Cloud Engineer
Idaho, United States of America
Full Time
1 hour ago
No Visa Sponsorship
Key skills
AzureCloudDNSFirewallsITSMPythonSQLTerraformUnityVaultPowerShellAIArtificial IntelligenceMachine LearningMLGenerative AIOpenAIMLflowData EngineeringData LakeAnalyticsDatabricksAKSAzure FunctionsAzure DevOpsAzure SQLAzure MonitorEntra IDActive DirectoryIdentity ManagementSSOGitOpsLoad BalancingJiraChange ManagementNetwork SecurityCloud SecurityZero TrustFirewall
About this role
Role Overview
- Architect and deploy solutions using core Azure services, including Azure App Services, AKS, Azure SQL, Storage Accounts, Application Gateway, Azure Front Door, and Load Balancers
- Design and deploy scalable, secure solutions using core Azure services including App Services, AKS, Azure SQL, Storage Accounts, Application Gateway, Azure Front Door, Load Balancers, and related PaaS/IaaS components
- Design, implement, and support cloud infrastructure and networking services that enable Azure Data Lake Storage Gen2, Azure Databricks, analytics platforms, and AI workloads
- Collaborate with Data Engineering and DevOps teams to establish secure, scalable, and automated cloud foundations for lakehouse architectures, data pipelines, and enterprise analytics platforms
- Implement private networking, identity management, access controls, encryption, monitoring, and governance controls supporting Azure Databricks, Data Lake Storage, and related analytics services
- Support cloud infrastructure and platform services utilized for machine learning, generative AI, intelligent automation, analytics, and data science workloads
- Assist with deployment, configuration, monitoring, and operational support of Azure AI and analytics services including Azure Databricks, Azure Machine Learning, Azure OpenAI, Cognitive Services, and related cloud-native technologies
- Support implementation of cloud networking, security, identity, governance, and compliance controls required for AI, analytics, and machine learning environments
- Collaborate with Data Engineering, DevOps, and Software Engineering teams to support AI platform infrastructure, model deployment environments, analytics platforms, and automation solutions
- Monitor performance, utilization, security posture, and operational health of cloud infrastructure supporting AI and advanced analytics workloads
- Add to Experience
- Support deployment and operation of Azure Databricks workspaces, Unity Catalog integrations, managed identities, private endpoints, and secure service connectivity across cloud environments
- Partner with Data Engineering teams to optimize cloud infrastructure supporting data ingestion, transformation, storage, analytics, and machine learning workloads
- Automate infrastructure provisioning with reusable, version-controlled modules using Terraform, Bicep, and ARM templates, with standardized reusable modules and GitOps practices using Azure DevOps Pipelines
- Design scalable Virtual Network (VNet) architectures, including VNet peering, Private Endpoints, Service Endpoints, User Defined Routes (UDRs), Network Security Groups (NSGs), Azure Firewall, and ExpressRoute/VPN Gateway integrations
- Manage hybrid workloads, supporting both Azure-native and lift-and-shift workloads across IaaS and PaaS resources
- Develop and maintain infrastructure automation scripts using Azure CLI, PowerShell, and Python
- Implement and enforce tagging policies, naming standards, resource locks, and subscription-level policies using Azure Policy and Management Groups
- Configure and monitor autoscaling, high availability, zone redundancy, and backup/restore for critical services across production and non-production environments
- Develop automation tooling using Azure CLI, PowerShell, and Python to streamline provisioning, governance, and operational workflows
- Implement governance frameworks using Azure Policy, Management Groups, resource locks, tagging policies, and naming conventions for enterprise-scale environments
- Configure high availability and performance features, including autoscaling, zone redundancy, backup and disaster recovery across all critical environments
- Lead cost management efforts through Azure Cost Management, budget tracking, right-sizing recommendations, Reserved Instances, and cost anomaly detection
- Serve as Tier 2 escalation for complex infrastructure incidents and requests, working closely with operations and support teams
- Adopt ITSM best practices, contributing to incident, problem, and change management workflows using Jira Service Management or equivalent tools
- Drive cost optimization using Azure Cost Management, budgets, recommendations, and Reserved Instance planning
