Browse
···
Log in / Register
Summary: Join as a Senior Cloud Engineer to build and operationalize an Azure cloud platform, focusing on foundational organizational structure, infrastructure, and FedRAMP/FISMA compliance. Highlights: 1. Design and implement Azure organizational hierarchy and landing zones. 2. Configure Azure identity and access management for secure operations. 3. Author and maintain infrastructure as Terraform modules using GitOps. We are looking for a **Senior Cloud Engineer** to join our team. As a Cloud Engineer you will help us build and operationalize our Azure cloud platform, standing up the foundational organizational structure and infrastructure needed to support client's products on Azure. You will design and implement Azure landing zones, identity and access management, networking, and managed services \- all built with Infrastructure as Code and aligned to FedRAMP/FISMA compliance requirements. **Responsibilities** * Design and implement the Azure organizational hierarchy, including management groups, subscriptions, and resource groups, following enterprise landing zone patterns * Configure Azure identity and access management using Entra ID, RBAC role assignments, Privileged Identity Management (PIM), conditional access policies, and break\-glass accounts * Deploy security and compliance tooling, including Microsoft Defender for Cloud, Azure Policy, and Microsoft Sentinel, to ensure robust logging and monitoring * Conduct FedRAMP/FISMA compliance gap analysis across the Azure environment and implement the necessary controls to close identified gaps * Design and build Azure networking infrastructure, including VNets, subnets, NSGs, NAT Gateways, route tables, and hub\-spoke or mesh topologies * Implement private connectivity patterns using Private Endpoints and Private DNS Zones for Azure managed services * Provision and configure Azure managed resources such as Blob Storage accounts, Azure Database for PostgreSQL, Azure Container Registry, Azure Machine Learning Compute, and Log Analytics workspaces * Set up User\-Assigned Managed Identities (UAMI) and configure least\-privilege role assignments for secure workload authentication * Author and maintain all infrastructure as Terraform modules, following GitOps workflows for change management and deployment * Collaborate with product engineering and Security teams to translate application requirements into secure and compliant Azure infrastructure **Requirements** * Bachelor's or Master's degree in Computer Science or a related technical discipline, with proven experience in Azure cloud platform engineering, administration, or architecture * At least 3 years of relevant commercial experience in a cloud engineering role * Hands\-on experience managing cloud infrastructure through Infrastructure as Code using Terraform * Practical experience designing and implementing Azure networking solutions, including VNets, NSGs, Private Endpoints, and Private DNS Zones * Strong background in Azure identity and access management, including Entra ID, RBAC, and managed identities * Proficiency in scripting and automation using Python, Shell, or Go * Excellent oral and written communication skills in English (B2\+ level or higher) **Nice to have** * Experience working with FedRAMP, FISMA, or equivalent federal compliance frameworks in a cloud environment * Azure certifications such as AZ\-104 (Azure Administrator), AZ\-500 (Azure Security Engineer), or AZ\-305 (Azure Solutions Architect) * Hands\-on experience with Azure managed data services, including Azure Database for PostgreSQL, Blob Storage, and Azure Container Registry * Practical experience with Kubernetes and Azure Kubernetes Service (AKS) for container orchestration * Hands\-on experience with Azure security tooling, including Microsoft Defender for Cloud, Azure Policy, and Microsoft Sentinel * Experience with GitOps and CI/CD pipelines using GitHub Actions, Argo CD, or similar tools * Strong written and verbal communication skills, with the ability to author clear and detailed technical documentation **We offer** * International projects with top brands * Work with global teams of highly skilled, diverse peers * Healthcare benefits * Employee financial programs * Paid time off and sick leave * Upskilling, reskilling and certification courses * Unlimited access to the LinkedIn Learning library and 22,000\+ courses * Global career opportunities * Volunteer and community involvement opportunities * EPAM Employee Groups * Award\-winning culture recognized by Glassdoor, Newsweek and LinkedIn *EPAM is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, sexual orientation, gender identity or expression, disability, protected veteran status, or any other characteristic protected by applicable law.*
