
Senior Azure Platform Engineer
Posted 6 days ago

Posted 6 days ago
This is a fully remote position, open to applicants in Latin America.
• Take charge of and manage our Azure production platform, ensuring secure and dependable application delivery across both Production and Non-Production environments.
• Develop and maintain enterprise Azure foundations, including Landing Zone, networking, and identity/governance.
• Manage production AKS and facilitate secure API ingress along with CI/CD release controls, ensuring robust observability and incident ownership.
• Create and sustain reusable, production-quality Infrastructure as Code (IaC) modules that encompass networking, security, AKS, APIM, Key Vault, monitoring, storage, and application services.
• Assist with hub-and-spoke architectures, environment segmentation, RBAC, Azure Policy, tagging standards, and governance controls across both Prod and Non-Prod.
• Design and troubleshoot VNets, subnets, NSGs, UDRs/route tables, Load Balancers, NAT Gateway, Private Endpoints, Private DNS, and secure traffic patterns for inbound and outbound.
• Implement secure API delivery and ingress using APIM, Application Gateway, Front Door, and WAF, which includes TLS, OAuth2/OIDC/JWT validation, rate limiting/throttling, IP filtering, and private backend connectivity.
• Support Azure Event Hubs (Kafka-compatible) for event-driven services, focusing on throughput planning, monitoring, partitions/consumer groups, and secure access methods.
• Develop multi-stage Azure DevOps YAML pipelines for Dev/QA/Staging/Prod environments, incorporating approvals, validation gates, deployment controls, and rollback strategies for both infrastructure and applications.
• Ensure reliability through the use of Azure Monitor, Log Analytics, Application Insights, and Container Insights; lead incident response and root cause analysis (RCA) with documented remediation and preventive measures.
• Collaborate with engineering teams on deployment strategies, pipeline integration, and operational best practices.
• 6+ years of experience in DevOps/Cloud/Platform/Infrastructure Engineering within the Azure environment, with practical production experience.
• Strong background in Azure Landing Zone principles: hub-and-spoke architecture, segmentation, governance, RBAC, Azure Policy, tagging, and private connectivity.
• Demonstrated proficiency with Bicep and pull request-based IaC workflows (validation/linting/scanning, controlled changes, drift detection).
• In-depth understanding of Azure networking components: VNets, NSGs, UDRs/route tables, Private Endpoints/DNS, Load Balancers, NAT Gateway, and secure outbound connectivity patterns.
• Hands-on experience operating AKS in production, including private clusters, upgrades, ingress, Helm, autoscaling, and troubleshooting with kubectl (logs/events/probes/DNS/network).
• Familiarity with APIM / App Gateway / Front Door / WAF and API security practices (TLS, OAuth2/OIDC, JWT validation, throttling/rate limiting, IP filtering).
• Experience with Azure DevOps YAML pipelines across various environments, including approvals/gates and rollback strategies.
• Solid understanding of security fundamentals: Entra ID RBAC, managed identities/workload identity, Key Vault, secret rotation, and certificate lifecycle management.
• Proficient in using Azure CLI, PowerShell, and/or Python for automation and operational tools.
• Bonus skills: Experience with Terraform, troubleshooting hybrid connectivity (VPN/ExpressRoute), Azure Firewall, DNS/routing, private service access, GitOps (Flux/ArgoCD), service mesh (Istio), Prometheus/Grafana. Azure certifications (e.g., AZ-400, AZ-305, AZ-104, AZ-500) and experience in FinOps/cost optimization.
• Over 20 days of paid time off.
Tango
Accenture Federal Services
Strategize it Inc.
Accela
Get handpicked remote jobs straight to your inbox weekly.