Job Description – Senior Cloud Engineer (Azure)
Role: Senior Cloud Engineer (Azure)
Experience: 7+ Years
Work Mode: Remote (Initial 1 week in Nashik)
Budget: ₹1.7 Lakh per Month (LPM)
About the Role
We are hiring a Senior Cloud Engineer (Azure) to design, deliver, and operate the Azure platform for a multi-tenant SaaS product. The ideal candidate will own the landing zone, networking, identity, data platform, event-driven architecture, and CI/CD processes that take applications from development to production securely, reliably, and at scale.
You will also design secure authentication solutions that allow workloads to communicate with third-party tools and partner APIs without long-lived secrets.
Key Responsibilities
- Design and manage Azure Kubernetes Service (AKS) clusters with workload identity, private endpoints, NSGs, Helm, Ingress, KEDA-based scaling, and image scanning.
- Configure Azure API Management (APIM), including products, subscriptions, JWT validation, rate limiting, policy fragments, and mTLS.
- Deploy and manage Azure Front Door with WAF, custom domains, TLS, routing rules, and health probes.
- Build event-driven architectures using Azure Service Bus, Event Grid, and Event Hubs with retry, replay, and dead-letter handling.
- Deploy and optimize Azure SQL, Azure Cache for Redis, Cosmos DB, and Azure AI Search.
- Develop and maintain Azure Functions (.NET 8/C#) with dependency injection, asynchronous processing, and OpenTelemetry integration.
- Build and maintain CI/CD pipelines using Azure DevOps or GitHub Actions with multi-environment deployments and approval workflows.
- Implement Infrastructure as Code (IaC) using Bicep (preferred) or Terraform.
- Build secure identity solutions using Microsoft Entra ID, OAuth 2.0, OIDC, PKCE, managed identities, and federated identity credentials.
- Design secure outbound authentication using Azure Key Vault, managed identities, and token-based authentication.
- Implement monitoring and observability using Application Insights, Azure Managed Prometheus, Azure Data Explorer, Grafana, and alerting.
- Optimize Azure cloud costs through FinOps strategies, budgeting, right-sizing, and reserved/spot instances.
- Participate in production support, on-call rotations, incident response, and disaster recovery planning.
Required Skills & Experience
- 7+ years of overall Cloud Engineering experience.
- Minimum 5+ years of hands-on Microsoft Azure experience.
- Strong experience with Azure Kubernetes Service (AKS).
- Expertise in Azure API Management (APIM) and Azure Front Door.
- Hands-on experience with Azure Service Bus, Event Grid, and Event Hubs.
- Experience with Azure DevOps Pipelines or GitHub Actions.
- Strong Infrastructure as Code experience using Bicep or Terraform.
- Experience developing Azure Functions using .NET 8/C#.
- Strong Kubernetes knowledge including Helm, NGINX/AGIC Ingress, KEDA, CSI, and Key Vault integration.
- Experience with Microsoft Entra ID, OAuth 2.0, OIDC, PKCE, and Conditional Access.
- Knowledge of Azure networking including NSGs, Private Endpoints, WAF, TLS/mTLS, and Azure Key Vault.
- Experience managing Azure SQL, Redis Cache, Cosmos DB, and AI Search.
- Strong understanding of Application Insights, OpenTelemetry, Prometheus, Grafana, and cloud monitoring.
Nice to Have
- Multi-tenant Azure architecture experience.
- Azure OpenAI, Azure AI Search, or Azure AI Foundry deployments.
- SOC 2, ISO 27001, or similar compliance experience.
- Disaster Recovery (DR) and Multi-region Active-Active deployments.
- FinOps, cost optimization, tagging strategies, and budget management.
Preferred Work Style
- Infrastructure as Code (IaC) first approach.
- Automated security and policy checks within CI/CD pipelines.
- Secure secret management using Azure Key Vault with managed identities.
- Strong focus on cloud security, automation, scalability, and operational excellence.