Rockefeller Philanthropy Advisors is hiring an Azure Cloud Engineer to lead complex server migration projects from on-premises systems to Azure and private cloud environments. In this role, you will design secure, hybrid infrastructures while configuring identity, access, and networking frameworks.

What You'll Do

Plan and carry out server migrations from legacy infrastructure to Azure or private cloud (primarily IaaS).
Analyze existing workloads, including file servers, AD DS, and applications, and create strategic migration plans.
Deploy and configure Azure infrastructure components such as virtual machines, networking, and storage.
Implement hybrid identity using Azure AD Connect, Entra ID, and domain controllers in Azure.
Manage security access with Conditional Access, Azure AD, and Global Secure Access configurations.
Set up DNS, DHCP, group policies, and SMB/NFS shares in the cloud.
Integrate workloads with security tools like Defender for Cloud and Microsoft Sentinel (where applicable).
Diagnose and resolve infrastructure, authentication, and networking issues.
Work closely with networking teams to configure VPNs, NSGs, route tables, and private endpoints.
Document systems and provide clear handover documentation for clients.
Coordinate with project managers to ensure successful delivery on time and within scope.

What We're Looking For

Minimum of 5 years of experience with Windows Server (2016/2019/2022) administration and migrations.
Proven track record of deploying and managing cloud infrastructure in Microsoft Azure or private cloud.
Strong command of Azure AD, Azure AD Connect, Entra Domain Services, and Conditional Access.
Understanding of hybrid networking concepts, VPNs, DNS, NSGs, subnets, and firewalls.
Ability to independently lead technical projects and communicate effectively with stakeholders.
Proficiency in documenting technical configurations and providing status updates.

Nice to Have

Preferred certifications: AZ-104, AZ-800/801, SC-300, MS-102.
Bonus: experience with Microsoft Defender, Azure Virtual Desktop, and working in MSP/consulting environments.

Technical Stack

Microsoft Azure, Windows Server (2016/2019/2022), Azure AD, Azure AD Connect, Entra ID, Entra Domain Services, Conditional Access, Global Secure Access
DNS, DHCP, Group Policies, SMB/NFS shares, Defender for Cloud, Microsoft Sentinel
VPNs, NSGs, Route Tables, Private Endpoints

Team & Environment

Collaborative team structure with clear milestones and goals.

Benefits & Compensation

Competitive hourly rate on contract basis.
Fully remote work environment.
Project-based flexibility depending on client needs.
Exposure to advanced Azure technologies and modern identity security tools.
Opportunity to work with a variety of small to mid-sized clients across industries.