Azure Infrastructure & Network Specialist

About The Position

Requirements

• IoT/OT networking, firewalls, and encryption: Strong grasp of routing, segmentation, VPNs/proxies, TLS/PKI, and secure edge‑to‑cloud patterns.
• Azure IoT expertise: Practical advisory experience across IoT Hub, DPS, IoT Edge, Azure Digital Twins, and telemetry/analytics pipelines.
• Identity & SSO: Hands‑on advisory experience with Microsoft Entra ID (Azure AD), modern auth (OIDC/SAML/OAuth2), and least‑privilege access patterns.
• Troubleshooting & RCA: Demonstrated ability to lead deep diagnostics and produce clear, actionable RCAs with preventive controls.
• Smart building Information Gathering systems: Working knowledge Environmental, People Density, Parking and other various experiences.
• Risk mitigation & governance: Ability to produce risk registers, mitigation plans, acceptance criteria, and track to closure.
• Enablement skills: Excellent documentation, training, and presentation skills; ability to influence global stakeholders in a hybrid environment.

Responsibilities

• Technical triage: Rapidly assess questions or incidents to distinguish network vs. device vs. cloud causes; recommend next steps and owners.
• Advise on segmentation, encryption, and firewall policies for IoT/OT environments; define guardrails that balance safety, availability, and security.
• Design secure dataflow patterns (edge → gateways → cloud) and certificate/credential handling approaches appropriate for constrained OT devices.
• Produce risk assessments and mitigation plans for new integrations, vendor connections, and inter‑site traffic; track risks to closure.
• Guide solution patterns across Azure IoT Hub, Device Provisioning Service (DPS), IoT Edge, Azure Digital Twins, and related telemetry/analytics services.
• Advise on identity and SSO using Microsoft Entra ID (Azure AD) and modern auth flows; define least‑privilege controls and conditional access guardrails.
• Define secure onboarding and offboarding patterns for devices and applications; recommend resilience/failover and rollback strategies.
• Provide technical insight into BAS/BMS, Environmental, People Density, occupancy, parking, digital signage and other Commercial & Industrial IoT systems and their integration with Azure IoT platforms.
• Validate data integrity and performance through telemetry reviews, dashboards, and controlled tests; recommend tuning, buffering, and retry patterns.
• Deliver stakeholder presentations that explain how building systems map to network and cloud architectures, highlighting operational and security implications.
• Act as a Tier‑3 escalation point for complex IoT/OT connectivity and platform issues; perform deep diagnostics (logs, packet captures, edge/cloud traces).
• Lead root cause analysis (RCA) and write clear post‑incident reports with preventive actions, ownership, and timelines.
• Run knowledge‑transfer sessions and post‑incident reviews to build field/vendor capabilities and reduce repeat occurrences.
• Support lifecycle planning for firmware, certificates/keys, controller upgrades, and network segmentation milestones.
• Partner with field teams and vendors to align preventative maintenance with uptime/SLA and security objectives; recommend proactive risk‑reduction actions.
• Define onboarding requirements for IoT/OT solutions (compliance checks, service mapping, ops readiness).
• Own and maintain KBAs, runbooks, RACIs, workflows, and architecture patterns; ensure global applicability and version control.
• Create and deliver training modules and technical presentations for networking, operations, and app teams, measure adoption.
• Contribute to project scope, risk identification, acceptance criteria, and Key Performance Indicator (KPI) Objective and Key Results (OKR) definitions for global rollouts.
• Facilitate risk workshops and status readouts; provide executive‑level presentations on readiness, risk posture, and remediation progress.
• Coordinate across security, networking, facilities, and vendor teams to maintain alignment and accountability.
• Attend onsite tests, commissioning events, device reviews, and vendor alignment meetings; provide real-time triage and decision support.
• Capture onsite findings and convert them into updated standards, patterns, and training content.

Benefits

• Astreya offers comprehensive b enefits to all Regular, Full-Time Employees, including:
• Medical provided through Cigna (PPO, HSA, EPO options) / Medical provided through Kaiser (HMO option only) for California employees only
• Dental provided through Cigna (DPPO & DHMO options)
• Nationwide Vision provided through VSP
• Flexible Spending Account for Health & Dependent Care
• Pre-Tax Account for Commuter Benefit/Parking & Transit (location-specific)
• Continuing Education and Professional Development via various integrated platforms, e.g. Udemy and Coursera
• Corporate Wellness Program
• Employee Assistance Program
• Wellness Days
• 401k Plan
• Basic Life, Accidental Life, Supplemental Life Insurance
• Short Term & Long Term Disability
• Critical Illness, Critical Hospital, and Voluntary Accident Insurance
• Tuition Reimbursement (available 6 months after start date, capped)
• Paid Time Off (accrued and prorated, maximum of 120 hours annually)
• Paid Holidays
• Any other statutory leaves, paid time, or other fringe benefits required under state and federal law