Cloud Infrastructure Engineer

About The Position

Requirements

• Minimum of 4 years of experience in cloud engineering, infrastructure engineering, systems administration, or network engineering, with a strong focus on Microsoft Azure and hybrid infrastructure.
• Hands-on experience designing, deploying, and supporting Azure infrastructure, including Virtual Machines, Storage, Virtual Networks, backup and disaster recovery, monitoring, and identity services.
• Experience implementing and managing Microsoft’s Cloud Adoption Framework (CAF), including management groups, subscription structure, Azure Policy, and governance guardrails.
• Strong experience with enterprise networking, including routing, switching, VLANs, VPNs, DNS, load balancing, segmentation, and firewall policy management.
• Hands-on experience administering and troubleshooting Palo Alto firewalls and Cisco network infrastructure.
• Experience designing and supporting Azure networking components, including Virtual Networks, VPN Gateways, ExpressRoute, Network Security Groups, Azure Firewall, and hybrid connectivity.
• Experience implementing and supporting identity and access controls using Microsoft Entra ID, Conditional Access, RBAC, Privileged Identity Management, and hybrid identity integration.
• Proficiency in scripting and automation using PowerShell and Azure CLI; Python experience is a plus.
• Familiarity with Azure cost management, performance monitoring, and capacity planning, including tools and practices used to optimize cloud spend and operational efficiency.
• Experience working with third-party infrastructure or network partners, including reviewing designs, validating configurations, and receiving technical handoffs.
• Knowledge of Microsoft Azure infrastructure services, including compute, storage, networking, backup and disaster recovery, monitoring, and identity services.
• Azure governance principles aligned with Microsoft’s Cloud Adoption Framework (CAF), including management groups, subscription organization, policy assignments, and tagging standards.
• Hybrid infrastructure architecture, including integration of on-premises environments with Azure and Azure Local.
• Enterprise networking concepts and technologies, including routing, switching, VLANs, DNS, VPN connectivity, network segmentation, firewalls, and secure remote access.
• Azure networking architecture, including Virtual Networks, VPN Gateways, ExpressRoute, Network Security Groups, Azure Firewall, load balancing, and DNS.
• Palo Alto firewall administration concepts and network security policy principles.
• Cisco network infrastructure concepts, including switching, routing, and general network operations.
• Microsoft Entra ID, Conditional Access, RBAC, Privileged Identity Management, and hybrid identity integration.
• Cloud and infrastructure security best practices, including encryption, privileged access management, key management, logging, segmentation, and compliance support.
• Azure monitoring and operational tools, including Azure Monitor, Log Analytics, alerting, and observability capabilities.
• Cost management, capacity planning, and optimization strategies for Azure infrastructure.
• Backup, business continuity, disaster recovery, and high-availability solutions across cloud and hybrid environments.
• Skill in Designing, deploying, administering, and maintaining Azure, Azure Local, and hybrid infrastructure environments.
• Implementing and maintaining Azure governance controls and standards aligned with Microsoft’s Cloud Adoption Framework (CAF).
• Configuring, supporting, and troubleshooting Azure networking, hybrid connectivity, and related enterprise network infrastructure.
• Administering and troubleshooting Palo Alto firewalls and Cisco network infrastructure.
• Automating infrastructure administration and operational tasks using PowerShell, Azure CLI, and similar tools.
• Implementing and managing identity and access controls using Microsoft Entra ID, Conditional Access, RBAC, and related Microsoft security services.
• Monitoring, analyzing, and improving infrastructure performance, availability, resiliency, and cost efficiency.
• Diagnosing and resolving infrastructure issues across compute, network, identity, storage, and security layers.
• Developing and maintaining infrastructure documentation, runbooks, standards, diagrams, and operational procedures.
• Ability to prioritize and manage multiple assignments, projects, and operational issues in a dynamic, fast-paced environment.
• Analyze and resolve complex infrastructure and network issues across Azure, Azure Local, and hybrid environments.
• Design and implement secure, scalable, resilient, and supportable infrastructure solutions aligned with business and operational requirements.
• Work independently on complex technical assignments while collaborating effectively with infrastructure, security, IT operations, and end user support teams.
• Communicate technical issues, risks, and recommendations clearly to both technical and non-technical stakeholders.
• Maintain accurate technical documentation, operational standards, and support procedures.
• Apply sound judgment during incidents, outages, maintenance activities, and change implementation.
• Serve as an effective technical counterpart to third-party infrastructure and network partners during design, implementation, and handoff activities.
• Stay current with changes in Azure, Azure Local, networking, and infrastructure best practices to continuously improve the environment.
• Participate in on-call support and respond effectively to operational emergencies as required.

