Skip To Main Content
epam-logo-black.svgepam-logo-black.svg
backBack to Search

Senior Cloud Engineer

Remote in Mexico, Colombia
Microsoft Azure& 4 others
Looking for something else?

Find a vacancy that works for you. Send us your CV to receive a personalized offer.

Find me a job
Choose an option

We are looking for a Senior Cloud Engineer to join our team. As a Cloud Engineer you will help us build and operationalize our Azure cloud platform, standing up the foundational organizational structure and infrastructure needed to support client's products on Azure. You will design and implement Azure landing zones, identity and access management, networking, and managed services - all built with Infrastructure as Code and aligned to FedRAMP/FISMA compliance requirements.

Responsibilities
  • Design and implement the Azure organizational hierarchy, including management groups, subscriptions, and resource groups, following enterprise landing zone patterns
  • Configure Azure identity and access management using Entra ID, RBAC role assignments, Privileged Identity Management (PIM), conditional access policies, and break-glass accounts
  • Deploy security and compliance tooling, including Microsoft Defender for Cloud, Azure Policy, and Microsoft Sentinel, to ensure robust logging and monitoring
  • Conduct FedRAMP/FISMA compliance gap analysis across the Azure environment and implement the necessary controls to close identified gaps
  • Design and build Azure networking infrastructure, including VNets, subnets, NSGs, NAT Gateways, route tables, and hub-spoke or mesh topologies
  • Implement private connectivity patterns using Private Endpoints and Private DNS Zones for Azure managed services
  • Provision and configure Azure managed resources such as Blob Storage accounts, Azure Database for PostgreSQL, Azure Container Registry, Azure Machine Learning Compute, and Log Analytics workspaces
  • Set up User-Assigned Managed Identities (UAMI) and configure least-privilege role assignments for secure workload authentication
  • Author and maintain all infrastructure as Terraform modules, following GitOps workflows for change management and deployment
  • Collaborate with product engineering and Security teams to translate application requirements into secure and compliant Azure infrastructure
Requirements
  • Bachelor's or Master's degree in Computer Science or a related technical discipline, with proven experience in Azure cloud platform engineering, administration, or architecture
  • At least 3 years of relevant commercial experience in a cloud engineering role
  • Hands-on experience managing cloud infrastructure through Infrastructure as Code using Terraform
  • Practical experience designing and implementing Azure networking solutions, including VNets, NSGs, Private Endpoints, and Private DNS Zones
  • Strong background in Azure identity and access management, including Entra ID, RBAC, and managed identities
  • Proficiency in scripting and automation using Python, Shell, or Go
  • Excellent oral and written communication skills in English (B2+ level or higher)
Nice to have
  • Experience working with FedRAMP, FISMA, or equivalent federal compliance frameworks in a cloud environment
  • Azure certifications such as AZ-104 (Azure Administrator), AZ-500 (Azure Security Engineer), or AZ-305 (Azure Solutions Architect)
  • Hands-on experience with Azure managed data services, including Azure Database for PostgreSQL, Blob Storage, and Azure Container Registry
  • Practical experience with Kubernetes and Azure Kubernetes Service (AKS) for container orchestration
  • Hands-on experience with Azure security tooling, including Microsoft Defender for Cloud, Azure Policy, and Microsoft Sentinel
  • Experience with GitOps and CI/CD pipelines using GitHub Actions, Argo CD, or similar tools
  • Strong written and verbal communication skills, with the ability to author clear and detailed technical documentation