DevOps Engineer

Description

The role will be responsible for provisioning and managing Azure resources using Infrastructure as Code (IaC) compliant with security standards and delivering releases by automating build and deployment processes and software configuration management related tasks, and will be responsible for supporting applications after release.

With a primary focus on Cyber Security and AI integration, this role leads security compliance efforts across cloud infrastructure and application code, including vulnerability management, Azure Guardrails enforcement, and the adoption of AI-driven tooling to improve security posture and operational efficiency.

This role works closely with both Software Development and IT Operations groups to ensure final releases meet organizational security standards and deploy successfully without negative impact on customers.

The Role

• Provision and manage cloud resources to be compliant with organizational security standards.
• Remediate non-compliances in security standards for new or existing cloud resources.
• Design, develop, maintain, and support high-quality in-house software builds for enterprise class software and systems.
• Design scripts to deploy software in an automated process.
• Manage and create configurations for internal customers responsible for scheduling and/or deployment to QA, Staging, and Production environments.
• Manage and create configuration items for non-Production environments to support Software Development Life Cycle for internal customers.
• Design and implement source code control management best practices.
• Develop and maintain internal release management processes.
• Create and maintain automated build/release scripts and plans.
• Work independently and within project teams to provide guidance and recommendations to business stakeholders and management for risk remediation.
• Communicate effectively with members of software development and other project-related groups to ensure processes and project objectives are met.
• Contribute to and review ongoing improvements in the implementation of standards, methods, and procedures for Software Configuration Management.
• Provide guidance as necessary to other team members in best practices, tool use, and software configuration management principles.
• Contribute to updating the product's knowledgebase and creating new documentation as needed.
• Provide after-hours support or team virtual calls when required, so a flexible time schedule is necessary at times.
• Own and drive Azure Guardrails compliance across all subscriptions, ensuring cloud resources meet defined security baselines at all times.
• Implement and maintain security controls within CI/CD pipelines
• Assist in implementing security policies and standards for Azure resources, including network security groups, role-based access control (RBAC), and identity governance.
• Collaborate with the Security team on audit readiness, including SOC 2 compliance activities, evidence collection, and control validation.
• Monitor and respond to security alerts from cloud-native and third-party tools, escalating critical findings in accordance with the incident response process.
• Enforce secrets management best practices using Azure Key Vault, including certificate rotation and access policy governance.
• Support infrastructure risk assessments and participate in security architecture reviews for new systems or major changes.
• Maintain up-to-date documentation of security configurations, remediation activities, and compliance status for audit and reporting purposes.
• Evaluate and integrate AI-powered tools to automate security scanning, vulnerability triage, and compliance reporting within DevOps workflows.
• Support the deployment and operational management of AI and machine learning workloads on Azure, including Azure OpenAI Service, AI Search, and Azure Machine Learning environments.
• Build and maintain infrastructure for AI/ML pipelines, ensuring secure data handling and environment parity across development, staging, and production, covering compute, networking, and storage configurations.
• Collaborate with application and data teams to define infrastructure requirements for AI workloads, including compute, networking, and storage configurations.
• Enforce access controls, audit logging, and data residency requirements for AI service deployments in compliance with organizational security standards.
• Support and execute on AI and automation initiatives within DevOps and security processes to reduce manual effort and improve detection and response times.
  
  

• Microsoft Azure cloud platform (Platform as a Service)
• Web and app services
• Storage accounts (Blobs and file storages)
• Azure SQL Database management and operation
• Azure Kubernetes Service (AKS) management and support (working experience and knowledge required)
• Working knowledge in Azure Networks (e.g., Application Gateway / Azure Front Door, Azure Web Application Firewall, Virtual Networks, Network peering, Network Security Groups)
• Azure Cloud resource provisioning through Infrastructure as Code (IaC) using Terraform for Azure
• Azure DevOps CI/CD (Build, Deployment, and IaC) pipeline provisioning using Classic pipelines but preferably using YAML scripting
• Experience with PowerShell or Azure CLI scripting
• Experience with Git version control and branching strategies
• Familiarity with principles of Continuous Integration and Continuous Delivery concepts (CI/CD)
• Experience with monitoring and logging tools (e.g., Azure Monitor, Application Insights, Log Analytics)
• Capability to support a software development team's timelines and targets
• Experience establishing standards and procedures and advocating best practices for security compliance
• Strong written and verbal communication skills
• Analytical, creative, adaptable, resourceful, innovative, and imaginative
• Strong problem-solving skills and ability to follow through to completion
• Customer focused and committed to best-in-class processes and procedures
• Strong team player and demonstrates the core values of the company
• Hands-on experience with cloud security tooling such as Microsoft Defender for Cloud, Wiz, or equivalent vulnerability and posture management platforms
• Working knowledge of Azure Policy and Guardrails enforcement for subscription-level compliance
• Practical understanding of identity and access management in Azure, including Managed Identity, Service Principal, RBAC, and Privileged Identity Management (PIM)
• Familiarity with security frameworks and compliance standards relevant to cloud environments (e.g. SOC 2)
• Experience with Azure Key Vault for secrets management, certificate lifecycle management, and access policy configuration
• Understanding of network security principles including firewall rules, private endpoints, and zero-trust architecture patterns in Azure