Senior Cloud Engineer (Azure)

Position – how you’ll contribute

• Own reliability and scale of Azure platforms: design for resilience, capacity, performance, and cost efficiency; drive SLO/SLA alignment and continuous improvement.
• Lead automation-first operations: design and maintain Terraform module libraries, enforce IaC standards, and build CI/CD pipelines (Azure DevOps) for provisioning infrastructure.
• Engineer secure landing zones: implement and evolve Azure enterprise-scale landing zones aligned with CAF and Landing Zone Standard (identity, RBAC, policy, networking, guardrails).
• Improve platform architecture: hub – and-spoke networking, Private Link/Endpoints, Azure Firewall/App Gateway/WAF, Key Vault/Managed HSM, backup/DR patterns, and data protection.
• Establish observability: Azure Monitor, Log Analytics, alerts, dashboards, and KQL.
• Improve security: create baseline security and secrets management model (Defender for Cloud, Entra ID, Key Vault).
• Mentor and uplift: guide mid/junior engineers, lead technical workshops with client teams, and contribute to internal playbooks and standards.
• Partner with delivery: collaborate with other engineers to create coherent, secure DevOps workflows and support solution reviews, estimations, and presales when needed.

• 9+ years of hands-on experience in IT projects, including 5+ years as a Cloud/Platform/DevOps Engineer focused on Microsoft Azure in live environments.
• Proven track record implementing, operating, and optimizing cloud platforms at enterprise scale (multi-subscription/tenant, policy & RBAC, governance).
• Practical experience designing and managing Landing Zones aligned with CAF and enterprise guardrails.
• Strong Infrastructure as Code with Terraform (modules, workspaces), and CI/CD (Azure) for infrastructure and applications.
• Solid knowledge across networking (VNet design, routing, DNS, VPN/ExpressRoute, Private Link), identity (Entra ID, PIM, conditional access), security (Defender for Cloud, baseline hardening, secret management), and observability (Azure Monitor, Log Analytics, alerting).
• Experience authoring clear technical documents: architecture diagrams, runbooks, how-to guides.
• English B2+/C1; comfortable collaborating with international stakeholders.
• Hands-on with containers (Docker) and Kubernetes/AKS operations (upgrades, node pools, ingress, autoscaling) or willingness to ramp quickly.
• Scripting in PowerShell and/or Python for automation and tooling.
• One or more Azure certifications examples: Azure Administrator (AZ-104), Azure Solutions Architect (AZ-305), Azure DevOps Engineer (AZ-400); Security (AZ-500) or CKA/CKAD are a plus.

Additional skills – the edge you have

• Platform engineering mindset (golden paths, reusable templates, paved roads).
• Experience with FinOps (cost governance, budgets, tagging, rightsizing).
• Exposure to AI/ML workloads (Azure OpenAI/AI Services) from an infrastructure perspective.
• Familiarity with ITIL practices in a managed services context.