- Act as a Tier 2 escalation point for cloud infrastructure and platform-related incidents and service requests
- Manage cloud identity and access using Microsoft Entra ID (formerly Azure Active Directory), including configuration of user roles, enterprise applications, and secure authentication policies
- Implement secure external identity integrations using Entra B2B (guest access) and Entra B2C (customer identity), including custom policies, user flows, and application federation
- Administer Microsoft Intune for mobile device management (MDM) and mobile application management (MAM), enforcing compliance policies, conditional access, and device posture assessments
- Leverage ITSM best practices to support incident, change, and problem management processes
- Collaborate with IT and DevOps teams via Jira Service Management and ticketing systems to track work, escalate issues, and drive resolution
- Assist in root cause analysis, change approvals, and cross-functional resolution of infrastructure-related production issues
- Maintain knowledge base documentation, FAQs, and standard operating procedures for service desk support alignment
- Set up and tune observability tools including Azure Monitor, Log Analytics, Application Insights, Network Watcher, and Connection Monitor
- Develop Kusto Query Language (KQL) dashboards for operational visibility and alerting
- Support incident response and RCA using Activity Logs, Diagnostics Settings, and Change Analysis
- Implement secure identity and access management using Azure Active Directory, RBAC, Privileged Identity Management (PIM), Conditional Access, and Managed Identities
- Secure secrets and certificates using Azure Key Vault with access policies and key rotation
- Support SSO and OAuth2/OpenID Connect configurations for internal and external applications registered in Entra ID, managing permissions, scopes, and consent frameworks
- Configure Microsoft Defender for Cloud, Azure Security Center, Just-in-Time VM Access, and Sentinel integrations for threat detection and response
- Apply best practices aligned to the Azure Security Benchmark and Well-Architected Framework
- Ensure infrastructure compliance for regulatory standards such as HIPAA, SOC 2, and ISO 27001, and maintain an audit-readiness posture
- Participate in, adhere to and support compliance, people and culture, and learning programs
- Perform other duties as assigned.
Requirements
- Bachelor’s degree or equivalent work experience required
- 5+ years of experience in cloud infrastructure, systems engineering, or SRE roles focused on Azure required
- Deep experience with Azure resource design, automation, and deployment strategies using Terraform, Bicep, and/or ARM required
- Proficient in scripting with PowerShell, Azure CLI, or Python for automation and diagnostics
- Strong understanding of Azure networking, firewalls, DNS, load balancing, and hybrid connectivity solutions required
- Experience supporting Azure Data Lake Storage Gen2, Azure Databricks, lake house architectures, and enterprise analytics platforms preferred
- Familiarity with data platform security, data governance controls, Unity Catalog, private connectivity patterns, and cloud-native analytics architectures preferred
- Familiarity with cloud infrastructure supporting machine learning, artificial intelligence, analytics, or data science workloads preferred
- Exposure to Azure Machine Learning, Azure OpenAI, Cognitive Services, Databricks ML, MLflow, or similar AI and analytics platforms preferred
- Understanding of cloud security, governance, networking, and operational considerations supporting AI and machine learning environments preferred
- Hands-on experience with Azure-native observability tools and ability to craft KQL-based dashboards and alerts required
- Solid grasp of RBAC, identity federation, Key Vault, and platform security controls required
- Familiarity with governance structures including Management Groups, Blueprints, and Policy Definitions required
- Experience supporting AKS, Azure Functions, or containerized workloads in production preferred
- Familiarity with DevSecOps pipelines using Azure DevOps, integrating security, compliance, and testing stages preferred
- Experience with Zero Trust architecture, Microsoft Entra, and Conditional Access Policies preferred.
Tech Stack
- Azure
- Cloud
- DNS
- Firewalls
- ITSM
- Python
- SQL
- Terraform
- Unity
- Vault
Benefits
- Top of the industry benefits for Health, Dental, and Vision insurance
- 20 days paid time off
- 4 weeks paid parental leave
- 9 paid holidays
- 401K company match of up to 5%
- No vesting requirement
- Adoption Assistance Program
- Flexible Spending Account
- Educational Assistance Plan and Professional Membership assistance
- Referral Bonus Program – up to $750!