Cloud Infrastructure Engineer

About The Position

Requirements

• In-depth understanding of: Microsoft Azure core services and architecture (subscriptions, resource groups, compute, storage, PaaS offerings) and how to design for scale and resiliency
• Azure networking concepts and services (VNets, NSGs, load balancing, DNS, Private Link, VPN/ExpressRoute, Azure Firewall)
• Azure governance and identity fundamentals (Azure Policy, RBAC, management groups, Entra ID, PIM) and practical application of least privilege
• Reliability engineering principles (high availability, fault domains, scaling, observability) and secure-by-default infrastructure patterns
• Working knowledge of: Infrastructure-as-code and configuration management practices, including Terraform and/or Bicep/ARM templates
• Azure DevOps/GitHub-based CI/CD for infrastructure and platform deployments (pipelines, approvals, environments, secrets management)
• Monitoring, logging, and troubleshooting in Azure using Azure Monitor, Log Analytics, Application Insights, and KQL
• Backup, recovery, and resiliency tooling (Azure Backup, Recovery Services Vault, Site Recovery) and practical DR testing
• Basic experience with: Operating production cloud platforms, including on-call/incident response, root cause analysis, and continuous improvement
• Container and platform operations experience (AKS and related ecosystem: ingress, certificates, secrets, node pools, upgrades)
• Cloud cost management and optimization practices (Azure Cost Management, budgeting, tagging discipline, forecasting)
• Moderate experience with: Scripting and automation using Python, PowerShell, or Bash
• Automation using Azure-native services such as Azure Automation, Logic Apps, Functions, and Event Grid
• A bachelor's degree in Information Technology, Computer Science, or a similar field of study, or equivalent experience.
• 3+ years of hands-on experience engineering and operating cloud infrastructure, with strong, recent experience in Microsoft Azure (networking, compute, storage, and governance).
• A passion for learning about Azure services, cloud infrastructure patterns, automation, and operational best practices.
• Excellent verbal and written communication skills.
• Strong time management and organizational skills.

Nice To Haves

• Relevant certifications preferred (e.g., AZ-104, AZ-305, AZ-400; HashiCorp Terraform Associate).
• Security certifications (e.g., AZ-500) are a plus.

Responsibilities

• Design, build, and maintain Azure infrastructure using best practices for reliability, scalability, and operational excellence.
• Implement and operate Azure landing zones, subscriptions, management groups, and governance controls (RBAC, Azure Policy, tagging, resource organization).
• Engineer Azure networking solutions (VNets, subnets, NSGs, route tables, Private Link/private endpoints, VPN/ExpressRoute, Azure Firewall) to meet connectivity and segmentation requirements.
• Automate provisioning and configuration using infrastructure-as-code (Terraform and/or Bicep/ARM) and integrate into CI/CD pipelines.
• Operate Azure compute and platform services (VMs, VMSS, AKS, App Service, Functions) including scaling, patching, upgrades, and lifecycle management.
• Design and manage Azure storage and data platform components (Storage Accounts, Azure Files, managed disks, backup targets) with appropriate performance and resiliency.
• Implement monitoring, logging, and alerting using Azure Monitor, Log Analytics, and Application Insights; improve observability and reduce mean time to recover.
• Partner with security teams to implement identity, key management, and baseline controls (Entra ID, PIM, Key Vault, Defender for Cloud) as part of the infrastructure standard.
• Support incident response and problem management for Azure services, including root cause analysis and implementation of corrective and preventative actions.
• Create and maintain technical documentation, diagrams, and runbooks for Azure architectures, operational procedures, and standards.
• Drive cost optimization and capacity planning efforts (e.g., right-sizing, reservations/savings plans, storage tiering) and provide clear recommendations to stakeholders.
• Plan and test business continuity and disaster recovery capabilities for Azure workloads (backup, restore, replication, failover) and validate RTO/RPO requirements.

Benefits

• Robust internal training program, plus Company-paid external training.
• Company-paid external training.
• Free mental health support.
• Generous medical, dental, and vision benefits at different price points.
• Company-paid disability and life insurance.
• Company 401(k) plan including annual 3% safe harbor contribution.
• Free patient advocacy service that helps find care providers and resolve insurance queries.
• Free financial advising.
• Generous parental leave, sick leave, and vacation policies.
• Possibility to work remotely or with a flexible schedule when needed and approved.
• Company-paid cell phone with discounted accessories.
• 1-2-3 Give Program: 1. SRA will give $1,000 to a charity of your choice. 2. If you give an additional amount (up to $1,000), then 3. SRA will match that amount up to $1,000.
• Other discounted, employee-paid benefits including pet insurance, legal support, and voluntary life insurance.