Job Title: Azure Cloud Administration Specialist
Location: New York, NY (Hybrid)
Scope of Services:
The Azure Cloud Specialist will be responsible for designing and implementing a secure, scalable Azure cloud architecture across all environments, including defining subscription structure, resource organization, naming conventions, and tagging standards, as well as producing architecture diagrams aligned with the Azure Well-Architected Framework and organizational requirements.
The Consultant will provision and configure core Azure infrastructure components, implement identity and access management (including RBAC, Azure Entra ID, MFA, Conditional Access, and PIM), and apply Zero Trust security principles in alignment with DCAS and OTI Cyber GRC standards.
In addition, the Consultant will design and enforce cloud security controls, support governance and compliance activities (including Azure Policy, ISO 27001, and NIST alignment), perform risk and vulnerability assessments, integrate security into DevSecOps practices, and develop operational documentation and conduct knowledge transfer to ensure sustainable operations.
Azure Architecture & Design:
- Design end-to-end Azure architecture across all environments.
- Define subscription structure, resource groups, naming conventions, and tagging standards.
- Design secure network topology (VNets, subnets, NSGs).
- Produce architecture diagrams for stakeholder approval.
- Ensure alignment with Azure Well-Architected Framework and best practices for security, scalability, resilience, and governance.
Infrastructure Provisioning:
- Provision and configure Azure resources (VNets, App Services, VMs, SQL, Storage, Key Vault).
- Implement RBAC, Azure Policies, and governance controls.
- Ensure environment readiness for Dev, Test, UAT, and Production.
- Azure Kubernetes Service (AKS) provisioning and support.
- Validate connectivity and infrastructure configuration.
- Apply Zero Trust principles aligned with DCAS and OTI Cyber GRC standards.
Security Architecture:
- Define Azure security strategy and secure cloud architecture.
- Implement network security (NSGs, Firewall/WAF, private endpoints).
- Conduct threat modeling, risk assessments, and security validation.
- Ensure compliance with security and regulatory standards.
Identity & Access Management (IAM):
- Configure Azure Entra ID integration and identity management.
- Implement RBAC, MFA, Conditional Access, and PIM.
- Manage Azure Key Vault and secrets protection.
- Support data protection, classification, and DLP controls.
- Coordinate with GRC teams for compliance.
Governance, Risk & Compliance:
- Implement Azure policies and security baselines.
- Ensure compliance with ISO 27001, NIST, and related frameworks.
- Conduct audits, vulnerability assessments, and remediation tracking.
DevSecOps & Documentation:
- Integrate security into CI/CD pipelines and perform security reviews.
- Provide architecture guidance to engineering teams.
- Develop runbooks, operational documentation, and architecture diagrams.
- Conduct knowledge transfer to internal teams.