Seeking a hands-on Senior Azure Cloud Engineer with strong expertise in Terraform, HCP Terraform, Azure DevOps, GitHub, and Azure networking to build and manage secure, scalable cloud infrastructure. The role involves IaC development, CI/CD automation, cloud security implementation, deployment troubleshooting, and support for Azure IoT, MQTT, and Ignition-based industrial solutions.
Responsibilities
Build and maintain IaC using HCP Terraform for Azure environments.
Support deployment of Azure resources required for Ignition, MQTT, PostgreSQL, networking, and integration services.
Maintain GitHub repositories and Azure DevOps pipelines.
Implement multi-environment deployment workflows for dev, test, prod, and plant-specific subscriptions.
Support private networking between plant networks and Azure cloud subscriptions.
Help automate Azure IoT Operations MQTT Broker deployment/configuration where applicable.
Support infrastructure for cloud-hosted Ignition servers.
Implement Key Vault, RBAC, managed identity, and secure secret handling.
Troubleshoot Terraform, pipeline, networking, and access-related issues.
Produce deployment runbooks and operational documentation.
Minimum Requirements (Mandatory)
The candidate must be a hands-on Azure IaC/DevOps engineer with practical experience in Terraform, Azure DevOps YAML pipelines, GitHub-based source control, Azure networking, Key Vault/RBAC, and deployment troubleshooting. Exposure to HCP Terraform, MQTT, Ignition, or industrial IoT platforms is preferred
|
Skill |
Minimum Level |
|
Terraform |
Intermediate to Advanced |
|
HCP Terraform / Terraform Cloud |
Basic to Intermediate |
|
Azure DevOps Pipelines |
Intermediate |
|
GitHub |
Intermediate |
|
Azure Infrastructure |
Intermediate |
|
Azure Networking |
Intermediate |
|
Azure Security / RBAC / Key Vault |
Intermediate |
|
PowerShell/Bash |
Basic to Intermediate |
|
MQTT / Ignition / OPC UA |
Basic awareness preferred |
|
Documentation |
Intermediate |
Preferred Qualifications (Good to have)
Experience with HCP Terraform/Terraform Cloud, Azure landing zones, hub-and-spoke networking, private endpoints, Azure PostgreSQL, Key Vault, managed identity, and Azure DevOps YAML pipelines. Exposure to industrial IoT, MQTT/Sparkplug B, OPC UA, Inductive Automation Ignition, Azure IoT Operations, Snowflake, or SAP Integration Suite is preferred. Certifications such as HashiCorp Terraform Associate, AZ-104, AZ-305, or AZ-400 are desirable.
|
Skill Area |
Required Capability |
Priority |
Proficiency |
|
HCP Terraform / Terraform Cloud |
Workspaces, remote state, variables, runs, policies, environment separation |
Must Have |
Advanced |
|
Terraform for Azure |
Build and maintain reusable Terraform modules for Azure infrastructure |
Must Have |
Advanced |
|
Azure DevOps |
YAML pipelines for Terraform plan/apply, approvals, multi-stage deployments |
Must Have |
Advanced |
|
GitHub |
Repo structure, branching, PR reviews, GitHub integration with Azure DevOps |
Must Have |
Advanced |
|
Azure Cloud Platform |
VNets, subnets, NSGs, route tables, private endpoints, private DNS, storage, Key Vault, managed identities |
Must Have |
Advanced |
|
Azure Networking |
Hub-spoke, factory-to-cloud connectivity, firewall routing, DNS, private access patterns |
Must Have |
Advanced |
|
Azure IoT / MQTT |
Familiarity with MQTT brokers, MQTT TLS, Sparkplug B, Azure IoT Operations concepts |
Must Have |
Intermediate |
|
Ignition Platform Awareness |
Understanding of Ignition gateway/server architecture, edge-to-cloud deployment model, OPC UA/MQTT integrations |
Should Have |
Intermediate |
|
OPC UA / OT Connectivity |
Awareness of plant-floor device connectivity and industrial protocol boundaries |
Should Have |
Basic to Intermediate |
|
Azure Database for PostgreSQL |
Deployment automation, private access, firewall rules, backup/restore awareness |
Should Have |
Intermediate |
|
Security / Identity |
Managed identity, service principals, workload identity, RBAC, Key Vault, secret handling |
Must Have |
Advanced |
|
CI/CD Governance |
Environment promotion, approvals, gated deployments, auditability |
Must Have |
Advanced |
|
Observability |
Azure Monitor, Log Analytics, diagnostic settings, alerting |
Should Have |
Intermediate |
|
Scripting |
PowerShell, Bash, or Python for automation and troubleshooting |
Must Have |
Intermediate |
|
Documentation |
Runbooks, deployment guides, environment diagrams, operational handover |
Must Have |
Advanced |
|
Snowflake/SAP Awareness |
Understanding of integration dependencies, not necessarily deep implementation |
Nice to Have |
Basic |
Terraform, HCP Terraform, Terraform Cloud, Azure DevOps, Azure DevOps Pipelines, YAML Pipelines, GitHub, Azure Infrastructure, Azure Cloud Platform, Azure Networking, Azure Security, RBAC, Azure Key Vault, Managed Identity, Service Principals, Workload Identity, PowerShell, Bash, Python, Azure IoT Operations, MQTT, MQTT TLS, Sparkplug B, Ignition, OPC UA, Industrial IoT, Azure Database For PostgreSQL, Private Endpoints, Private DNS, Hub-And-Spoke Networking, Azure Monitor, Log Analytics, CI/CD, Deployment Automation, Infrastructure As Code, Git, Network Security Groups, Route Tables, Storage Accounts, Troubleshooting, Documentation, Runbooks, Snowflake, SAP Integration Suite.