Senior Cloud/DevOps Engineer - Contract to Hire

Project Title: Senior Azure Cloud Architect & DevOps Engineer (Terraform/Security Focus) Role: Senior Cloud/DevOps Engineer Duration: 3 Weeks (Sprint) Project Overview: We are building an Enterprise-Grade RAG platform. We need an experienced Azure Engineer to architect and deploy the "Fortress" infrastructure. The primary objective is to build a VNET-integrated, zero-trust environment where Azure OpenAI, AI Search, and Cosmos DB are accessed strictly via Private Endpoints. Scope of Work: 1. Infrastructure as Code (Terraform): VNET Architecture: Deploy a secure Hub-Spoke network topology (Gateway Subnet, App Subnet, Data Subnet) using Terraform. Private Connectivity: Provision Private Endpoints and Private DNS Zones for all data services. Public network access must be disabled. State Management: Secure Terraform state handling using Azure Storage. 2. Security & API Gateway: APIM Implementation: Deploy Azure API Management (APIM) in a VNET. Auth Integration: Configure OAuth2/OIDC policies in APIM to validate Microsoft Entra ID tokens before routing to the backend. 3. CI/CD & Deployment: Container Apps: configure Azure Container Apps to host the Python backend (code provided by Dev team). Secure Pipelines: set up GitHub Actions using Azure Workload Identity Federation (OIDC) to build and deploy without long-lived secrets. Key Deliverables: Terraform scripts for the entire environment (VNET, APIM, Data Services). Working Private Endpoint connectivity (verified via Bastion or VPN). CI/CD Pipeline (GitHub Actions) for automated container deployment. Requirements: Must Have: Expert knowledge of Azure Networking (Private Links, Private DNS Zones, VNET Peering). Must Have: Strong Terraform experience (Modules, State Locking). Experience: Configuring Azure API Management (APIM) policies. Experience: Azure Workload Identity Federation for GitHub Actions. Apply tot his job