HamburgerMenu
hirist
AI/ML

Artificial Intelligence

Machine Learning

NLP

Generative AI

Predictive Modeling

Query Segmentation

AI Interface

LLM

Deep Learning

MLOps

Security Architect - AI

Cloud Architect - ML/AI

Data Scientist

Data Modeling

Data Analytics

Data Analytics & BI

Data Engineering

Software Development

Backend Development

Frontend Development

Full Stack

Mobile Applications

Emerging Technologies

DevOps / SRE

CyberSecurity

Quality Assurance

Platform Engineering / SAP/Oracle

Product / Design

Product Management

Business Analysis and Project Management

UI & Design

Others

Semiconductor/VLSI/EDA

Others

Spektra Systems - Azure Infrastructure Architect

Spektra Systems
5 - 15 Years
Anywhere in India/Multiple Locations
AzureCloud InfrastructureTechnical ArchitectDevOpsIAC TerraformPaaSEntra IDPowerShellConfiguration ManagementScriptingCI/CD Pipeline

Posted on: 18/02/2026

Job Description

Job Description :


Shift : EMEA & US Shift


Location : Currently remote; may transition to onsite in the future

About the Role :


We're looking for a hands-on Senior Azure Infrastructure Architect to lead enterprise cloud architecture and infrastructure delivery. You'll design and implement secure, production-grade Azure environments following Azure Landing Zone patterns, Zero Trust security principles, and Infrastructure as Code best practices.

This role requires deep expertise in Azure networking, security architecture, and IaC automation. You'll own end-to-end infrastructure delivery - from architecture design through Bicep/Terraform implementation - for global enterprise customers. We need someone who can whiteboard a hub-spoke topology and then build it hands-on.

Key Responsibilities :

Architecture & Design :

- Design enterprise Azure Landing Zone architectures following Microsoft Cloud Adoption Framework (CAF)


- Architect Hub-Spoke network topologies with proper IP addressing, subnetting, and VNet peering strategies

- Design Zero Trust security models with defense-in-depth layering

- Create multi-region, high-availability architectures with geo-replication and disaster recovery

- Conduct infrastructure assessments and develop optimization strategies

- Design cost-efficient architectures balancing security, performance, and budget

Security Architecture :

- Implement NSG-only or Azure Firewall-based security models with deny-by-default rules

- Design Private Endpoint strategies for PaaS services (SQL, Storage, Key Vault, App Service)

- Configure Microsoft Defender for Cloud across workload types (App Service, SQL, Storage, Key Vault, ARM)

- Implement Azure Front Door Premium with WAF (OWASP 3.2, Bot Manager, geo-filtering, rate limiting)

- Design identity solutions with Entra ID, Managed Identities, and RBAC least-privilege access

- Configure Private DNS Zones and VNet links for private name resolution

Hands-on Implementation (Infrastructure as Code) :

- Develop and maintain Bicep/Terraform modules for reusable infrastructure patterns

- Build modular IaC for : VNets, NSGs, Private Endpoints, Key Vaults, SQL Servers, App Services, Front Door, Storage Accounts

- Implement configuration-driven deployments using centralized config files (config.json patterns)

- Create PowerShell/Azure CLI deployment scripts with proper error handling and verification

- Build phased deployment strategies with verification checkpoints

- Implement diagnostic settings and Log Analytics integration across all resources

Compute & Data Platform :

- Deploy Azure App Service with VNet Integration, Private Link, and System-Assigned Managed

Identity


- Configure Azure SQL Hyper-scale with geo-replication, Private Endpoints, and Azure AD-only authentication

- Implement Azure Storage with Private Endpoints (Blob, Queue, Table) and proper RBAC

- Configure Application Insights and Log Analytics for observability

- Deploy Azure Virtual Desktop (AVD) with Entra ID Join and automation run-books

Customer Engagement & Delivery :


- Lead technical architecture discussions with customer IT leadership

- Own end-to-end project delivery from discovery through production deployment


- Conduct infrastructure design reviews and security assessments

- Create architecture documentation and operational runbooks

- Manage customer expectations and project timelines

Requirements :


Azure Networking & Security (Core Focus) :

- Hub-Spoke VNet topology design and implementation


- NSG rules with Service Tags and deny-by-default patterns


- Private Endpoints for all Azure PaaS services

- Azure Front Door Premium with WAF configuration

- VNet Peering (regional and cross-region)

- Azure Private DNS Zones and VNet links

- Zero Trust architecture principles and implementation

Identity & Access Management :


- Entra ID (Azure AD) for cloud identity


- System-Assigned and User-Assigned Managed Identities

- Azure RBAC with least-privilege role assignments

- Key Vault with RBAC access model (not legacy access policies)

- Conditional Access and MFA strategies

Infrastructure as Code (Hands-on Required) :


- Bicep?(primary) or Terraform for Azure IaC


- Modular IaC patterns with reusable modules

- PowerShell scripting for deployment automation

- Azure CLI for resource management and verification

- Configuration-driven deployments (parameterized templates)

- CI/CD pipelines for infrastructure (Azure DevOps, GitHub Actions)

Security & Governance :

- Microsoft Defender for Cloud (CSPM + workload protection plans)

- Security architecture (defense-in-depth, threat modeling)

- Regulatory compliance frameworks (ISO 27001, SOC 2, GDPR)

- Azure Policy for governance and compliance enforcement

- NSG Flow Logs and Log Analytics for security monitoring

Compute & Data Platforms :

- Azure App Service (Web Apps, VNet Integration, Private Link)

- Azure SQL (Hyperscale, geo-replication, Private Endpoints)

- Azure Storage (Blob, Queue, Table, Private Endpoints, RBAC)

- Azure Virtual Desktop (Pooled, Entra ID Join, automation)

- Application Insights and Log Analytics

Experience :

- 5+ years hands-on Azure infrastructure experience

- Proven track record with enterprise customers (US/EMEA)

- Multi-region Azure deployments with DR/HA requirements

- Azure Landing Zone implementations (greenfield or brownfield)

- Security-focused architecture design and implementation

- Cost optimization and FinOps experience

- Team leadership or mentoring experience

Desired Qualifications : Certifications (Preferred) :


- Microsoft Certified : Azure Solutions Architect Expert


- Microsoft Certified : Azure Administrator Associate

- Microsoft Certified : Azure Security Engineer Associate

- Azure Network Engineer Associate

- HashiCorp Terraform Associate (if Terraform-focused)

What We're Looking For :

A hands-on architect who understands that architecture diagrams must translate to working infrastructure. You should be comfortable switching between whiteboard design sessions and terminal-based IaC deployments.


We value :

- Security-first mindset : Every design decision considers Zero Trust principles

- IaC discipline : Infrastructure exists as code, not click-ops

- Verification rigor : You validate deployments, not assume success

- Documentation : Architecture decisions and operational knowledge are captured

- Practical problem-solving : You find solutions within budget and timeline constraints

- Continuous learning : Azure evolves rapidly; so should you

info-icon

Did you find something suspicious?

Similar jobs that you might be interested in

Posted by

Sindhu M

Associate IT Recruiter at Spektra Systems

Last Active: 31 Mar 2026

Job Views:  
418
Applications:  67
Recruiter Actions:  60

Posted in

DevOps / SRE

Functional Area

Technical / Solution Architect

Job Code

1613684

Jobs by location

Interview Questions for you

View All
Blog for regisnation

How to Write Leave Application for Urgent Work: Format & Samples (2025)

Blog for regisnation

Top 90+ Machine Learning Interview Questions and Answers

Blog for regisnation

Top 40+ Deep Learning Interview Questions and Answers