At Systems Planning and Analysis, Inc. (SPA), we tackle the most complex national security challenges with high-impact technical solutions. With over 50 years of proven expertise and a track record of consistent growth, we are recognized for driving innovation and delivering value to our government customers in the U.S. and beyond. An exceptionally talented and collaborative team powers our success, united in producing Results that Matter. When you join us, you’ll find opportunities, meaningful challenges, and a shared commitment to mission success. Come work with the best and make a difference where it truly counts.
We seek an experienced Azure Cloud Engineer to design, deploy, and manage a scalable and secure cloud infrastructure in a complex Azure environment. This role focuses on implementing and maintaining cloud services aligned with Azure Landing Zone (ALZ) principles, supporting Secure Cloud Computing Architecture (SCCA) and enterprise-level interconnectivity, including B2B integrations. The ideal candidate will have hands-on experience with Azure services and Infrastructure as Code (IaC) and a strong understanding of governance, compliance, and automation in multi-subscription environments.
Why Join Us?
This is an exciting opportunity to contribute to a forward-thinking organization by building and managing secure, scalable cloud infrastructure in Azure. Join a team of talented professionals and gain hands-on experience with cutting-edge cloud technologies, supporting critical workloads while driving innovation in enterprise connectivity and compliance.
Responsibilities Cloud Infrastructure Design and ManagementDesign, implement, and manage scalable Azure cloud infrastructure, including networking, computing, and storage resources.Configure and maintain hub-and-spoke architectures with Azure Virtual Networks, VPN Gateway, ExpressRoute, and Azure Firewall.Optimize and secure Azure environments following Azure Landing Zone (ALZ) and SCCA guidelines.B2B and Enterprise InterconnectivityEnable secure B2B integrations using Azure AD B2B, Guest Access, and Conditional Access Policies.Manage identity federation and access control between Azure AD tenants and external identity providers.Configure hybrid connectivity solutions using Azure ExpressRoute, VPN Gateway, and Private Link to integrate on-premises and cloud environments.Security and ComplianceImplement security measures across the Azure environment, including Microsoft Defender for Cloud, Network Security Groups (NSGs), and Key Vault.Ensure compliance with frameworks like NIST SP 800-53, CMMC, and FedRAMP by leveraging Azure Policy and Blueprints.Perform regular security assessments and compliance audits, addressing vulnerabilities and risks proactively.Automation and Infrastructure as Code (IaC)Develop and maintain Infrastructure as Code (IaC) solutions using Terraform, ARM templates, or Bicep for resource provisioning and automation.Automate routine tasks, such as resource monitoring, configuration management, and patching.Integrate IaC workflows into CI/CD pipelines to support DevSecOps practices.Monitoring and OptimizationSet up and maintain monitoring tools, such as Azure Monitor, Log Analytics, and Network Watcher, to track performance and detect anomalies.Analyze resource utilization and recommend cost optimization strategies.Troubleshoot and resolve issues related to cloud infrastructure, ensuring high availability and performance.
Collaboration and SupportWork closely with cloud architects, DevOps, and cybersecurity teams to ensure infrastructure alignment with organizational goals.Provide technical support and guidance to application teams for deploying workloads in the cloud.Create and maintain detailed documentation for infrastructure configurations, processes, and troubleshooting procedures. Qualifications
Required Qualifications:
Experience:
5+ years of experience in cloud engineering, with 3+ years focused on Azure.Proven track record of implementing and managing multi-subscription Azure environments aligned with Azure Landing Zone principles.Hands-on experience with hybrid and B2B connectivity in enterprise environments.Technical Skills:
Proficiency in Azure services: Azure AD, Virtual Networks, Azure Firewall, ExpressRoute, VPN Gateway, and Private Link.Strong understanding of governance tools such as Azure Policy, Blueprints, and management groups.Knowledge of security tools, including Microsoft Defender for Cloud, Key Vault, and Azure Sentinel.Compliance Knowledge:
Familiarity with regulatory frameworks such as NIST SP 800-53, CMMC, FedRAMP, and ISO 27001.Experience implementing compliance controls in cloud environments.Soft Skills:
Strong problem-solving and troubleshooting skills.Effective communication skills to collaborate with technical and non-technical teams.Ability to manage multiple priorities in a dynamic environment.
Desired Qualifications:
Experience with Mission Landing Zone (MLZ) principles and cross-domain solutions (CDS).Certifications such as Microsoft Certified: Azure Administrator Associate, Azure Solutions Architect Expert, or equivalent.Knowledge of CI/CD pipeline integration and DevSecOps practices.Familiarity with multi-cloud or hybrid cloud architectures. Options Apply for this job onlineApplyShareRefer this job to a friendRefer Sorry the Share function is not working properly at this moment. Please refresh the page and try again later. Share on your newsfeed SPA is committed to the principles and practices of equal employment opportunity (EEO) and Affirmative Action. It is, and will continue to be, the policy of the company to afford equal employment opportunities to all qualified individuals. We recruit, hire, train and promote persons in all job titles without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin, age, marital status, protected veteran status, disability or genetics or any other characteristic protected by federal, state or local law. Application FAQsSoftware Powered by iCIMS
www.icims.com