Description :

Position Summary

We are seeking a highly experienced and skilled Azure Cloud Engineer with 10+ years of practical experience to design, implement, and manage our enterprise-level cloud infrastructure on Microsoft Azure.

The ideal candidate will be a subject matter expert in securing, networking, and deploying complex, large-scale cloud environments, with a strong focus on security and best practices (specifically a "private-by-default" approach).

This role requires deep technical expertise, exceptional problem-solving abilities, and a proven track record of successful collaboration within cross-functional teams.

Key Responsibilities :

- Azure Landing Zone Architecture: Lead the design, implementation, and management of Azure Landing Zone architecture in enterprise-scale environments, ensuring alignment with organizational governance, security, and scalability requirements.

- Networking and Hybrid Connectivity: Architect, implement, and maintain robust and secure Azure networking solutions, including:

- Azure Virtual WAN (VWAN)

- ExpressRoute and Site-to-Site VPN connections

- Azure Firewall, Network Security Groups (NSGs), and Application Security Groups (ASGs)

- Virtual Networks (VNETs) and Subnetting

- Design and implementation of hybrid networking solutions to seamlessly connect Azure environments with on-premise infrastructure.

- Security and Governance: Enforce a "private-by-default" security posture across all Azure environments.

- Design and implement policies and controls to prevent public exposure of resources.

- Implement and manage Azure Policies to enforce compliance and configuration standards.

- Define and administer Role-Based Access Control (RBAC) to ensure least-privilege access.

- Develop and implement comprehensive resource tagging strategies for cost management, governance, and compliance.

- Automation and DevOps: Contribute to the development of Infrastructure as Code (IaC) using tools like Terraform or ARM Templates for automated resource provisioning and management (a plus).

- Troubleshooting and Optimization: Proactively monitor, troubleshoot, and optimize the performance, scalability, and cost efficiency of the Azure infrastructure.

- Collaboration and Documentation: Collaborate effectively with development, security, and operations teams.

- Create and maintain detailed technical documentation, diagrams, and operational guides.

Experience :

- 10+ years of hands-on experience in IT infrastructure, with a significant focus on cloud computing and Microsoft Azure.

- Proven, hands-on experience managing and deploying Azure landing zone architecture in enterprise environments.

Technical Skills :

- Azure Networking Expertise: Strong, in-depth knowledge and hands-on experience with core Azure networking services: VWAN, Express Route, VPN, Azure Firewall, VNETs, and network security groups.

- Hybrid Cloud Networking: Extensive experience designing and implementing hybrid networking solutions between Azure and on-premise data centers.

- Security by Design: Demonstrable experience designing Azure environments with a private-by-default approach and actively enforcing policies to prevent public exposure.

- Governance and Compliance: Strong familiarity with implementing and managing Azure governance tools, including Azure Policies, RBAC, and resource tagging strategies.

- Familiarity with Azure services across Compute, Storage, Database, and Security domains.

Soft Skills :

- Strong problem-solving skills with the ability to diagnose complex technical issues spanning multiple domains (network, security, compute).

- Excellent written and verbal communication skills; ability to articulate complex technical concepts to both technical and non-technical stakeholders.

- Proven ability to collaborate effectively with cross-functional teams (e.g., Development, Security, DevOps, Operations).

Preferred Qualifications (Nice to Have) :

- Relevant Microsoft Azure Certifications (e.g., Azure Solutions Architect Expert - AZ-305).

- Experience with Infrastructure as Code (IaC) tools such as Terraform or Azure Resource Manager (ARM) templates.

- Familiarity with other cloud platforms (AWS, GCP)