Job Description
Responsibilities
- Design, operate, and continuously improve AKS clusters managing node pools, autoscaling policies (Karpenter), Helm chart versioning, and Kong ingress routing across multiple namespaces
- Build and maintain GitHub Actions CI/CD pipelines with Kubernetes-hosted self-hosted runners covering build, SAST, software bill of materials (SBOM) generation, dependency scanning, container publishing to Azure Container Registry, and AKS deployment
- Manage all Azure infrastructure as code with Terraform VNets, Private Endpoints, Application Gateway + WAF, Azure SQL, MySQL Flexible Server, Redis Cache, Cosmos DB, Blob Storage, Azure DNS, Key Vault, and DDoS Protection across all environments
- Own the observability stack: Application Insights dashboards, Log Analytics queries, synthetic uptime monitors, and on-call scheduling – defining SLOs and closing alert gaps before customers notice them
- Drive security posture improvements in partnership with InfoSec – triaging findings from cloud security posture management (CSPM) tooling, a vulnerability management platform, and endpoint detection and response (EDR) alerts; coordinating with the managed security service provider (MSSP) on escalations
- Manage identity and access: Azure AD / Entra ID, Workload Identity Federation for secretless pod-level authentication, and Keycloak for SSO across JWT and SAML flows
- Own the incident response lifecycle – triage P1P4 events, coordinate resolution across engineering teams, drive blameless postmortems, and close action items with a 48-hour RCA target for critical incidents
- Support ISO 27001, ISO 27017, and ISO 27018 audit cycles — producing evidence, reviewing controls, and closing findings in collaboration with engineering and compliance teams
What You’ll Bring
- 5+ years of hands-on Azure or AWS experience – ideally AKS, Application Gateway + WAF, Azure SQL, Key Vault, Azure Monitor, and Azure Container Registry; AZ-104 or AZ-400 certification is a strong signal
- Proven Kubernetes operations depth: Helm, HPA/VPA/node autoscaling, ingress controller management (Kong preferred), and multi-environment cluster operations
- Strong Terraform skills – writing reusable modules, managing remote state, and maintaining consistent infrastructure across multiple environments (dev/qa/training/prod)
- Solid GitHub Actions experience, including building reusable workflow templates and managing self-hosted runners on Kubernetes
- Security-first mindset with direct experience across at least two of: SAST tooling, SBOM generation, dependency scanning, CSPM platforms, or vulnerability management workflows
- Experience supporting compliance audits (ISO 27001 or SOC 2) – not just awareness, but producing evidence artifacts and engaging directly with auditors
Nice-to-Haves
- Hands-on Keycloak administration: realm configuration, SAML/OIDC client setup, and Workload Identity Federation integration
- Experience operating Azure Cosmos DB or managed MongoDB at scale – index tuning, failover testing, backup validation
- Familiarity with Azure Purview data classification and information protection policies
- Exposure to product analytics event pipelines and data residency controls at the infrastructure layer
Are you interested in this position?
Apply by clicking on the “Apply Now” button below!
#GraphicDesignJobsOnline
#WebDesignRemoteJobs
#FreelanceGraphicDesigner
#WorkFromHomeDesignJobs
#OnlineWebDesignWork
#RemoteDesignOpportunities
#HireGraphicDesigners
#DigitalDesignCareers
# Dynamicbrand guru