Azure DevSecOps Engineer (IaC / Terraform / Automation Support)

Position Summary

We are seeking a highly skilled Azure DevSecOps Engineer to design, implement, and support secure, automated cloud infrastructure using Infrastructure as Code (IaC) principles. This role will be responsible for driving automation, embedding security into the software delivery lifecycle, and enabling scalable, compliant Azure environments.

The ideal candidate combines deep expertise in Terraform, Azure DevOps, and CI/CD automation with strong knowledge of cloud security, governance, and operational support.

Key Responsibilities

Infrastructure as Code (IaC) - Terraform Focus

• Design, build, and maintain reusable Terraform modules for Azure infrastructure provisioning (networking, compute, identity, storage)
• Ensure all infrastructure is version-controlled, auditable, and deployed via automated pipelines
• Implement policy-as-code and security baselines within Terraform configurations
• Perform code reviews and enforce IaC standards across engineering teams

DevSecOps & CI/CD Automation

• Design and maintain secure CI/CD pipelines using Azure DevOps, GitHub Actions, or similar tools
• Integrate automated security scanning (SAST, DAST, IaC scanning) into deployment pipelines
• Build and support automated deployment orchestration (blue/green, canary, rollback strategies)
• Automate provisioning, configuration, and deployment workflows to reduce manual effort

Azure Cloud Engineering

• Architect, deploy, and manage secure Azure cloud environments
• Implement governance controls including RBAC, Azure Policy, and identity management
• Design scalable and resilient infrastructure aligned with business and security requirements
• Optimize cloud environments for performance, cost, and reliability

Security & Compliance

• Embed security controls and compliance checks into infrastructure and pipelines
• Conduct vulnerability assessments and remediate risks proactively
• Manage secrets, certificates, and keys using secure vault solutions (e.g., Azure Key Vault)
• Ensure adherence to regulatory and organizational security standards

Automation Support & Operational Excellence

• Provide automation and platform support for build, release, and infrastructure pipelines
• Troubleshoot CI/CD, IaC deployments, and cloud infrastructure issues
• Develop and maintain self-service automation tools for engineering teams
• Monitor systems, respond to incidents, and continuously improve reliability

Collaboration & Enablement

• Partner with Dev, Sec, and IT teams to integrate security into development workflows
• Provide guidance and best practices on DevSecOps and IaC adoption
• Support onboarding of applications into standardized DevSecOps pipelines
• Document processes, patterns, and reusable frameworks

Required Qualifications

• 5+ years experience in DevOps / DevSecOps / Cloud Engineering
• Strong hands-on experience with:
  • Terraform (required)
  • Azure (IaaS, PaaS, identity, networking)
  • CI/CD tools (Azure DevOps, GitHub Actions, Jenkins)
• Experience implementing Infrastructure as Code in enterprise environments
• Proficiency in scripting/automation (PowerShell, Bash, or Python)
• Experience with security integration in CI/CD pipelines
• Strong understanding of cloud security, IAM, and compliance frameworks

Preferred Qualifications

• Experience with:
  • Azure Kubernetes Service (AKS), containers, or microservices
  • Policy-as-code tools (OPA, Sentinel, Checkov)
  • Monitoring tools (Azure Monitor, Log Analytics, Prometheus)
• Certifications:
  • Microsoft Azure certifications (e.g., AZ-400, AZ-500)
  • HashiCorp Terraform Associate
• Experience in regulated environments a plus (SOX, SOC2, etc.)

Key Skills

• Infrastructure as Code (Terraform)
• Azure DevOps / CI-CD automation
• Cloud security & DevSecOps practices
• Scripting & automation
• Monitoring, troubleshooting, and incident response
• Cross-team collaboration and communication

What Success Looks Like

• Fully automated, secure Azure infrastructure deployments
• Reduced manual provisioning and faster release cycles
• Embedded security controls across pipelines and IaC
• Improved reliability and scalability of cloud platforms
• Strong adoption of DevSecOps and automation practices across teams

What you can expect from us:

• Our shared values that foster inclusion and belonging including uncompromising integrity, collaboration, trust, and mutual respect
• The opportunity to innovate and do work that motivates and engages you
• A collaborative environment focused on enabling you to further your career growth and continuous professional development
• Competitive compensation and a total rewards package that focuses on all aspects of your wellbeing
• Flexibility to do impactful work and the time to enjoy your life outside of work
• Opportunities to connect and learn from professionals from different backgrounds and with different cultures

Benefits Information:

Cherry Bekaert cares about our people. We offer competitive compensation packages based on performance that recognize the value our people bring to our clients and our Firm. The salary range for this position is included below. Individual salaries within this range are determined by a variety of factors including but not limited to the role, function and associated responsibilities, a candidate's work experience, education, knowledge, skills, and geographic location. In addition, we offer a comprehensive, high-quality benefits program which includes annual bonus, medical, dental, and vision care; disability and life insurance; generous Paid Time Off; retirement plans; Paid Care Leave; and other programs that are dedicated to enhancing your personal and work life and providing you and your family with a measure of financial protection.

Pay Range:
Pay from $111k to $147K