Lead DevSecOps / Azure Architect
We are seeking a highly skilled DevSecOps / Azure Architect to lead the design, implementation, and governance of secure cloud-native architectures on Microsoft Azure. The role will be instrumental in driving secure DevOps practices, infrastructure automation, and enterprise-grade API platform modernization (including Azure API Management).
The ideal candidate will combine deep Azure architecture expertise with strong DevSecOps practices, ensuring scalability, resilience, and security by design.
Requirements
Key Responsibilities
Azure Architecture & Cloud Design
Design secure, scalable, and high-availability Azure architectures.
Lead cloud migration initiatives (on-prem / legacy platform → Azure).
Architect solutions using Azure APIM, App Services, Functions, AKS, Service Bus, and related services.
Implement multi-region and disaster recovery strategies.
Define landing zones and governance models aligned with enterprise standards.
DevSecOps Implementation
Implement DevSecOps practices across CI/CD pipelines.
Integrate security controls into build and deployment workflows.
Automate infrastructure using Infrastructure as Code (Bicep / ARM / Terraform).
Embed security scanning tools (SAST, DAST, container scanning, dependency checks).
Implement secure release management and environment promotion strategies.
Security Architecture & Compliance
Design zero-trust architecture patterns.
Implement secure API gateway configurations (Azure APIM policies).
Configure OAuth2, OpenID Connect, Azure AD (Entra ID).
Ensure compliance with OWASP API Security Top 10.
Manage certificate lifecycle, mTLS, and key vault integration.
Define cloud security posture management practices.
Automation & CI/CD
Architect CI/CD pipelines using Azure DevOps or GitHub Actions.
Implement blue-green / canary deployment strategies.
Enable automated policy validation for APIs.
Design pipeline governance and approval gates.
Monitoring & Observability
Implement Azure Monitor, Log Analytics, Application Insights, ELK, Prometheus and Grafana
Define logging, tracing, and alerting strategies.
Enable proactive anomaly detection and SLA monitoring.
Technical Skills – Mandatory
Azure Expertise
Azure APIM (architecture & policy configuration)
Azure AD / Entra ID
Azure App Services / Functions
AKS (preferred)
Azure Key Vault
Azure Networking (VNet, NSG, Private Endpoints)
Security & DevSecOps
DevSecOps implementation experience
CI/CD pipeline security
SAST/DAST tools integration
Identity & access management
Secure coding practices
API security frameworks
Automation
Azure DevOps / GitHub Actions
Infrastructure as Code (Bicep / ARM / Terraform)
YAML pipelines
Containerization (Docker, Kubernetes preferred)
Key Responsibilities
Azure Architecture & Cloud Design
Design secure, scalable, and high-availability Azure architectures.
Lead cloud migration initiatives (on-prem / legacy platform → Azure).
Architect solutions using Azure APIM, App Services, Functions, AKS, Service Bus, and related services.
Implement multi-region and disaster recovery strategies.
Define landing zones and governance models aligned with enterprise standards.
DevSecOps Implementation
Implement DevSecOps practices across CI/CD pipelines.
Integrate security controls into build and deployment workflows.
Automate infrastructure using Infrastructure as Code (Bicep / ARM / Terraform).
Embed security scanning tools (SAST, DAST, container scanning, dependency checks).
Implement secure release management and environment promotion strategies.
Security Architecture & Compliance
Design zero-trust architecture patterns.
Implement secure API gateway configurations (Azure APIM policies).
Configure OAuth2, OpenID Connect, Azure AD (Entra ID).
Ensure compliance with OWASP API Security Top 10.
Manage certificate lifecycle, mTLS, and key vault integration.
Define cloud security posture management practices.
Automation & CI/CD
Architect CI/CD pipelines using Azure DevOps or GitHub Actions.
Implement blue-green / canary deployment strategies.
Enable automated policy validation for APIs.
Design pipeline governance and approval gates.
Monitoring & Observability
Implement Azure Monitor, Log Analytics, Application Insights.
Define logging, tracing, and alerting strategies.
Enable proactive anomaly detection and SLA monitoring.
Technical Skills – Mandatory
Azure Expertise
Azure APIM (architecture & policy configuration)
Azure AD / Entra ID
Azure App Services / Functions
AKS (preferred)
Azure Key Vault
Azure Networking (VNet, NSG, Private Endpoints)
Security & DevSecOps
DevSecOps implementation experience
CI/CD pipeline security
SAST/DAST tools integration
Identity & access management
Secure coding practices
API security frameworks
Automation
Azure DevOps / GitHub Actions
Infrastructure as Code (Bicep / ARM / Terraform)
YAML pipelines
Containerization (Docker, Kubernetes preferred)
Job Details
Experience
Management