Azure Infrastructure Engineer

About the Role

The Azure Infrastructure Engineer will design, build, secure, and automate enterprise‑grade Azure platforms. The resource will own core platform engineering across networking, identity, governance, and automation—partnering with architecture, security, and application teams to deliver resilient, scalable, and cost‑efficient cloud services.

• Design and implement Azure landing zones aligned to Microsoft Cloud Adoption Framework (CAF), including subscriptions, management groups, policies, RBAC, and cost governance.
• Engineer core services at scale (compute, storage, networking, identity, security, monitoring) with infrastructure‑as‑code and repeatable patterns.
• Architect and configure Azure networking components—including vNets, subnets, route tables, private endpoints, network security groups, load balancers, and hybrid connectivity (VPN/Express Route).
• Establish segmentation, ingress/egress controls, and secure connectivity across regions and environments (dev/test/prod).
• Identity & Access Management:
  Implement and harden Entra  (Azure AD), Conditional Access, Privileged Identity Management (PIM), RBAC, managed identities, service principals, and Key Vault integrations; define least‑privilege models, approval workflows, and access reviews across platform services.
• Automation & Scripting:
  Build reusable IaC modules and pipelines using Terraform/ARM, operational automation with Power Shell and Azure CLI; integrate CI/CD via Git Hub/Jenkins for provisioning, configuration drift control, and compliant releases.
• Reliability, Security & Compliance:
  Establish observability with Azure Monitor, Log Analytics, alerts, dashboards; integrate Sentinel/Defender for Cloud for posture management and threat detection; design backup/DR using Azure Backup, ASR; document RTO/RPO; perform failover tests and capacity planning.
• Operations & Continuous Improvement:
  Create runbooks, SRE practices, golden images, and standard operating procedures; drive root‑cause analysis and preventive actions; partner with app teams on networking, identity, and review designs and perform platform readiness checks.

• Bachelor’s or Master’s degree in Information Technology or related field preferred, or equivalent work experience.
• 5+ years in an Azure platform engineering role designing, implementing, and operating enterprise Azure environments.
• Core Technical
  
  Skills:
  • Azure Platform Architecture: subscriptions, management groups, policy, RBAC, cost management, governance (required).
  • Azure Networking: VNets, peering, routing, NSGs, Azure Firewall, Load Balancers, Application Gateway/WAF, VPN/Express Route (required).
  • Azure Identity & Access Management:
    Entra , Conditional Access, PIM, Managed Identities, Service Principals, Key Vault (required).
  • Strong documentation, change management, and stakeholder communication; ability to lead technical implementation and collaborate across security, architecture, and app teams (required).
  • Automation & Scripting:
    Terraform/ARM, Power Shell, Azure CLI; CI/CD (plus).
  • Current Microsoft Azure certification (e.g., AZ‑104 Administrator; AZ‑305 Solutions Architect; AZ‑700 Network Engineer) (plus).

The actual compensation offered will ultimately be dependent on multiple factors, which may include the candidate’s geographic location, skills, experience, and other qualifications. The position is eligible for a discretionary bonus in accordance with the terms of the applicable incentive plan.

We are an Equal Opportunity Employer. All applicants will be considered for employment based on job-related qualifications and without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, disability, neurodivergence, age, veteran status, or any other protected characteristic.