Senior Azure Cloud Engineer

Position Overview

We are seeking a Senior Azure Cloud Engineer to design, deploy, and maintain secure enclave environments within Microsoft Azure in support of mission-critical government programs. This is a hybrid Cloud Engineering / DevOps role: the right candidate is equally comfortable architecting Azure infrastructure and building the CI/CD pipelines and automation that make it deployable, repeatable, and self-service for government users.

This role goes beyond execution. The Senior Azure Cloud Engineer will weigh in on and help guide architecture discussions, partner with leadership to shape engineering strategy, and bring an automation-first mindset to everything from pipeline design to AVD image rotation. The position is onsite in Lorton, VA and requires an active Top Secret clearance with SCI.

What You'll Do in Your First Year

First 90 Days

• Develop a deep understanding of the operating environment, including the team, customer mission, and program landscape.
• Learn the existing Azure infrastructure setup, including resource groups, naming conventions, and architectural patterns.
• Begin contributing to architecture discussions and identifying opportunities for improvement.

By 6 Months

• Know how the environment is connected end-to-end — networking, identity, enclave boundaries, and pipeline flows.
• Build Azure DevOps pipelines and Terraform from scratch to support new and existing programs.
• Actively contribute to two programs at the Secret clearance level and one program at the TS clearance level.
• Deploy into new cloud environments as program needs expand.
• Design and deploy pipelines in ways that are user-friendly for government customers, with a strong emphasis on self-service options for end users.

Key Responsibilities

Cloud Infrastructure & Architecture

• Deploy and manage Azure resources — including Virtual Machines, Key Vaults, and other core services — using Azure DevOps pipelines.
• Develop and maintain infrastructure as code (IaC) using Terraform, ARM templates, and Bicep, including building solutions from scratch.
• Review, refine, and troubleshoot new and existing IaC across the environment.
• Monitor and maintain Azure infrastructure, addressing performance issues and optimizing cloud resources.
• Contribute to and help guide architecture discussions and key technical decisions.

Secure Enclave Engineering

• Design, implement, and manage secure enclave environments within Microsoft Azure.
• Ensure the stability, performance, and security of Azure enclave systems.
• Manage identity and access management (IAM) policies, enforcing least-privilege access across enclave systems.

DevOps & Automation

• Build and manage Azure DevOps CI/CD pipelines from scratch, designed for usability by government customers and self-service end users.
• Automate Azure Virtual Desktop (AVD) image building and rotation.
• Support customers in installing software onto baseline desktops using an automation-first approach (DSC or Packer).

Containers & Orchestration

• Design, develop, deploy, and manage container orchestration through Kubernetes.
• Configure and manage Azure Kubernetes Service (AKS) clusters and the underlying infrastructure.
• Automate the deployment, scaling, and management of containerized applications.

Collaboration & Leadership

• Partner with leadership to shape engineering strategy and innovation.
• Collaborate with cross-functional teams to develop and enhance cloud solutions.
• Troubleshoot complex issues within Azure environments and provide escalation support as needed.
• Communicate complex technical concepts clearly to non-technical audiences.
• Document configurations, procedures, and troubleshooting processes.

Qualifications

• Bachelor's degree in Computer Science, Information Technology, or a related field (or equivalent experience).
• 10 years of experience in cloud administration and development, with a focus on Microsoft Azure.
• Proven ability to build Azure DevOps pipelines and Terraform from scratch.
• Demonstrated experience working in secure enclave environments and familiarity with security compliance frameworks.
• Strong knowledge of Azure services, including Azure Virtual Desktop.
• Hands-on experience with Infrastructure as Code (IaC) tools such as Terraform, Azure DevOps, ARM templates, or Bicep.
• Strong proficiency in PowerShell and other scripting languages.
• Strong experience automating the deployment of Azure resources via code.
• Strong working knowledge of YAML, JSON, Bicep, and PowerShell.
• Ability to weigh in on and guide architecture discussions and complex problem solving.
• Track record of continuously improving development processes and team velocity.
• Azure certifications such as AZ-104, AZ-305, or equivalent are highly desirable.

Clearance & Requirements

• Active Top Secret clearance with SCI is required.
• U.S. citizenship is required pursuant to a government contract.
• Must be within driving distance of Lorton, VA, or willing to relocate (relocation packages available).
• Must be willing to work onsite.
• Must be willing and able to travel up to 10%.