Requirements
- Design and architect end-to-end Azure infrastructure solutions aligned with business, security and technical requirements.
- Lead cloud deployment initiatives, and work with the Director of Information Security to secure applications on Azure and other cloud platforms.
- Assist in the development and enforcement of cloud architecture standards, governance frameworks, and best practices.
- Collaborate with infrastructure, endpoint, security, and software engineering teams to ensure scalable and secure infrastructure design and compliance of cloud infrastructure systems.
- Optimize cloud environments for cost, performance, scalability, and reliability.
- Work with infrastructure engineers to implement and secure cloud networking solutions including VNets, VPNs, ExpressRoute, and hybrid connectivity.
- Implement and maintain monitoring and observability across the Azure estate using Azure Monitor, Log Analytics, diagnostic settings, workbooks, and action groups; tune alerting for platform health, performance, capacity, and cost.
- Work with the Director of Security to define and deploy Azure Policy and other initiatives to enforce governance, security baselines, resource tagging, and regulatory compliance; author custom policies and remediation tasks where built-in definitions fall short.
- Administer Entra ID at scale: Conditional Access, Privileged Identity Management (PIM), named locations, passwordless / FIDO2 / YubiKey, administrative units, and Graph API automation.
- Automate routine tasks and workflows using PowerShell, including modules, error handling, REST API consumption, and Microsoft Graph SDK.
- Deliver infrastructure as code using Bicep, Terraform, or equivalent tooling.
- Support and enhance Microsoft 365 services including Exchange Online, Teams, SharePoint, and Intune.
- Implement and maintain hybrid environments integrating on-premises systems with Azure AD.
- Troubleshoot complex infrastructure issues and provide root cause analysis.
- Collaborate with security team to enforce compliance, patching, and vulnerability management.
- Support backup, disaster recovery, and business continuity strategies.
- Evaluate emerging technologies and recommend improvements to cloud architecture strategy.
- Participate in infrastructure projects, upgrades, and migrations.
- Respond to system and security alerts as required to maintain up-time and system performance.
- Participate in on-call rotation once a month.
- Minimum 5 years experience designing cloud architecture and contributing to cloud strategy and standards.
- Experience designing and supporting Azure infrastructure (IaaS, PaaS, networking, and identity).
- Experience using Azure Monitor, Log Analytics, and related tools to monitor and troubleshoot platform health.
- Experience implementing governance and compliance controls using Azure Policy and related standards.
- Familiarity with best practices for securing cloud infrastructure and applications.
- Experience administering Entra ID, including Conditional Access, Privileged Identity Management (PIM), and passwordless authentication (FIDO2 / YubiKey).
- Experience delivering infrastructure as code using Bicep, Terraform, or equivalent tools.
- Proficiency with PowerShell scripting and automation, including Microsoft Graph SDK.
- Strong Windows Server administration skills and experience supporting hybrid environments.
- Experience administering Active Directory and Group Policy in an enterprise environment.
- Experience supporting Microsoft 365 services such as Exchange Online, Teams, SharePoint, and Intune.
- Strong knowledge of security best practices and ability to apply standards in a production environment.
- Experience optimizing cloud environments for cost, performance, and reliability.
- Experience supporting backup, disaster recovery, and business continuity practices.
- BS degree or equivalent experience and IT certifications.