Cloud Infrastructure Engineer

Job Type: Full-time Work Setting: Remote / Hybrid

Experience Level: Senior (5+ years)

About the Role

We're looking for a hands-on Cloud Infrastructure Engineer to own and evolve our hybrid cloud environment spanning Azure IaaS/PaaS, on-premise Windows Server infrastructure, and Cloudflare edge services. You'll be the single point of accountability for uptime, performance, security, and cost optimization across our entire hosting stack — supporting a multi-tenant B2B e-commerce SaaS platform serving hundreds of business customers.

This is not a design-documents-only role. You will architect, implement, monitor, and troubleshoot in production daily.

What You'll Do

• Manage and optimize Azure IaaS environments: Virtual Machines, Virtual Networks, NSGs, Load Balancers, and hybrid connectivity

• Deploy and manage Azure PaaS services: App Services, Azure SQL Database, Azure Container Instances/Container Apps, and Docker-based workloads

• Administer Windows Server (2019/2022) and IIS 10 across multiple production environments — application pools, bindings, URL rewrite rules, request filtering, and performance tuning - Own SQL Server administration: performance tuning (query plans, indexing, wait stats), SQL Agent job automation, backup/restore strategies, and database replication (transactional, availability groups)

• Configure and manage Cloudflare: DNS, CDN caching rules, WAF policies, page rules, rate limiting, Workers, Tunnels, and DDoS protection

• Manage Microsoft 365 and Entra ID (Azure AD): user lifecycle, conditional access policies, MFA, Privileged Identity Management (PIM), SSO integrations, and group-based licensing

• Harden servers and web applications: OS-level security baselines, firewall rules, TLS configuration, vulnerability remediation, and compliance audits

• Manage SSL/TLS certificates across all environments: procurement, installation, renewal automation, and certificate chain troubleshooting

• Implement infrastructure as code using Terraform, Bicep, or ARM Templates for repeatable, auditable Azure deployments

• Build and maintain CI/CD pipelines (GitHub Actions, Azure DevOps) for automated application and infrastructure deployments

• Monitor platform health using Azure Monitor, Application Insights, and Log Analytics — write KQL queries to diagnose issues across hundreds of tenants

• Manage secrets, keys, and certificates centrally through Azure Key Vault

• Optimize Azure spend using Cost Management, Reserved Instances, and right-sizing recommendations

• Support web platform needs: SEO-related server configuration (canonical URLs, redirects, robots.txt, sitemap serving), reCAPTCHA integration, and CDN cache optimization

• Write and maintain PowerShell and command-line scripts for automation, deployment, monitoring, and routine maintenance tasks

• Implement and maintain disaster recovery using Azure Site Recovery and Azure Backup

• Document infrastructure, runbooks, and disaster recovery procedures

What You Bring

Required:

• 5+ years managing production Windows Server and IIS environments

• Strong Azure experience across both IaaS (VMs, VNets) and PaaS (App Services, Azure SQL, containers)

• Advanced SQL Server administration — you can read an execution plan, identify missing indexes, set up replication, and script backup strategies without hand-holding

• Production experience with Cloudflare (DNS, CDN, WAF, security features)

• Solid Microsoft 365 and Entra ID administration skills

• Proficient in PowerShell scripting for automation and server management

• Hands-on SSL certificate management (Let's Encrypt, commercial CAs, IIS bindings, certificate stores)

• Understanding of web security fundamentals: OWASP top 10, server hardening, TLS best practices

• Familiarity with SEO-related server configuration (redirects, caching headers, structured data serving)

• Experience with monitoring and observability tools (Azure Monitor, Application Insights, or similar)

Preferred:

• Infrastructure as Code experience: Terraform, Bicep, or ARM Templates

• CI/CD pipeline experience: GitHub Actions, Azure DevOps Pipelines

• Azure Key Vault for secrets and certificate management

• Azure Cost Management and spend optimization

• Azure Site Recovery and disaster recovery planning

• Conditional Access and Privileged Identity Management (PIM) in Entra ID

• Cloudflare Workers and Tunnels

• Docker Compose, Azure Container Apps

• Experience supporting multi-tenant SaaS platforms

• Familiarity with Solr or Elasticsearch administration

• .NET application hosting experience (ASP.NET Core on IIS and App Services)

• KQL (Kusto Query Language) for Log Analytics

Why This Role

• Direct impact — your infrastructure decisions affect hundreds of businesses and their customers daily

• Ownership — you're not filing tickets for another team to act on; you have the keys and the authority

• Modern stack — Azure, Cloudflare, Docker, Terraform, GitHub Actions, not legacy datacenter babysitting

• Small team, big scope — you'll touch everything from DNS to database replication to container orchestration

Pay: $50.00 - $60.00 per hour

Work Location: Remote