DNS Architect

Organisation Overview

Our Client is an established organisation operating across complex, multi-environment infrastructure-spanning on-premises systems, cloud platforms, and third-party services. They help ensure dependable connectivity and robust digital operations, with a strong focus on resilience, security, and operational excellence.
This is a place where architecture thinking matters: you’ll collaborate with specialists, contribute to evidence-led recommendations, and deliver practical, client-facing advisory outputs that strengthen long-term capability.

Role Summary

Our Client is seeking a DNS Architect to support a key advisory and assessment engagement. The purpose of this role is to review and improve DNS architecture across hybrid environments, identifying risks, gaps, and technical debt-without implementing changes.
You’ll play a strategic part in shaping the direction of future-state DNS resilience and security posture. This work will influence how the organisation reduces failure risk, strengthens trust boundaries, and improves operational consistency across multiple DNS providers and platforms.

Responsibilities

As the DNS Architect, you will:

• Review end-to-end DNS architecture across on-prem, cloud, andSaaS platforms
  • Assess configuration alignment and consistency across multiple DNS providers
  • Identify architectural gaps, risks, and areas of technical debt
• Analyse resiliency and redundancy within the currentDNS model
  • Evaluate single-provider dependency risks
  • Propose multi-vendor DNS architecture approaches to eliminate single points of failure
  • Consider active/active and active/passive patterns
  • Map failure domains across platform, provider, region, and control-plane boundaries
• Assess alignment with industry standards
  • Review the architecture against recognised best practices
  • Evaluate scalability, separation of concerns, and operational consistency
• Create current-state and future-state architecture views
  • Produce conceptual future-state architecture guidance
  • Define prioritised improvement areas
  • Develop a phased roadmap (advisory only-no implementation)
• Lead DNS security architecture and risk analysis (with support from security engineers)
  • Perform DNS threat modelling using a STRIDE-style approach
  • Assess control-plane access and trust boundaries
  • Analyse provider dependencies across control-plane and data-plane
  • Identify misconfiguration risks in SaaS DNS platforms
  • Document failure modes and abuse cases (non-adversarial; no active testing)
• Use telemetry to strengthen findings (no new tooling)
  • Review existing DNS telemetry and logs
  • Correlate latency, error rates, and query trends
  • Identify resilience patterns, cascading failures, and hidden dependencies
  • Support recommendations with empirical evidence

Essential Skills & Experience

To be considered, you should have:

• Strong DNS architecture experience across hybrid environments (on-prem, cloud, and SaaS)
• Demonstrable ability to assess resiliency models, including multi-vendor design principles and failure-domain mapping
• Proven capability to perform security-focused architecture analysis, including threat-modelling (STRIDE-style desirable) and trust-boundary thinking
• Experience analysing DNS performance and operational telemetry (latency/error/query trends) using existing logs and metrics
• Ability to produce formal, client-facing advisory documentation with clear findings, structured risk commentary, and actionable recommendations
• Familiarity with common enterprise DNS components and concepts such as control plane vs data plane, dependency mapping, and misconfiguration risk patterns

Desirable Skills & Experience

The following would strengthen your application (not mandatory):

• Experience with one or more majorDNS/platform technologies such as:
  • BlueCat
  • Akamai
  • F5 (including GTM/LTM)
  • AWS Route 53
  • Azure DNS
• Prior experience delivering architecture assessments that result in future-state roadmaps (conceptual, non-implementation)
• Experience creating structured outputs such as threat and failure matrices, dependency registers, and risk reduction summaries

Call to Action

If you’re an experienced DNS Architect and enjoy advisory work that blends architecture, resiliency, security, and evidence-based analysis, we’d love to hear from you.
Please submit your CV for consideration.