Alt Legal is a fast-growing SaaS-based legal technology company focused on making trademark professionals’ lives easier. They are seeking a Principal Cloud Infrastructure Engineer with deep experience in Microsoft Azure to take full ownership of their Azure environment, including architecture, security, reliability, and execution.
Responsibilities:
- Own Azure architecture across all environments (prod, staging, dev)
- Build, review & improve existing Terraform IaC
- Design and implement secure cloud landing zones (networking, IAM, governance)
- Design and drive infrastructure patterns for environment separation, multi-tenant, single-tenant, and regional deployments
- Continuously work on improvement of Identity & Access Management (RBAC, PIM, Conditional Access)
- Drive improvement of existing backup and disaster recovery capabilities (RTO/RPO), including testing and ensuring full environment rebuild from IaC
- Design and enforce network architecture (segmentation, private endpoints, firewall/WAF)
- Lead infrastructure-related incident response, root cause analysis and production support
- Improve logging, monitoring, and alerting architecture
- Implement security controls in infrastructure aligned with SOC 2 and ISO 27001 requirements
- Provide technical direction and quality control for remote Platform/DevOps engineers
- Document current architecture, identify gaps, and drive improvements
- Optimize cloud cost, performance, and reliability
- Establish runbooks and operational processes
Requirements:
- 7+ years in cloud infrastructure, SRE, or cloud security roles, with experience operating production systems
- 4+ years deep, hands-on Azure experience in production SaaS environments
- Experience operating at Staff-level scope, shaping infrastructure decisions and standards
- Strong Terraform/Bicep experience at production scale (module design, environment structure, governance)
- Proven experience designing cloud architecture, not just implementing existing designs
- Experience owning production systems, including uptime, reliability, and incident response
- Experience designing and executing disaster recovery strategies (RTO/RPO, restore procedures)
- Strong hands-on experience across Azure core platform components (App Services, networking, managed databases, IAM, storage, monitoring, and logging)
- Deep experience with Entra ID / Azure AD (RBAC, PIM, Conditional Access)
- Strong understanding of cloud networking and security (segmentation, private endpoints, firewall/WAF, zero trust)
- Experience designing or evolving infrastructure for multi-tenant SaaS platforms
- Experience designing or contributing to regional or multi-region architectures, including data residency considerations
- Experience in working with distributed or offshore engineering teams
- Experience mentoring team members or leading technical teams
- Strong written and verbal communication skills in English
- Legally authorized to work in the United States on a permanent basis without need for current or future employer-sponsored immigration support. This role is not eligible for visa sponsorship now or in the future
- Experience managing PostgreSQL or other cloud databases
- Familiarity with Cloudflare (WAF, Access, Zero Trust) (real plus)
- Experience defining or implementing single-tenant deployment models (real plus)
- Experience with Azure Defender for Cloud, Microsoft Sentinel, or similar cloud security tooling
- Familiarity with containerization (Docker, Kubernetes/AKS)
- Experience supporting SOC 2, ISO 27001, or similar frameworks (technical implementation)
- Azure certification (AZ-305, AZ-500)
- High ownership mindset with ability to operate independently, make decisions, and drive outcomes in a fast-moving environment