Skip to content

Lead DevSecOps / Azure Architect

Blue Pearl PTY LTDJohannesburg, GP, South AfricaJuly 11, 2026
On-site
Contract
DevSecOps
Management

We are seeking a highly skilled DevSecOps / Azure Architect to lead the design, implementation, and governance of secure cloud-native architectures on Microsoft Azure. The role will be instrumental in driving secure DevOps practices, infrastructure automation, and enterprise-grade API platform modernization (including Azure API Management).

The ideal candidate will combine deep Azure architecture expertise with strong DevSecOps practices, ensuring scalability, resilience, and security by design.

Requirements

Key Responsibilities

Azure Architecture & Cloud Design

  • Design secure, scalable, and high-availability Azure architectures.

  • Lead cloud migration initiatives (on-prem / legacy platform → Azure).

  • Architect solutions using Azure APIM, App Services, Functions, AKS, Service Bus, and related services.

  • Implement multi-region and disaster recovery strategies.

  • Define landing zones and governance models aligned with enterprise standards.

DevSecOps Implementation

  • Implement DevSecOps practices across CI/CD pipelines.

  • Integrate security controls into build and deployment workflows.

  • Automate infrastructure using Infrastructure as Code (Bicep / ARM / Terraform).

  • Embed security scanning tools (SAST, DAST, container scanning, dependency checks).

  • Implement secure release management and environment promotion strategies.

Security Architecture & Compliance

  • Design zero-trust architecture patterns.

  • Implement secure API gateway configurations (Azure APIM policies).

  • Configure OAuth2, OpenID Connect, Azure AD (Entra ID).

  • Ensure compliance with OWASP API Security Top 10.

  • Manage certificate lifecycle, mTLS, and key vault integration.

  • Define cloud security posture management practices.

Automation & CI/CD

  • Architect CI/CD pipelines using Azure DevOps or GitHub Actions.

  • Implement blue-green / canary deployment strategies.

  • Enable automated policy validation for APIs.

  • Design pipeline governance and approval gates.

Monitoring & Observability

  • Implement Azure Monitor, Log Analytics, Application Insights, ELK, Prometheus and Grafana

  • Define logging, tracing, and alerting strategies.

  • Enable proactive anomaly detection and SLA monitoring.

Technical Skills – Mandatory

Azure Expertise

  • Azure APIM (architecture & policy configuration)

  • Azure AD / Entra ID

  • Azure App Services / Functions

  • AKS (preferred)

  • Azure Key Vault

  • Azure Networking (VNet, NSG, Private Endpoints)

Security & DevSecOps

  • DevSecOps implementation experience

  • CI/CD pipeline security

  • SAST/DAST tools integration

  • Identity & access management

  • Secure coding practices

  • API security frameworks

Automation

  • Azure DevOps / GitHub Actions

  • Infrastructure as Code (Bicep / ARM / Terraform)

  • YAML pipelines

  • Containerization (Docker, Kubernetes preferred)

 

Key Responsibilities

Azure Architecture & Cloud Design

 

Design secure, scalable, and high-availability Azure architectures.

 

Lead cloud migration initiatives (on-prem / legacy platform → Azure).

 

Architect solutions using Azure APIM, App Services, Functions, AKS, Service Bus, and related services.

 

Implement multi-region and disaster recovery strategies.

 

Define landing zones and governance models aligned with enterprise standards.

 

DevSecOps Implementation

 

Implement DevSecOps practices across CI/CD pipelines.

 

Integrate security controls into build and deployment workflows.

 

Automate infrastructure using Infrastructure as Code (Bicep / ARM / Terraform).

 

Embed security scanning tools (SAST, DAST, container scanning, dependency checks).

 

Implement secure release management and environment promotion strategies.

 

Security Architecture & Compliance

 

Design zero-trust architecture patterns.

 

Implement secure API gateway configurations (Azure APIM policies).

 

Configure OAuth2, OpenID Connect, Azure AD (Entra ID).

 

Ensure compliance with OWASP API Security Top 10.

 

Manage certificate lifecycle, mTLS, and key vault integration.

 

Define cloud security posture management practices.

 

Automation & CI/CD

 

Architect CI/CD pipelines using Azure DevOps or GitHub Actions.

 

Implement blue-green / canary deployment strategies.

 

Enable automated policy validation for APIs.

 

Design pipeline governance and approval gates.

 

Monitoring & Observability

 

Implement Azure Monitor, Log Analytics, Application Insights.

 

Define logging, tracing, and alerting strategies.

 

Enable proactive anomaly detection and SLA monitoring.

 

Technical Skills – Mandatory

Azure Expertise

 

Azure APIM (architecture & policy configuration)

 

Azure AD / Entra ID

 

Azure App Services / Functions

 

AKS (preferred)

 

Azure Key Vault

 

Azure Networking (VNet, NSG, Private Endpoints)

 

Security & DevSecOps

 

DevSecOps implementation experience

 

CI/CD pipeline security

 

SAST/DAST tools integration

 

Identity & access management

 

Secure coding practices

 

API security frameworks

 

Automation

 

Azure DevOps / GitHub Actions

 

Infrastructure as Code (Bicep / ARM / Terraform)

 

YAML pipelines

 

Containerization (Docker, Kubernetes preferred)

Job Details

Experience

Management

Tools & Tech

Active Directory
AKS
Azure
Azure Monitor
Bicep
Docker
Elasticsearch
Entra ID
GitHub
GitHub Actions
Grafana
Kubernetes
Prometheus
Terraform
Vault