to architect/design and implement cutting-edge infrastructure solutions, in MS Azure/AWS cloud in a "hands-on" capacity. This position works as an in-house resource to define future infrastructure technology initiatives aligned with the business requirements, SaaS/Cloud First approach and leads all projects and discussions related to On-prem and Cloud infrastructure. The role also requires the ability to lead & conduct solutions discovery exercises with internal stakeholders/vendors, and excellent interpersonal and presentation skills.

Major Duties & Responsibilities
Technical Core Requirements

• Networking:Proven track record deploying Azure VNets, routing, ExpressRoute, VPN Gateway, Application Gateway, WAF, Azure Firewall, Traffic Manager, and advanced hub-spoke and segmentation architectures
• Cyber Security:Extensive experience operationalizing Azure RBAC, Managed Identities, Key Vault, Defender for Cloud, private endpoints, firewall policies, NSGs, and regulatory compliance frameworks in production
• Serverless Compute:Advanced practical knowledge of Azure Functions, Logic Apps, Event Grid, Service Bus, API Management, and event-driven solution patterns; demonstrable experience building and supporting these in live workloads
• Automation & IaC:Proficient with Terraform, Bicep, or ARM, end-to-end automation, pipeline creation, and deployment in enterprise contexts
• Monitoring & FinOps:Deep use of Log Analytics, Application Insights, monitoring serverless/networking activities, and cost management tools

Key Activities & Deliverables

• Architect, document, and review cloud-native and hybrid solutions; contribute reference architectures for secure, reliable, and cost-efficient deployments
• Directly implement and troubleshoot networking/security/serverless components, escalating complex issues and mentoring others on root-cause resolution
• Lead implementation of policy-as-code, secure onboarding, and RBAC in multi-tenant/multi-environment setups
• Engage in threat modeling and design reviews to actively identify improvement areas across networking and security surfaces
• Participate in Disaster Recovery exercise, review lessons learned and make appropriate changes to the environment
• Produce and maintain all required artifacts, documentation, and architectural design diagrams
• Make recommendations to improve process efficiency and effectiveness; lead cost saving initiatives, define/uphold architectural design standards and configurations to ensure consistency, maintainability, and flexibility with respect to overall system, technical and product roadmaps
• Keeps up to date with emerging cloud technology – open source and cloud vendors such as Azure and AWS to build scalable, highly available, and fault-tolerant systems
• Stay up-to-date with industry technical and business trends through participation in professional associations, technical forums, practice communities, and individual learning/certifications
• Sets an example for team members of commitment, Cloud knowledge, strong work ethics, leadership, and integrity
• Available to support after-hours deployments, production issues/outages and emergency situations when required
• Contribute to CI/CD, test automation, and production-level monitoring/instrumentation
• Collaborate with security teams to safeguard infrastructure from cyber threats.
• Ensure compliance with Canadian banking regulations (e.g., OSFI, PIPEDA, PCI etc.) and industry standards.
• Conduct regular vulnerability assessments and implement mitigation strategies.

Qualifications & Experience
Degrees, Diplomas & Certifications:

• The position requires a university degree in the field of Computer Science, Engineering or a related field. Alternatively, a college diploma with advanced industry experience.

Years and Range of Experience Required to Perform the Job:

• 5+ years of hands-on Azure experience with architectural ownership/stakeholder responsibility
• Strong understanding of Infrastructure as Code (IaC) principles and best practices is essential, including experience with coding for infrastructure provisioning, maintaining CI/CD pipelines, and using source control tools. Familiarity with DevOps methodologies and tools is a plus.
• Must possess: Direct, recent experience in serverless compute (App services and container apps), deep Azure networking, and security (not just design—implementation and troubleshooting)
• Azure Solutions Architect Expert (AZ-305) or equivalent real-world proficiency
• Strong scripting abilities (PowerShell, bash) and modern DevOps toolchains

Preferred Qualifications

• Experience with regulatory requirements specific to Canadian banking (e.g., OSFI B-10, B-13).
• Familiarity with cyber resilience frameworks for financial institutions.

While we thank everyone for their interest in Haventree Bank, please note that only candidates selected for an interview will be contacted. Haventree Bank is committed to providing accommodation when needed. If you require an accommodation, we will work with you to meet your needs.

• As a job candidate, our recruitment process includes collecting personal information. Please click the link here to review our Privacy Policy. Privacy Statement | Haventree Bank
• Stay in touch with us, if this position is not the right one for you – please click on this link for other roles at Careers | Haventree Bank or follow us on LinkedIn at
• Haventree Bank embraces equal opportunity, diversity, and inclusion. Please let us know if you require any accommodations during the recruitment and selection process by contacting