Role Summary
The Senior Azure Infrastructure Specialist is responsible for designing, deploying, managing, and optimizing cloud infrastructure solutions on Microsoft Azure. This role serves as a subject matter expert (SME) in Azure services and works closely with development, security, and operations teams to ensure a scalable, secure, and highly available cloud environment aligned with business objectives.
Key Responsibilities
1. Infrastructure Design & Architecture
• Design and implement scalable, secure, and resilient Azure infrastructure solutions.
• Architect VNets, subnets, NSGs, route tables, VPN gateways, and ExpressRoute connections.
• Design hub-and-spoke or mesh network topologies across regions.
• Evaluate and recommend Azure services (IaaS, PaaS, SaaS) based on business requirements.
• Create and maintain architecture diagrams and infrastructure documentation.
2. Cloud Deployment & Automation
• Deploy and manage infrastructure using IaC tools — ARM Templates, Bicep, and Terraform.
• Build and maintain CI/CD pipelines using Azure DevOps for infrastructure deployments.
• Automate operational tasks using Azure CLI, PowerShell, and Python scripts.
• Manage infrastructure-as-code repositories and enforce code review standards.
3. Identity, Security & Compliance
• Configure and manage Azure Active Directory (Entra ID), RBAC, and Conditional Access policies.
• Implement and manage Managed Identities, Service Principals, and Key Vault secrets.
• Apply Azure Security Center, Defender for Cloud, and Azure Policy to enforce compliance standards.
• Conduct regular security assessments, patching, and vulnerability remediation.
• Ensure compliance with frameworks such as ISO 27001, SOC 2, HIPAA, or CIS Benchmarks as applicable.
4. Networking
• Design and manage Azure Virtual Networks, peering, private endpoints, and DNS configurations.
• Configure and manage Azure Application Gateway, Azure Load Balancer, and Azure Front Door.
• Implement network security using NSGs, Azure Firewall, and DDoS Protection.
• Manage hybrid connectivity via VPN Gateway and ExpressRoute.
5. Monitoring, Observability & Cost Management
• Set up and maintain Azure Monitor, Log Analytics workspaces, and Application Insights.
• Create alerts, dashboards, and runbooks for proactive incident detection and response.
• Optimize cloud costs using Azure Cost Management, Reserved Instances, and right-sizing.
• Generate regular cost and performance reports for leadership and stakeholders.
6. High Availability & Disaster Recovery
• Design and implement HA architectures using Availability Zones and Availability Sets.
• Configure Azure Site Recovery (ASR), Azure Backup, and geo-redundant storage.
• Define and test RPO/RTO objectives and DR runbooks.
• Lead periodic DR drills and document outcomes with remediation actions.
7. Collaboration & Stakeholder Management
• Collaborate with development teams on application infrastructure requirements.
• Provide technical guidance and mentoring to junior and mid-level engineers.
• Participate in architecture review boards and technical design discussions.
• Communicate infrastructure risks, capacity plans, and project statuses to management.
• Work with vendors and Microsoft support on escalations and enterprise agreements.
Required Skills & Qualifications
Technical Skills
• Deep expertise in core Azure services: Compute (VMs, VMSS, AKS), Networking, Storage, Identity.
• Hands-on experience with IaC tools: Terraform, Bicep, or ARM Templates.
• Proficiency in Azure DevOps pipelines, Git, and CI/CD practices.
• Strong scripting skills: PowerShell, Azure CLI, and/or Python.
• Experience with containerization: Docker, Azure Kubernetes Service (AKS).
• Solid understanding of Azure networking: VNet, NSG, DNS, Private Endpoints, ExpressRoute.
• Familiarity with Azure security tools: Defender for Cloud, Key Vault, Entra ID, PIM.
• Experience with monitoring stacks: Azure Monitor, Log Analytics, Grafana, or equivalent.
Soft Skills
• Strong analytical and problem-solving skills with ability to work under pressure.
• Excellent verbal and written communication skills for technical and non-technical audiences.
• Ability to manage multiple priorities, projects, and stakeholders simultaneously.
• Team player with a collaborative approach and willingness to mentor others.
• Self-driven with a continuous learning mindset and adaptability to new technologies.
Preferred Certifications
• Microsoft Certified: Azure Administrator Associate (AZ-104) — Required
• Microsoft Certified: Azure Solutions Architect Expert (AZ-305) — Strongly Preferred
• Microsoft Certified: Azure DevOps Engineer Expert (AZ-400) — Preferred
• Microsoft Certified: Azure Security Engineer Associate (AZ-500) — Preferred
• HashiCorp Certified: Terraform Associate — Nice to Have
• Kubernetes (CKA/CKAD) — Nice to Have
Key Performance Indicators (KPIs)
Infrastructure Uptime >= 99.9% SLA
Deployment Success Rate >= 98% (IaC deployments)
Mean Time to Recovery (MTTR) < 2 hours for P1 incidents
Cost Optimization Savings >= 15% YoY reduction
Security Compliance Score >= 90% in Defender for Cloud
DR Test Success Rate 100% of scheduled DR drills passed
Documentation Coverage 100% of infra components documented
BALANCED+ is an advanced and fast-growing IT consulting firm.
We’re seeking talented, motivated, and creative individuals to join our excellent team.
