DevOps Engineer

This position has an onsite expectation. Candidates must be within commuting distance of the Carmel, IN office. 

We are seeking a DevOps Engineer to help design, build, and operate cloud infrastructure and deployment pipelines in Microsoft Azure. This role will work closely with R&D teams developing new software solutions and will be responsible for provisioning Azure resources that support development, testing, and production workloads.

In addition to supporting engineering teams, this individual will partner with departments across the organization to implement automation initiatives that improve reliability, scalability, security, and delivery speed.

Essential Functions/Job Duties:

Azure Infrastructure & Cloud Operations

• Design, provision, and manage Azure resources to support application development, testing, and production environments
• Build and maintain infrastructure using Infrastructure as Code (IaC) with a strong emphasis on Azure Bicep and ARM templates (Terraform a plus)
• Implement Azure networking, identity, and governance best practices (VNets, private endpoints, RBAC, management groups/subscriptions, and Azure Policy)
• Ensure environments are scalable, secure, cost effective, and aligned with organizational standards by creating reusable Bicep modules, standardized parameterization, and deployment guardrails
• Design secrets and configuration patterns using Azure Key Vault and managed identities, including secure rotation and least-privilege access

CI/CD & Deployment Pipelines

• Design, build, and maintain Azure DevOps Pipelines (YAML) for continuous integration and continuous delivery
• Partner with R&D teams to integrate pipelines into the software development lifecycle, including build, test, security scanning, and release automation
• Manage Azure DevOps Environments and environment-specific deployments (dev, test, staging, production) with appropriate approvals, checks/gates, and segregation of duties
• Improve pipeline reliability, deployment speed, and observability using reusable YAML templates, artifact/version promotion practices, and end-to-end traceability (work item → PR → build → release)
• Administer and optimize Azure Repos and Git workflows, including pull requests, branch policies, code review standards, and required build validations

Partnership with R&D Teams

• Collaborate closely with software engineers to understand application requirements and translate them into Azure architectures
• Enable development teams with self service capabilities through automation and standardized templates
• Provide guidance on cloud native design patterns and operational best practices

Enterprise Automation & Enablement

• Work with teams across the organization to identify opportunities for automation and process improvements
• Build reusable automation solutions for infrastructure provisioning, environment setup, and operational tasks
• Promote DevOps best practices, tooling, and standards across teams

Operations & Reliability

• Implement monitoring, logging, and alerting using Azure Monitor, Log Analytics, and Application Insights to proactively identify issues
• Support deployments and operational troubleshooting in production environments, including creating/maintaining runbooks and automation for common operational tasks
• Participate in on call or incident response activities as needed
• Willingness and ability to occasionally work off-hours or weekends, as needed and scheduled, to support R&D teams during deployments, escalations, or time-sensitive issues
• Continuously improve system reliability, security posture, and performance through capacity planning, alert tuning, and post-incident reviews (blameless retrospectives); familiarity with SLO/SLI concepts is a plus
• Use AI tools responsibly and in alignment with policy to accelerate routine tasks (e.g., drafting pipeline/IaC scaffolding, troubleshooting, and runbook creation), while validating outputs and never sharing secrets or sensitive data in prompts

Security & Compliance

• Implement secure‑by‑default patterns in Azure (networking, identity, secrets management)
• Ensure pipelines and infrastructure follow Baker Hill security standards and compliance requirements
• Partner with Security to design guardrails, enforce least privilege, and maintain configuration baselines
• Automate security checks in CI/CD (secret scanning, dependency scanning, and IaC/template validation) to detect misconfigurations early
• Harden CI/CD access by implementing least-privilege service connections, secure credential handling, and (where appropriate) managed identity/workload identity patterns

Required Skills/Qualifications

• BA/BS Computer Science, Information Technology or related field
• 4 years with Azure DevOps (Repos & Pipelines; GitHub Actions/other CI/CD tools a plus.
• Experience building and managing cloud infrastructure in Microsoft Azure
• Hands-on experience creating and maintaining Azure DevOps CI/CD pipelines (YAML), including multi-stage releases, templates, and environment approvals
• Strong Git skills, including branching strategies, pull requests, resolving merge conflicts, and code review practices
• Strong understanding of Infrastructure as Code principles, including hands-on delivery with Azure Bicep and ARM templates (modules, parameterization, and repeatable deployments)
• Experience working with development teams to support application delivery
• Familiarity with cloud security, identity, and access management concepts
• Proficiency with automation and scripting for Azure (e.g., Azure CLI, PowerShell; Python a plus)
• Strong troubleshooting, automation, and problem-solving skills
• Self-motivated and able to work independently with minimal supervision while consistently delivering high-quality results
• Demonstrated ability to manage your own work (plan, prioritize, and execute) and provide clear, detailed status updates on progress, risks, and blockers
• Strong follow-through and attention to detail; able to stay focused and complete tasks end-to-end on a consistent basis
• Comfortable working in an Agile delivery model with a 2-week iteration cadence, including participating in planning, daily standups, reviews, and retrospectives
• Experience applying security best practices in cloud environments, including identity, network hardening, and secrets management.

STANDARD REQUIREMENT

Use AI responsibly and in alignment with policy, including ongoing learning, and incorporate AI into routine tasks such as drafting communications, summarizing meetings, and organizing information.

Preferred Qualifications

• Experience supporting both development and production cloud environments
• Experience deploying and operating workloads in Azure App Service Environments (ASE), including Azure Functions and Web Apps (deployment slots, scaling, networking/private access)
• Experience working with Azure data stores used by cloud apps, such as Azure SQL Database and Azure Cosmos DB, including connectivity, authentication, and CI/CD deployment considerations
• Experience utilizing Azure PaaS services such as Event Hubs, Service Bus, and Azure Managed Redis (plus other integration/messaging services as applicable)
• Knowledge of containerization and orchestration technologies (e.g., Docker; Kubernetes/AKS fundamentals)
• Experience with pipeline and IaC quality controls (linting, unit/integration tests, template validation, and policy-as-code)
• Working knowledge of observability practices (Azure Monitor, Log Analytics, Application Insights), alert tuning, and incident response
• Experience in regulated or security conscious environments
• Scripting experience (e.g., PowerShell, Bash, Python)
• Demonstrated ability to use AI assistants effectively (prompting, iterative refinement, and validation) for DevOps workflows while following data-handling requirements
• SAFe Agile Certified; SAFe DevOps Practitioner or SAFe for Teams (SP) certification required to collaborate effectively within Agile Release Trains or must be obtained within the first 90 days of employment.

Disclaimer:

The above statements are intended to describe the general nature and level of work being performed by individuals assigned to this position. They are not intended to be an exhaustive list of all responsibilities, duties, and skills required. Management reserves the right to assign or reassign duties and responsibilities to this position at any time as business needs evolve.