Cloud Infrastructure Engineer III at AF Group in Sacramento, California

Posted in Other about 2 hours ago.





Job Description:

This individual will primarily focus on implementing Azure-based cloud solutions, using Infrastructure-as-Code (IaC) tools like Terraform, while also serving as an escalation point for troubleshooting and resolving complex infrastructure-related issues. The ideal candidate will have deep expertise in Azure cloud networking, virtualization, DevOps practices, and Identity and Access Management (IAM). You will work closely with DevOps teams to implement Terraform modules for Azure, assist in cloud migrations to Azure, and manage Role-Based Access Control (RBAC) to secure Azure resources. This role provides an opportunity to play a critical part in building scalable, secure, and automated cloud solutions on Microsoft Azure.




RESPONSIBILITIES




Cloud Infrastructure Implementation:


  • Design, deploy, and manage infrastructure on Azure, focusing on scalability, security, and automation.
  • Use Terraform and other Infrastructure-as-Code (IaC) tools to implement and manage Azure cloud resources, ensuring modularity, reusability, and ease of consumption by other teams.
  • Assist in cloud migration projects from on-premises and other cloud platforms to Microsoft Azure.
  • Collaborate with DevOps teams to develop and maintain Terraform modules that can be used by development teams for Azure resource provisioning.


Cloud Networking & Platform Services:


  • Implement and manage Azure networking solutions, including Virtual Networks, ExpressRoute, VPN Gateways, and network security.
  • Work with Azure's Platform-as-a-Service (PaaS) offerings, including Azure SQL, Azure Files, Azure Functions, Azure Logic Apps, and Azure Data Factory.
  • Configure and manage Virtual Machines (VMs), scaling, and performance optimization within Azure


Access Management and Security:


  • Implement Role-Based Access Control (RBAC) policies and ensure proper Identity and Access Management (IAM) practices across Azure resources.
  • Configure and manage Azure AD roles, Custom RBAC roles, Azure AD Groups, and Conditional Access policies to enforce least-privilege access control for users and applications.
  • Collaborate with security teams to enforce access control policies for sensitive resources and align with organizational security and compliance requirements.
  • Automate identity provisioning and de-provisioning through integration with Azure AD, Azure AD B2B, and Azure AD B2C where applicable.
  • Continuously monitor and audit Azure IAM practices to ensure compliance with internal policies and external regulations.


Escalation & Troubleshooting:


  • Serve as an escalation point for complex cloud infrastructure issues and troubleshoot problems related to Azure resources, networking, VM performance, and PaaS offerings.
  • Work closely with support and operations teams to resolve incidents and service disruptions related to Azure infrastructure.
  • Provide root cause analysis and post-mortem documentation for major incidents and failures.


Collaboration & DevOps Integration:


  • Partner with DevOps teams to integrate Azure infrastructure into CI/CD pipelines, ensuring automation and efficient provisioning of resources using IaC.
  • Assist in implementing Azure DevOps or GitHub Actions to automate infrastructure provisioning, deployments, and monitoring.
  • Continuously evaluate and improve deployment processes to enhance speed, reliability, and security.


On-Premises Systems & VMware Experience:


  • Leverage your experience with Windows Server administration, including Active Directory, Group Policy Objects (GPO), DNS, and DHCP.
  • Manage the integration of VMware and ESXi environments hybrid cloud scenarios


EDUCATION


  • Bachelor's degree in computer science, information technology, or related field required.
  • Certification or progress toward certification of, industry-recognized professional designation preferred and encouraged.
  • Combinations of relevant education and work experience may be considered in lieu of a degree.
  • Continuous learning, as defined by Company's learning philosophy, is required.


EXPERIENCE


  • 7 years' experience within an IT environment which provides the necessary skills, knowledge and abilities.
  • 3+ years of experience working with VMWare virtual environments, administering Windows Server OS, Active Directory, GPO, DNS, working with Linux servers, and Kubernetes and containerized solutions preferred.
  • Experience in a large complex enterprise environment, specifically in Healthcare, Insurance, or similarly government-regulated environment preferred.


QUALIFICATIONS




Azure Expertise:


  • Strong knowledge and hands-on experience with Azure Networking (Virtual Networks, ExpressRoute, VPNs).
  • Expertise in Azure PaaS offerings such as Azure SQL, Azure Files, Azure Functions, Azure Logic Apps, and Azure Data Factory.
  • Experience in VM management within Azure, including VM scaling, storage solutions, and VM performance optimization.
  • Solid understanding of Azure Active Directory (AAD), RBAC, and IAM principles, with experience in configuring role assignments, conditional access, and identity management.


Infrastructure-as-Code (IaC):


  • Strong experience in using Terraform to deploy, configure, and manage Azure resources.
  • Familiarity with version control systems like Git and collaboration through tools such as GitHub or Azure DevOps.


Cloud Migration:


  • Proven experience assisting in cloud migration projects to Azure, including both re-hosting and re-platforming strategies.
  • Knowledge of Azure Migrate or similar tools for moving on-premises workloads to the cloud.


On-Premises Infrastructure:


  • Experience with Windows Server administration, including Active Directory, GPO, DNS, and DHCP.
  • Familiarity with VMware ESXi and vCenter, including the management of virtualized environments and hybrid cloud configurations.


Troubleshooting & Escalation:


  • Expertise in diagnosing and resolving complex infrastructure issues across cloud and on-prem environments.
  • Ability to create and maintain thorough documentation, including incident reports, root cause analysis, and remediation plans.


Security & Compliance:


  • Knowledge of Azure Security Center, Azure Sentinel, and security best practices to monitor and secure Azure resources.
  • Experience implementing security policies and compliance controls in the cloud (e.g., encryption, monitoring, and access control).


WORKING CONDITIONS:



Work is performed in an office setting with no unusual hazards.


The qualifications listed above are intended to represent the minimum education, experience, skills, knowledge and ability levels associated with performing the duties and responsibilities contained in this job description.



Pay Range



Actual compensation decision relies on the consideration of internal equity, candidate's skills and professional experience, geographic location, market and other potential factors. It is not standard practice for an offer to be at or near the top of the range, and therefore a reasonable estimate for this role is between $79,300 and $207,800


We are an Equal Opportunity Employer. Diversity is valued and we will not tolerate discrimination or harassment in any form. Candidates for the position stated above are hired on an \"at will\" basis. Nothing herein is intended to create a contract.
More jobs in Sacramento, California

Other
about 2 hours ago

Emergent Holdings
Other
about 2 hours ago

Emergent Holdings
More jobs in Other

Other
10 minutes ago

Compass Health Network
Other
10 minutes ago

Compass Health Network
Other
19 minutes ago

Allyon