Job Role: Azure Cloud Engineer
Location: Gainesville, GA 30501(Hybrid)
Duration: 3 Months Contract-to-Hire
Pay: $60-70/hr. ($120K - $130K/yr.)
Job Description:
The Azure Cloud Engineer is responsible for the design, implementation, configuration, monitoring, and ongoing support of cloud workloads running in Microsoft Azure. This role focuses on building secure, reliable, and well-architected solutions using modern Azure services including Azure Container Apps, App Service, Vnets, virtual machines, storage, and serverless platforms — and integrating them with on‑premises systems via private connectivity.
The Azure Cloud Engineer partners closely with application, DevOps, and security teams to deliver new cloud workloads, harden existing ones, conduct security assessments, and continuously improve the client’s cloud posture. This position reports directly to the Manager, Network & Security.
Responsibilities
Azure Workload Design & Implementation
- Design, deploy, and maintain Azure workloads using modern platform services including Azure Container Apps, App Service, Azure Kubernetes Service, Virtual Machines, Azure Functions, and Azure SQL.
- Implement workloads following Microsoft's Cloud Adoption Framework and Well-Architected Framework principles (reliability, security, cost, operational excellence, performance).
- Build and maintain infrastructure-as-code using Bicep or Terraform; manage deployments through GitHub Actions or Azure DevOps pipelines.
- Containerize applications, build images, and operate registries in Azure Container Registry.
- Partner with application and DevOps teams to onboard new workloads and modernize existing applications.
Cloud Networking & Connectivity
- Design and implement Azure networking components including Virtual Networks, subnets, Network Security Groups, route tables, and hub-and-spoke topologies.
- Implement and manage private endpoints, Private Link services, and private DNS zones to keep traffic off the public internet.
- Support hybrid connectivity through ExpressRoute and site-to-site VPN, integrating Azure environments with on‑premises VMware and Cisco infrastructure.
- Configure and troubleshoot Azure Front Door, Application Gateway, Web Application Firewall, and API Management as required by workload designs.
Identity, Access & Governance
- Administer Microsoft Entra ID, including users, groups, application registrations, service principals, and managed identities.
- Implement role-based access control (RBAC), Privileged Identity Management (PIM), and Conditional Access policies aligned with least-privilege principles.
- Maintain Azure Policy, management group hierarchy, and landing zone governance baselines.
- Apply consistent tagging, naming, and resource organization standards across subscriptions.
Security & Assessments
- Conduct and respond to cloud security assessments using Microsoft Defender for Cloud, Microsoft Secure Score, and third-party scanning tools.
- Remediate findings from vulnerability scans, penetration tests, and configuration reviews against agreed SLAs.
- Implement security baselines and hardening guidelines for Azure workloads, containers, and supporting services.
- Manage secrets, certificates, and keys in Azure Key Vault; rotate credentials and eliminate hard-coded secrets in pipelines.
- Review security alerts and logs, escalate suspicious activity, and partner with the security team on incident response for cloud-hosted resources.
Monitoring, Operations & Continuous Improvement
- Implement and maintain monitoring, logging, and alerting using Azure Monitor, Log Analytics, Application Insights, and Microsoft Sentinel.
- Build dashboards and runbooks for workload health, capacity, and cost.
- Track and optimize Azure consumption — right-sizing, reservations, and waste reduction.
- Participate in on-call rotation and assist in resolving Sev 1/2 incidents affecting cloud workloads.
- Document architectures, runbooks, and operational procedures.
Team & Project Support
- Partner with DevOps, application, and network engineers on infrastructure projects, migrations, and platform upgrades.
- Coordinate with Microsoft and third-party vendors for support cases, architecture reviews, and remediation activities.
- Research and evaluate emerging Azure services and recommend adoption where they fit the client’s roadmap.
