Job Description:
• Own Azure architecture across all environments (prod, staging, dev).
• Build, review & improve existing Terraform IaC.
• Design and implement secure cloud landing zones (networking, IAM, governance).
• Design and drive infrastructure patterns for environment separation, multi-tenant, single-tenant, and regional deployments.
• Continuously work on improvement of Identity & Access Management (RBAC, PIM, Conditional Access).
• Drive improvement of existing backup and disaster recovery capabilities (RTO/RPO), including testing and ensuring full environment rebuild from IaC.
• Design and enforce network architecture (segmentation, private endpoints, firewall/WAF).
• Lead infrastructure-related incident response, root cause analysis, and production support.
• Improve logging, monitoring, and alerting architecture.
• Implement security controls in infrastructure aligned with SOC 2 and ISO 27001 requirements.
• Provide technical direction and quality control for remote Platform/DevOps engineers.
• Document current architecture, identify gaps, and drive improvements.
• Optimize cloud cost, performance, and reliability.
• Establish runbooks and operational processes.
Requirements:
• 7+ years in cloud infrastructure, SRE, or cloud security roles, with experience operating production systems.
• 4+ years deep, hands-on Azure experience in production SaaS environments.
• Experience operating at Staff-level scope, shaping infrastructure decisions and standards.
• Strong Terraform/Bicep experience at production scale (module design, environment structure, governance).
• Proven experience designing cloud architecture, not just implementing existing designs.
• Experience owning production systems, including uptime, reliability, and incident response.
• Experience designing and executing disaster recovery strategies (RTO/RPO, restore procedures).
• Strong hands-on experience across Azure core platform components (App Services, networking, managed databases, IAM, storage, monitoring, and logging).
• Deep experience with Entra ID / Azure AD (RBAC, PIM, Conditional Access).
• Strong understanding of cloud networking and security (segmentation, private endpoints, firewall/WAF, zero trust).
• Experience designing or evolving infrastructure for multi-tenant SaaS platforms.
• Experience designing or contributing to regional or multi-region architectures, including data residency considerations.
• Experience in working with distributed or offshore engineering teams.
• Strong written and verbal communication skills in English.
• Legally authorized to work in the United States on a permanent basis without need for current or future employer-sponsored immigration support.
Benefits:
• Flexible vacation
• Remote work options
• Opportunity to determine your own growth path
Apply tot his job
Apply To this Job