AI Technology PartnersRemote
Senior Azure Cloud, Security, AI Operations Engineer
North America
Full Time
1 day ago
Key skills
AzureCloudDockerMongoDBTerraformVaultAIMLOpenAIAnalyticsGitHub ActionsIAMAzure DevOpsCosmos DBAzure MonitorAzure ADEntra IDJWTOpenTelemetryGitHubMeilisearchCI/CDSnykTrivyFirewall
About this role
Role Overview
- Own and evolve Azure foundations: subscription strategy, landing zones, networking (VNets, Private Link, Firewall), identity (Entra ID), secrets (Key Vault/Managed HSM), and data services (e.g., Cosmos DB, MongoDB Atlas, Storage).
- Design, implement, and harden CI/CD (GitHub Actions and/or Azure DevOps) for apps, infra, and policies; champion Infrastructure as Code (Terraform and/or Bicep).
- Build golden images/base containers, artifact pipelines, and automated drift detection.
- Operate and automate threat detection/response (e.g., Microsoft Sentinel, Defender for Cloud) and container/dependency scanning (e.g., Snyk, Trivy).
- Enforce least-privilege IAM, certificate rotation, and secrets hygiene across environments.
- Map controls to frameworks (e.g., ISO 27001, SOC 2, NIST, HIPAA, GDPR, FedRAMP contexts) and produce practical evidence via policy-as-code and reporting for our clients and certification processes.
- Establish SLOs/SLIs, error budgets, and proactive capacity/perf management.
- Stand up end-to-end observability (e.g., Azure Monitor, Log Analytics, Application Insights, etc.) and actionable alerting; reduce MTTR with auto-remediation.
- Lead incident response, post-incident reviews, and systemic hardening.
- Use LLMs/code-gen to boost infra and ops workflows: pipeline scaffolding, policy generation, runbook creation, and knowledge capture.
- Partner with our product/solutions teams to run AI workloads securely in production.
- Work directly with enterprise client teams; translate requirements into secure, reliable designs; present trade-offs; guide adoption and handover.
Requirements
- Senior-level experience operating and securing Azure at scale (multi-subscription/tenant patterns, landing zones, network isolation, identity, and data).
- Deep hands-on with Terraform (or Bicep), GitHub Actions/Azure DevOps, containers, and modern artifact workflows.
- Practical Security: SIEM/SOAR (Sentinel or similar), image/dependency scanning, vulnerability management, and policy-as-code.
- Strong observability chops (Azure Monitor/Log Analytics/App Insights, OpenTelemetry) and an SRE mindset.
- Clear communicator who’s comfortable with client interaction and crisp written docs.
- Azure Container Registry (ACR) including scaling, ingress, networking, and security.
- GitHub Actions pipelines, workflows, and deployments.
- Core Stack Experience & Summary: o Infra as Code: Terraform o Cloud & Containers: ACA, ACR, Key Vault, Storage, Cosmos DB, Monitor, App Insights, Application Gateway, Private Endpoints, Bastion o Databases: MongoDB Atlas, Cosmos DB, MeiliSearch, Vector Search o AI/ML: Azure OpenAI (GPT-4.1), LibreChat RAG pipelines, MeiliSearch, multi-cloud AI providers (OpenAI, Google Gemini, Cohere) o CI/CD & DevOps: GitHub + GitHub Actions, Terraform automation, Docker workflows o Security & Identity: Azure AD/Entra ID, OIDC/JWT, Defender/Sentinel, Key Vault, policy-as-code o Observability: Azure Monitor, Log Analytics, Application Insights
Tech Stack
- Azure
- Cloud
- Docker
- MongoDB
- Terraform
- Vault
Benefits
- Challenging work with modern AI workloads and demanding enterprise environments.
- Learning & sharing culture with deep dives, brown bags, and support for certifications/publication.
- Inclusive, flexible workplace —bring your whole self; work where you do your best thinking.