Azure DevSecOps Engineer - Azure DevOps, Terraform, AKS

We are seeking a highly skilled Senior DevSecOps Engineer with 8-10 years of advanced to intermediate experience to deploy, and manage secure, scalable cloud infrastructure and CI/CD ecosystems. The ideal candidate will have expertise in Azure DevOps, Terraform, Argo CD, Azure Kubernetes Service (AKS), GitHub Actions, PowerShell, and advanced Azure services, including network security, API Gateway, RBAC, and performance optimization. This role demands a strategic thinker with strong troubleshooting skills to resolve complex technical challenges and drive operational excellence.

Responsibilities: -

CI/CD Pipeline & GitOps

• Design and manage Azure DevOps pipelines for multi-stage deployments, integrating automated testing and security scans.
• Implement Argo CD for GitOps workflows to automate Kubernetes deployments and ensure declarative configuration consistency.
• Optimize GitHub Actions workflows for seamless integration with Azure services and containerized environments.

Infrastructure as Code (IaC)

• Serve as a Terraform expert, provisioning and managing cloud resources (Azure, AWS) with modular, version-controlled code.
• Develop Terraform modules for PostgreSQL to enforce high availability, encryption, and backup strategies.
• Manage Azure network security groups (NSGs) and API Gateway configurations via IaC to enforce traffic rules and secure API endpoints.

Azure Cloud & Kubernetes

• Architect and optimize Azure Kubernetes Service (AKS) clusters, focusing on performance tuning, scaling, and cost efficiency.
• Secure AKS environments using Azure RBAC, network policies, and Pod Identity integrations.
• Deploy and manage Azure Data Factory pipelines (or integration services) for ETL workflows and data orchestration.
• Configure Azure Automation Runbooks for operational task automation and integration with Azure services.

Networking & Security

• Enforce Azure network security group (NSG) rules to safeguard cloud environments.
• Implement secure API architectures using Azure API Gateway, including rate limiting, authentication, and monitoring.
• Apply Azure RBAC policies to govern resource access and ensure least-privilege principles.

Automation & Scripting

• Develop advanced PowerShell scripts for infrastructure automation, log analysis, and system monitoring.
• Streamline workflows using Azure Automation Runbooks and integrate with Azure Monitor for proactive alerting.

Troubleshooting & Optimization

• Diagnose and resolve complex issues in distributed systems, including network bottlenecks, AKS performance degradation, and CI/CD pipeline failures.
• Conduct root cause analysis (RCA) for production incidents and implement preventive measures.

Collaboration & Compliance

• Partner with security teams to enforce compliance (GDPR, SOC2) and implement vulnerability management.
• Mentor junior engineers on IaC, Kubernetes best practices, and Azure security frameworks .

Mandatory skills

• 8-10 years of DevOps experience with expertise in Azure DevOps, Terraform, AKS, Argo CD, and GitHub Actions.
• Advanced proficiency in Azure networking (NSGs, API Gateway, VNet peering) and security (RBAC, Key Vault).
• Hands-on experience with AKS performance optimization (e.g., node pool tuning, autoscaling, KEDA).
• Strong scripting skills in PowerShell and experience automating workflows via Azure Automation Runbooks.
• Proven ability to deploy PostgreSQL via Terraform and manage Azure Data Factory pipelines.
• Expertise in troubleshooting complex cloud-native systems (networking, Kubernetes, IaC drift).

• Azure certifications (e.g., AZ-400, AZ-305) or Terraform Associate preferred

Good to have skills: -

• Familiarity with Azure Arc for hybrid cloud management.

• Knowledge of PrometheGrafanafor AKS monitoring.

• Experience with Azure Policy for governance and compliance automation