Back to SearchLooking for something else?
Find a vacancy that works for you. Send us your CV to receive a personalized offer.
Find me a job
Choose an option
We are seeking a Cloud Engineer to become part of our team.
In this role, you will contribute to constructing and operationalizing our Azure cloud platform, establishing the core organizational framework and infrastructure required to host our client's products on Azure. Your work will involve architecting and rolling out Azure landing zones, identity and access management, networking, and managed services — all delivered through Infrastructure as Code and aligned with FedRAMP/FISMA compliance standards.
Responsibilities
- Architect and roll out the Azure organizational structure, covering management groups, subscriptions, and resource groups, in line with enterprise landing zone best practices
- Set up Azure identity and access management with Entra ID, RBAC role assignments, Privileged Identity Management (PIM), conditional access policies, and break-glass accounts
- Roll out security and compliance solutions, including Microsoft Defender for Cloud, Azure Policy, and Microsoft Sentinel, to enable comprehensive logging and monitoring
- Perform FedRAMP/FISMA compliance gap assessments throughout the Azure environment and put in place the required controls to address any gaps discovered
- Plan and construct Azure networking foundations, encompassing VNets, subnets, NSGs, NAT Gateways, route tables, and hub-spoke or mesh topologies
- Establish private connectivity approaches using Private Endpoints and Private DNS Zones for Azure managed services
- Set up and configure Azure managed resources, such as Blob Storage accounts, Azure Database for PostgreSQL, Azure Container Registry, Azure Machine Learning Compute, and Log Analytics workspaces
- Define User-Assigned Managed Identities (UAMI) and apply least-privilege role assignments to enable secure workload authentication
- Develop and maintain all infrastructure as Terraform modules, applying GitOps workflows for change tracking and deployment
- Partner with product engineering and Security teams to convert application needs into secure, compliant Azure infrastructure solutions
Requirements
- Bachelor's or Master's degree in Computer Science or a similar technical field, along with demonstrated experience in Azure cloud platform engineering, administration, or architecture
- A minimum of 2 years of professional experience in a cloud engineering position
- Practical experience overseeing cloud infrastructure through Infrastructure as Code with Terraform
- Working experience designing and deploying Azure networking solutions, covering VNets, NSGs, Private Endpoints, and Private DNS Zones
- Solid background in Azure identity and access management, including Entra ID, RBAC, and managed identities
- Confident scripting and automation skills using Python, Shell, or Go
- Outstanding verbal and written communication skills in English (B2+ level or above)
Nice to have
- Background in working with FedRAMP, FISMA, or comparable federal compliance frameworks within a cloud setting
- Azure certifications such as AZ-104 (Azure Administrator), AZ-500 (Azure Security Engineer), or AZ-305 (Azure Solutions Architect)
- Practical experience with Azure managed data services, such as Azure Database for PostgreSQL, Blob Storage, and Azure Container Registry
- Hands-on knowledge of Kubernetes and Azure Kubernetes Service (AKS) for managing containerized workloads
- Applied experience with Azure security tooling, including Microsoft Defender for Cloud, Azure Policy, and Microsoft Sentinel
- Familiarity with GitOps and CI/CD pipelines through GitHub Actions, Argo CD, or similar platforms
- Strong communication skills in both writing and speech, with the capacity to produce clear and thorough technical documentation