Website:
embee.co.in
Job details:
Job Summary
We are seeking an experienced
Azure & AKS Infrastructure Engineer to design, implement, and manage secure, scalable, and highly available cloud environments on Microsoft Azure. The role involves core Azure services management, AKS cluster operations, Windows workload modernization, and advanced Azure networking implementations following Zero Trust principles.
Key Responsibilities
- Azure Core Services
- Design, deploy, and manage:
- Azure Virtual Machines (VMs), VM Scale Sets (VMSS), Availability Sets/Zones
- Azure App Service (where applicable)
- Manage Azure Storage services (Blob, File, Queue, Table) and Managed Disks
- Integrate and manage Azure SQL / Managed Instance and other PaaS data endpoints
- Implement identity and security controls:
- Entra ID (Azure AD), Managed Identities, RBAC
- Azure Key Vault, Defender for Cloud, Azure Policy
- Configure and maintain:
- Azure Monitor, Log Analytics, Update Manager, Automation
- Resource tagging, governance via Blueprints/Policies
- Azure Cost Management and optimization
- Implement secure networking integrations:
- Private Endpoints, Private DNS, Service Endpoints
- Application Gateway (WAF), Azure Firewall
- Azure Kubernetes Service (AKS)
- Architect, deploy, and operate AKS clusters (public and private)
- Configure Azure CNI / Overlay networking, network policies, and ingress controllers (NGINX / AGIC)
- Manage container image lifecycle using Azure Container Registry (ACR), including scanning and supply chain security
- Implement:
- Workload Identity
- Key Vault CSI driver
- Policy enforcement (Gatekeeper / Kyverno / Azure Policy for Kubernetes)
- Observability (Azure Monitor for Containers, Prometheus, Grafana)
- Troubleshoot cluster, networking, and service-related issues
- Optimize AKS environments for performance, reliability, scalability, and cost
- Windows & Workload Modernization
- Administer Windows Server environments:
- Active Directory, IIS
- DNS, DHCP
- Group Policy fundamentals
- Automate operational tasks using PowerShell
- Containerize and manage Windows workloads on AKS
- Manage Windows base images, compatibility validation, and patch pipelines
- Operate Windows VMs/VMSS for non-containerized workloads
- Implement patching strategies and compliance baselines
- Azure Networking
- Design and automate:
- VNets, Subnets
- NSGs/ASGs, UDRs, Route Tables
- VNet Peering
- Hub-and-Spoke architectures
- Implement hybrid connectivity:
- ExpressRoute
- Site-to-Site VPN
- Deploy and manage:
- Private Link
- Application Gateway (WAF)
- Azure Firewall / NVA architectures
- Enforce Zero Trust principles:
- Network segmentation
- Least-privilege access
- Egress traffic controls
- Private/Public DNS strategies
- AI & Machine Learning Workloads (Essential)
- Deploy and manage AI workloads using:
- Microsoft Azure AI services ecosystem
- Azure OpenAI Service
- Azure Machine Learning
- Azure AI Foundry
- Architect secure AI environments using:
- Private Endpoints
- Managed Identities
- VNet injection
- Deploy containerized AI/ML models on AKS
- Implement model lifecycle management (training, deployment, monitoring)
- Configure GPU-enabled VMs for AI training/inference workloads
- Implement responsible AI practices:
- Data governance
- Access control
- Model monitoring & logging
Optimize AI infrastructure for cost and performance
Location: Mumbai - EMBI, Mumbai, Maharashtra, India
Click on Apply to know more.