Own and evolve Azure foundations: subscription strategy, landing zones, networking (VNets, Private Link, Firewall), identity (Entra ID), secrets (Key Vault/Managed HSM), and data services (e.g., Cosmos DB, MongoDB Atlas, Storage).
Design, implement, and harden CI/CD (GitHub Actions and/or Azure DevOps) for apps, infra, and policies; champion Infrastructure as Code (Terraform and/or Bicep).
Build golden images/base containers, artifact pipelines, and automated drift detection.
Operate and automate threat detection/response (e.g., Microsoft Sentinel, Defender for Cloud) and container/dependency scanning (e.g., Snyk, Trivy).
Enforce least-privilege IAM, certificate rotation, and secrets hygiene across environments.
Map controls to frameworks (e.g., ISO 27001, SOC 2, NIST, HIPAA, GDPR, FedRAMP contexts) and produce practical evidence via policy-as-code and reporting for our clients and certification processes.
Establish SLOs/SLIs, error budgets, and proactive capacity/perf management.
Stand up end-to-end observability (e.g., Azure Monitor, Log Analytics, Application Insights, etc.) and actionable alerting; reduce MTTR with auto-remediation.
Lead incident response, post-incident reviews, and systemic hardening.
Use LLMs/code-gen to boost infra and ops workflows: pipeline scaffolding, policy generation, runbook creation, and knowledge capture.
Partner with our product/solutions teams to run AI workloads securely in production.
Work directly with enterprise client teams; translate requirements into secure, reliable designs; present trade-offs; guide adoption and handover.
Requirements
Senior-level experience operating and securing Azure at scale (multi-subscription/tenant patterns, landing zones, network isolation, identity, and data).
Deep hands-on with Terraform (or Bicep), GitHub Actions/Azure DevOps, containers, and modern artifact workflows.
Practical Security: SIEM/SOAR (Sentinel or similar), image/dependency scanning, vulnerability management, and policy-as-code.
Strong observability chops (Azure Monitor/Log Analytics/App Insights, OpenTelemetry) and an SRE mindset.
Clear communicator who’s comfortable with client interaction and crisp written docs.
Azure Container Registry (ACR) including scaling, ingress, networking, and security.
GitHub Actions pipelines, workflows, and deployments.
Core Stack Experience & Summary: o Infra as Code: Terraform o Cloud & Containers: ACA, ACR, Key Vault, Storage, Cosmos DB, Monitor, App Insights, Application Gateway, Private Endpoints, Bastion o Databases: MongoDB Atlas, Cosmos DB, MeiliSearch, Vector Search o AI/ML: Azure OpenAI (GPT-4.1), LibreChat RAG pipelines, MeiliSearch, multi-cloud AI providers (OpenAI, Google Gemini, Cohere) o CI/CD & DevOps: GitHub + GitHub Actions, Terraform automation, Docker workflows o Security & Identity: Azure AD/Entra ID, OIDC/JWT, Defender/Sentinel, Key Vault, policy-as-code o Observability: Azure Monitor, Log Analytics, Application Insights
Tech Stack
Azure
Cloud
Docker
MongoDB
Terraform
Vault
Benefits
Challenging work with modern AI workloads and demanding enterprise environments.
Learning & sharing culture with deep dives, brown bags, and support for certifications/publication.
Inclusive, flexible workplace —bring your whole self; work where you do your best thinking.