Senior Azure Cloud, Security & AI Operations Engineer

Job Description: • This is a remote position. • Senior Azure Cloud, Security & AI Operations Engineer • Employment type: Full-Time (Permanent) or Contract (40 hrs/week) • Location: Remote (U.S., Canada or Latin America preferred). • Platform & DevOps: Own and evolve Azure foundations: subscription strategy, landing zones, networking (VNets, Private Link, Firewall), identity (Entra ID), secrets (Key Vault/Managed HSM), and data services (e.g., Cosmos DB, MongoDB Atlas, Storage). • Design, implement, and harden CI/CD (GitHub Actions and/or Azure DevOps) for apps, infra, and policies; champion Infrastructure as Code (Terraform and/or Bicep). • Build golden images/base containers, artifact pipelines, and automated drift detection. • Security & Compliance (DevSecOps): Operate and automate threat detection/response (e.g., Microsoft Sentinel, Defender for Cloud) and container/dependency scanning (e.g., Snyk, Trivy). • Enforce least-privilege IAM, certificate rotation, and secrets hygiene across environments. • Map controls to frameworks (e.g., ISO 27001, SOC 2, NIST, HIPAA, GDPR, FedRAMP contexts) and produce practical evidence via policy-as-code and reporting for our clients and certification processes. • Reliability & Operations (SRE): Establish SLOs/SLIs, error budgets, and proactive capacity/perf management. • Stand up end-to-end observability (Azure Monitor, Log Analytics, Application Insights, etc.) and actionable alerting; reduce MTTR with auto-remediation. • Lead incident response, post-incident reviews, and systemic hardening. • AI-enabled automation: Use LLMs/code-gen to boost infra and ops workflows: pipeline scaffolding, policy generation, runbook creation, and knowledge capture. • Partner with our product/solutions teams to run AI workloads securely in production. • Client-facing impact: Work directly with enterprise client teams; translate requirements into secure, reliable designs; present trade-offs; guide adoption and handover. Requirements: • Senior-level experience operating and securing Azure at scale (multi-subscription/tenant patterns, landing zones, network isolation, identity, and data). • Deep hands-on with Terraform (or Bicep), GitHub Actions/Azure DevOps, containers, and modern artifact workflows. • Practical Security: SIEM/SOAR (Sentinel or similar), image/dependency scanning, vulnerability management, and policy-as-code. • Strong observability chops (Azure Monitor/Log Analytics/App Insights, OpenTelemetry) and an SRE mindset. • Clear communicator who’s comfortable with client interaction and crisp written docs. • ACS (Azure Container Service) production experience; ingress, service mesh, autoscaling, and node pool security. • Cross-cloud exposure (AWS/GCP), private connectivity (ExpressRoute), and hybrid/on-prem integrations. • Background in secure enterprise environments; audit evidence automation and compliance reporting. Benefits: • Challenging work with modern AI workloads and demanding enterprise environments. • Learning & sharing culture with dedicated time for deep dives, brown bags, and certs. • Inclusive, flexible workplace —bring your whole self; work where you do your best thinking. • Ownership & autonomy: You’ll make architecture decisions and see them through production. • Small team, big leverage: Low ceremony, high impact; we value judgment and momentum. • Security by design: Controls are built-in, not bolted on. • AI in the loop: We use AI where it creates real leverage—never as theater. Apply tot his job Apply To this Job