Azure Infra Support Engineer

Bridgenext is a digital consulting services leader that helps clients innovate with intention and realize their digital aspirations. This role is for a senior-level administrator with deep expertise in Microsoft Azure cloud infrastructure, focusing on maintaining a secure and compliant cloud environment for sensitive healthcare data.

Responsibilities:

• Cloud Security and Compliance
• Azure Defender for Cloud (Security Center) Manage, monitor, and configure the full capabilities of Azure Defender for Cloud (now part of Microsoft Defender for Cloud), including securing servers, databases, storage accounts, and Kubernetes clusters
• Compliance & Audit Implement, audit, and enforce Azure Policy and Azure Blueprints to ensure continuous compliance with healthcare regulations (HIPAA, HITECH, etc.) and organizational security standards
• Threat & Vulnerability Management Drive the vulnerability management program by leveraging the security posture management (CSPM) and threat detection (CWPP) features within Azure Defender for Cloud
• Incident Response Serve as the primary point of contact for security incidents related to Azure infrastructure, utilizing Microsoft Sentinel (or other SIEM) data integrated with Defender for Cloud alerts for rapid triage and containment
• Microsoft Entra ID (Identity & Access Management)
• Identity Management Design, deploy, and manage advanced features of Microsoft Entra ID (formerly Azure AD), including Conditional Access Policies, Privileged Identity Management (PIM) for Just-in-Time (JIT) access, and Identity Protection
• Federation & SSO Manage and troubleshoot identity federation (e.g., SAML, OAuth) for both cloud-native and SaaS applications
• Access Control Implement Azure Role-Based Access Control (RBAC) across management groups, subscriptions, and resource groups to enforce the principle of least privilege
• Infrastructure & Server Administration
• Azure Infrastructure Administer and optimize core Azure services including Virtual Machines (VMs), Virtual Networks (VNets), Network Security Groups (NSGs), Azure Firewalls, Azure Load Balancers/Application Gateways, and Azure Storage Accounts
• Microsoft Intune (Endpoint Management) Manage and support the mobile device management (MDM) and mobile application management (MAM) policies via Microsoft Intune to secure endpoints and mobile devices accessing protected health information (PHI)
• OS & Server Administration Maintain expert-level skills in Windows Server administration (patching, group policy, Active Directory, DNS/DHCP) in both Azure IaaS and traditional on-premises/hybrid environments
• Automation Utilize PowerShell, Azure CLI, and Infrastructure as Code (IaC) tools (e.g., Terraform, Bicep) to automate provisioning, configuration, and maintenance tasks

Requirements:

• Minimum 5-7 years of experience in IT administration, with at least 3 years focused on complex Microsoft Azure environments at a senior level
• Proven hands-on experience deploying and managing Azure Defender for Cloud (formerly Security Center), including configuring security policies, monitoring Secure Score, and managing regulatory compliance dashboards
• Expert knowledge of Microsoft Entra ID (Azure AD), specifically including Conditional Access, PIM, MFA deployment, and hybrid identity synchronization (Azure AD Connect)
• Strong experience with Microsoft Intune for device enrollment, configuration profiles, compliance policies, and application deployment
• Deep working knowledge of Windows Server OS and services (Active Directory, patching, hardening, and troubleshooting) in a production setting
• Demonstrated knowledge and understanding of HIPAA Security Rule and HITECH requirements as they apply to cloud infrastructure, data handling, and administrative controls
• Microsoft Certified Azure Administrator Associate (AZ-104)
• Microsoft Certified Azure Security Engineer Associate (AZ-500) - Highly Preferred
• Microsoft Certified Identity and Access Administrator Associate (SC-300)