Azure Infrastructure Engineer

About The Position

Requirements

• Bachelor's or Master’s degree in Information Technology or related field preferred, or equivalent work experience.
• 5+ years in an Azure platform engineering role designing, implementing, and operating enterprise Azure environments.
• Core Technical Skills: Azure Platform Architecture: subscriptions, management groups, policy, RBAC, cost management, governance (required).
• Azure Networking: VNets, peering, routing, NSGs, Azure Firewall, Load Balancers, Application Gateway/WAF, VPN/ExpressRoute (required).
• Azure Identity & Access Management: Entra ID, Conditional Access, PIM, Managed Identities, Service Principals, Key Vault (required).
• Strong documentation, change management, and stakeholder communication; ability to lead technical implementation and collaborate across security, architecture, and app teams (required).

Nice To Haves

• Automation & Scripting: Terraform/ARM, PowerShell, Azure CLI; CI/CD (plus).
• Current Microsoft Azure certification (e.g., AZ‑104 Administrator; AZ‑305 Solutions Architect; AZ‑700 Network Engineer) (plus).

Responsibilities

• Design and implement Azure landing zones aligned to Microsoft Cloud Adoption Framework (CAF), including subscriptions, management groups, policies, RBAC, and cost governance.
• Engineer core services at scale (compute, storage, networking, identity, security, monitoring) with infrastructure-as-code and repeatable patterns.
• Architect and configure vNets, subnets, route tables, private endpoints, network security groups, load balancers, and hybrid connectivity (VPN/ExpressRoute).
• Establish segmentation, ingress/egress controls, and secure connectivity across regions and environments (dev/test/prod).
• Implement and harden Entra ID (Azure AD), Conditional Access, Privileged Identity Management (PIM), RBAC, managed identities, service principals, and Key Vault integrations.
• Define least‑privilege models, approval workflows, and access reviews across platform services.
• Build reusable IaC modules and pipelines using Terraform/ARM, and operational automation with PowerShell and Azure CLI.
• Integrate CI/CD via GitHub/Jenkins for provisioning, configuration drift control, and compliant releases.
• Establish observability with Azure Monitor, Log Analytics, alerts, dashboards; integrate Sentinel/Defender for Cloud for posture management and threat detection.
• Design backup/DR using Azure Backup, ASR; document RTO/RPO; perform failover tests and capacity planning.
• Create runbooks, SRE practices, golden images, and standard operating procedures; drive root‑cause analysis and preventive actions.
• Partner with app teams on networking, identity, and review designs and perform platform readiness checks.

Benefits

• Medical, dental and vision insurance plans
• Mental health support
• Wellness initiatives
• Retirement benefits options
• 401(k) Plan with a generous dollar-for-dollar Company matching contribution of up to 6% of eligible pay and a Company contribution equal to 3% of eligible pay (subject to annual IRS limits and Plan terms). These Company contributions vest immediately.
• Employee Assistance Program: Confidential counseling services and resources
• Matching charitable donations: Corebridge matches donations to tax-exempt organizations 1:1, up to $5,000.
• Volunteer Time Off: Employees may use up to 16 volunteer hours annually
• Paid Time Off (PTO) days