Principal Platform Engineer – Azure

Principal Platform Engineer – Azure

Requirements

• 10+ years in cloud/platform engineering, DevOps, or SRE roles, with 3+ years focused on Azure.
• Proven experience building internal tools and services using C#/.NET Core (or equivalent) to support platform use cases (e.g., observability, automation, security analysis).
• Hands-on expertise with Kubernetes, containerized workloads, and cloud-native patterns.
• Deep understanding of Azure security services: IAM, Key Vault, Defender for Cloud, encryption-in-transit/at-rest, and access control.
• Proficiency in Terraform, Bicep, or other declarative IaC tooling.
• Strong command of Azure networking concepts (VNets, firewalls, Private Endpoints, hybrid networking).
• Familiarity with observability tooling (Azure Monitor, Prometheus, Grafana, DataDog, or similar).
• Solid scripting skills (PowerShell, Bash, or Python).
• Clear communication skills and a strong documentation mindset.

Responsibilities

• Own the architecture and roadmap for Bankjoy’s Azure cloud infrastructure, with a focus on scalability, security, and developer efficiency.
• Design and build internal tools or services (e.g., bot detection, threat monitoring, configuration validators, internal dashboards), using C#/.NET Core or other languages.
• Harden our cloud security posture with proactive threat modeling, security scanning, IAM policies, encryption strategies, network segmentation, and regulatory compliance (e.g., S/DAST, SOC 2, PCI, OWASP).
• Maintain and evolve our IaC stack (Terraform, Bicep) to deliver secure, repeatable, and auditable infrastructure.
• Optimize infrastructure costs and performance across compute, storage, and networking layers.
• Manage Azure networking components like VNets, route tables, NSGs, and hybrid cloud interconnectivity.
• Lead infrastructure incident response, contributing to postmortems and mitigation strategies.
• Document infrastructure changes and architectural decisions to support internal knowledge-sharing and external audits.
• Support performance benchmarking and reliability testing for Kubernetes workloads and managed Azure services.
• Apply structured critical thinking to evaluate trade-offs, identify blind spots, and make informed decisions under uncertainty.
• Balance complex priorities across long-term infrastructure initiatives, real-time operational issues, and tactical internal requests.
• Communicate clearly and constructively across engineering and leadership—whether writing architectural diagrams, presenting security recommendations, or contributing to postmortems.
• Collaborate cross-functionally to ensure cloud infrastructure supports business goals, development velocity, and compliance outcomes.

Preferred Qualifications

• Bonus: Experience with regulatory environments (e.g., NIST, SOC 2, FFIEC, PCI).