Azure Cloud Engineer Job Listing at SPA in Alexandria, VA (Job ID 2025-19589)

Description

Qualifications

Required Qualifications:

Experience:

• 5+ years of experience in cloud engineering, with 3+ years focused on Azure.
• Proven track record of implementing and managing multi-subscription Azure environments aligned with Azure Landing Zone principles.
• Hands-on experience with hybrid and B2B connectivity in enterprise environments.

Technical Skills:

• Proficiency in Azure services: Azure AD, Virtual Networks, Azure Firewall, ExpressRoute, VPN Gateway, and Private Link.
• Strong understanding of governance tools such as Azure Policy, Blueprints, and management groups.
• Knowledge of security tools, including Microsoft Defender for Cloud, Key Vault, and Azure Sentinel.

Compliance Knowledge:

• Familiarity with regulatory frameworks such as NIST SP 800-53, CMMC, FedRAMP, and ISO 27001.
• Experience implementing compliance controls in cloud environments.

Soft Skills:

• Strong problem-solving and troubleshooting skills.
• Effective communication skills to collaborate with technical and non-technical teams.
• Ability to manage multiple priorities in a dynamic environment.

Desired Qualifications: 

• Experience with Mission Landing Zone (MLZ) principles and cross-domain solutions (CDS).
• Certifications such as Microsoft Certified: Azure Administrator Associate, Azure Solutions Architect Expert, or equivalent.
• Knowledge of CI/CD pipeline integration and DevSecOps practices.
• Familiarity with multi-cloud or hybrid cloud architectures.

1. Cloud Infrastructure Design and Management

• Design, implement, and manage scalable Azure cloud infrastructure, including networking, computing, and storage resources.
• Configure and maintain hub-and-spoke architectures with Azure Virtual Networks, VPN Gateway, ExpressRoute, and Azure Firewall.
• Optimize and secure Azure environments following Azure Landing Zone (ALZ) and SCCA guidelines.

1. B2B and Enterprise Interconnectivity

• Enable secure B2B integrations using Azure AD B2B, Guest Access, and Conditional Access Policies.
• Manage identity federation and access control between Azure AD tenants and external identity providers.
• Configure hybrid connectivity solutions using Azure ExpressRoute, VPN Gateway, and Private Link to integrate on-premises and cloud environments.

1. Security and Compliance

• Implement security measures across the Azure environment, including Microsoft Defender for Cloud, Network Security Groups (NSGs), and Key Vault.
• Ensure compliance with frameworks like NIST SP 800-53, CMMC, and FedRAMP by leveraging Azure Policy and Blueprints.
• Perform regular security assessments and compliance audits, addressing vulnerabilities and risks proactively.

1. Automation and Infrastructure as Code (IaC)

• Develop and maintain Infrastructure as Code (IaC) solutions using Terraform, ARM templates, or Bicep for resource provisioning and automation.
• Automate routine tasks, such as resource monitoring, configuration management, and patching.
• Integrate IaC workflows into CI/CD pipelines to support DevSecOps practices.

1. Monitoring and Optimization

• Set up and maintain monitoring tools, such as Azure Monitor, Log Analytics, and Network Watcher, to track performance and detect anomalies.
• Analyze resource utilization and recommend cost optimization strategies.
• Troubleshoot and resolve issues related to cloud infrastructure, ensuring high availability and performance.

1. Collaboration and Support

• Work closely with cloud architects, DevOps, and cybersecurity teams to ensure infrastructure alignment with organizational goals.
• Provide technical support and guidance to application teams for deploying workloads in the cloud.
• Create and maintain detailed documentation for infrastructure configurations, processes, and troubleshooting procedures.