Please note: Only candidates who meet all listed required qualifications will be considered for this position.
- Terraform ★ - Remote state management, state locking, drift detection and remediation, multi-environment module design, recovery and import scenarios. This is the highest-priority bar.
- AKS / Kubernetes - Production cluster operations — pod and node troubleshooting, resource exhaustion, ingress, rollbacks, cluster upgrades. You need operational stories, not theory.
- Azure Policy & governance - Hands-on policy enforcement (deny, audit, modify) at management group and subscription scope. Remediation tasks and compliance reporting.
- Security & identity - Managed Identity (system vs. user-assigned), RBAC at control and data plane levels, Key Vault, Entra ID, JWT/OAuth, secure inter-service communication.
- Observability & RCA - Log Analytics, Azure Monitor, Prometheus, Grafana, Splunk, or ELK. Full incident triage from symptom to resolution to prevention.
- Azure platform services - AKS, App Services, Azure Functions, Storage, VNets, Private Endpoints, NSGs, Azure Firewall — hands-on production experience.
- API Management - Policy configuration: throttling, rate limiting, auth enforcement, request/response transformations, observability integration.
- Development - Python strongly preferred. Golang & Java is a plus.
We are placing a Senior Azure Platform Engineer with a centralized Platform Engineering team at one of the world's largest financial institutions. The team owns the internal Azure platform that application teams across the bank depend on — and they're in a critical phase, scaling toward enterprise-wide General Availability while expanding into multi-cloud.
You'll build, harden, and operate real production infrastructure. You'll own incidents, run root cause analysis, and improve the platform so the same failure doesn't happen twice.
What you'll do
- Own Terraform-based infrastructure across multi-environment and multi-subscription Azure setups — state management, drift detection, remediation, and module design
- Operate AKS clusters in production — pod and node troubleshooting, scaling, ingress issues, cluster upgrades, and incident response
- Implement and enforce Azure Policy at management group and subscription scope, including deny and audit effects and active remediation
- Design and maintain platform security controls: Managed Identity, RBAC at control and data plane, Key Vault, Entra ID, and secure service-to-service communication
- Own production incidents end-to-end — triage, root cause analysis, resolution, and prevention
- Build observability into the platform: logging strategy, alerting, container monitoring, and AKS diagnostic tooling
- Partner with application teams on platform onboarding, automation patterns, and best practices
- Contribute to platform hardening and standardization as the platform scales to support more teams
Ready to take the next step? Click "Interested" to kickstart your journey toward a rewarding career!
#IND2
Job Types: Full-time, Contract
Pay: $60.00 - $70.00 per hour
Benefits:
- Dental insurance
- Health insurance
- Referral program
- Vision insurance
Application Question(s):
- Are you comfortable working on W2? If not, please hold off on completing the application for now. We’ll be posting another opportunity in the future for 1099/C2C candidates.
- Are you legally authorized to work in the United States, US Citizen/Green Card Holder? If not, please hold off on completing the application for now. We’ll be posting another opportunity in the future for visa candidates.
- Are you willing to work on a contract basis? If not, please hold off on completing the application for now. We’ll be posting another opportunity in the future for full time roles.
- Do you have a minimum of 6 years hands-on experience with Log Analytics, Azure Monitor, Prometheus, Grafana, Splunk, or ELK? If you do not have, please hold off on completing the application for now. We’ll be posting another opportunity in the future for candidates without the required experience.
- Do you have a minimum of 6 years hands-on production experience with AKS, App Services, Azure Functions, Storage, VNets, Private Endpoints, NSGs, Azure Firewall? If you do not have, please hold off on completing the application for now. We’ll be posting another opportunity in the future for candidates without the required experience.
- Do you have a minimum of 6 years hands-on production experience with API Management? If you do not have, please hold off on completing the application for now. We’ll be posting another opportunity in the future for candidates without the required experience.
- Do you have a minimum of 6 years experience with Python? If you do not have, please hold off on completing the application for now. We’ll be posting another opportunity in the future for candidates without the required experience.
- Do you have a minimum of 6 years experience with Microsoft Azure Platform? If you do not have, please hold off on completing the application for now. We’ll be posting another opportunity in the future for candidates without the required experience.
- Do you have a minimum of 6 years experience with Terraform - Remote state management, state locking, drift detection and remediation, multi-environment module design, recovery and import scenarios? ? If you do not have, please hold off on completing the application for now. We’ll be posting another opportunity in the future for candidates without the required experience.
- Do you have a minimum of 6 years hands-on experience with AKS/Kubernetes in production cluster operations? If you do not have, please hold off on completing the application for now. We’ll be posting another opportunity in the future for candidates without the required experience.
- Do you have a minimum of 6 years hands-on experience with Azure policy enforcement (deny, audit, modify) at management group and subscription scope? If you do not have, please hold off on completing the application for now. We’ll be posting another opportunity in the future for candidates without the required experience.
- Do you have a minimum of 6 years hands-on experience with RBAC at control and data plane levels, Key Vault, Entra ID, JWT/OAuth? If you do not have, please hold off on completing the application for now. We’ll be posting another opportunity in the future for candidates without the required experience.
Ability to Commute:
- Jersey City, NJ 07097 (Required)
Work Location: In person