Nice To Haves

• Microsoft Azure certifications such as Azure Administrator, Azure Solutions Architect, or other relevant cloud, networking, or security certifications are preferred.
• Equivalent combinations of education, training, and relevant experience may be considered in lieu of a degree.
• Experience supporting hybrid environments that integrate on-premises infrastructure with Azure, including Azure Local (formerly Azure Stack HCI), Windows Server, Hyper-V, hyperconverged infrastructure, or comparable virtualization platforms preferred.
• Experience supporting Azure Virtual Desktop (AVD), including host pools, session hosts, scaling, profile management, and security baselines, preferred.
• Working knowledge of Microsoft Intune and Windows Autopilot in enterprise environments, including endpoint compliance architecture, provisioning guardrails, and Conditional Access integration.
• Experience with infrastructure standardization, repeatable deployment methods, and infrastructure-as-code (IaC) using tools such as Terraform, Bicep, or ARM templates preferred.
• Experience supporting core hybrid infrastructure services, including Active Directory, DNS, DHCP, and file services, preferred.
• Experience supporting infrastructure for multi-tenant hosted or SaaS environments, including tenant isolation, high availability, segmentation, and security controls for customer-facing workloads, preferred.
• Azure Virtual Desktop architecture and operational considerations.
• Infrastructure patterns and operational considerations for SaaS and multi-tenant hosted environments, including tenant isolation, high availability, secure connectivity, and security guardrails for customer-facing workloads.

Responsibilities

• Design, deploy, administer, and support Azure and Azure Local infrastructure across production and non-production environments.
• Own and maintain Azure governance standards aligned with Microsoft’s Cloud Adoption Framework (CAF), including management groups, subscription topology, policy assignments, and tagging standards.
• Configure, manage, and troubleshoot Azure networking and hybrid connectivity, including Virtual Networks, VPN Gateways, ExpressRoute, DNS, segmentation, and firewall controls.
• Administer and support Palo Alto firewalls and Cisco network infrastructure, including policy management, routing, switching, connectivity troubleshooting, and security hardening.
• Support Azure Local and related on-premises infrastructure, including hosts, storage, clustering, virtualization, and connectivity components.
• Implement and maintain identity and access controls using Microsoft Entra ID, Conditional Access, RBAC, and Privileged Identity Management.
• Engineer, maintain, and optimize Azure Virtual Desktop (AVD) infrastructure, including session hosts, scaling plans, profile management, and security baselines.
• Monitor infrastructure health, performance, availability, and cost using Azure Monitor, Log Analytics, Azure Cost Management, and related operational tools; proactively identify and resolve issues.
• Support the migration, modernization, and ongoing operation of workloads across Azure, Azure Local, and hybrid environments.
• Implement and maintain backup, disaster recovery, and business continuity capabilities across cloud and hybrid environments.
• Apply security best practices across cloud and network infrastructure, including encryption, segmentation, secure administration, logging, and privileged access controls.
• Use scripting and automation to improve operational efficiency, standardize configurations, and reduce manual administrative effort.
• Serve as the internal technical counterpart for infrastructure and network implementation partners, validating designs, reviewing deliverables, and ensuring long-term maintainability of the environment.
• Collaborate with End User Support to define and maintain architectural guardrails for Microsoft Intune, Windows Autopilot, Conditional Access integration, and endpoint compliance standards.
• Maintain technical documentation, architecture diagrams, runbooks, standards, and support procedures.
• Participate in incident response, problem management, root cause analysis, maintenance activities, and on-call rotation as required.
• Collaborate with security, IT operations, and other technical teams to align infrastructure with organizational standards, operational requirements, and compliance expectations.
• Provide Tier 3 escalation support for complex infrastructure, networking, and identity issues that extend beyond day-to-day support operations.