Senior Microsoft Cloud Services Engineer

• Architect, implement, and maintain Azure-based infrastructure (networking, compute, storage, identity, security controls) to support business-critical workloads with defined availability and performance targets. 

• Lead cloud migrations and modernization efforts, including workload assessment, landing zone design, migration planning and execution, and post-migration optimization. 

• Own Microsoft 365 service operations (Exchange Online, SharePoint Online, OneDrive, Teams) including configuration, governance, lifecycle management, and service health monitoring. 

• Design and enforce cloud security best practices such as identity hardening (Microsoft Entra ID), Conditional Access, least privilege RBAC, secure network patterns, and policy-based compliance. 

• Implement Infrastructure as Code (IaC) and automation using tools such as Terraform, Bicep/ARM, and PowerShell to improve consistency, deployment speed, and auditability. 

• Monitor, troubleshoot, and resolve complex incidents across Azure and Microsoft 365; perform root cause analysis and implement preventive improvements. 

• Establish and maintain operational standards including documentation, runbooks, change management, patching strategies, backup and disaster recovery, and service-level reporting. 

• Optimize cloud costs and performance using tagging strategies, capacity planning, rightsizing, reservations or savings plans, and cost governance processes. 

• Collaborate cross-functionally with security, networking, application teams, and vendors to deliver integrated cloud solutions; provide technical guidance during planning and implementation. 

• Mentor and uplift engineers through coaching, peer reviews for automation and IaC, and leadership in adopting cloud best practices and standards. 

• Advanced certifications such as Azure Solutions Architect Expert, Azure Security Engineer Associate (AZ-500), DevOps Engineer Expert (AZ-400), or Microsoft Security (SC-200/SC-300/SC-100). 

• Hybrid identity experience (Entra Connect or Cloud Sync) and integration of on-premises Active Directory with Microsoft cloud services. 

• Deep Azure networking design experience (hub-and-spoke, firewalling, private endpoints, ExpressRoute/VPN, DNS, routing). 

• Hands-on experience implementing Microsoft Defender for Cloud, Defender for Endpoint/Identity/Office 365, and security monitoring workflows (e.g., Microsoft Sentinel). 

• Experience designing governance at scale (Azure landing zones, management groups, policy/initiative structures, standardized subscription models). 

• Familiarity with Git-based workflows, Azure DevOps or GitHub Actions pipelines, and automated testing for infrastructure deployments. 

• Experience working in ITSM/ITIL-aligned environments (e.g., ServiceNow) and driving measurable operational improvements. 

Work Environment and Expectations 

• Participate in an on-call rotation and occasional after-hours maintenance windows as required for critical changes and incident response. 

• Partner with security and compliance teams to ensure cloud services meet organizational and regulatory requirements. 

• Contribute to standards, reference architectures, and continuous improvement initiatives across the cloud platform. 

What Success Looks Like (First 6 to 12 Months) 

• Improved reliability and observability of cloud services through standardized monitoring, runbooks, and operational metrics. 

• Measurable progress in security posture through identity hardening, policy compliance, and risk reduction initiatives. 

• Reduced deployment cycle time and configuration drift through increased adoption of Infrastructure as Code and automation. 

• Demonstrated leadership through mentoring, high-quality documentation, and successful delivery of key cloud initiatives. 

Equal Opportunity Statement: We are an equal opportunity employer and value diversity. Employment decisions are based on qualifications, merit, and business needs.