Senior Azure Cloud / Security & AI Operations Engineer

Altimi is a technology acceleration partner with impressive experience spanning over 20 years, specializing in the successful delivery of software development projects for international customers. We are based in Poland. Our main area of operation is the DACH region and Scandinavia, where we are known for providing top-notch software development services.

Our primary focus are managed services for companies seeking to accelerate growth, solve complex tech problems, build MVP/POC and/or modify legacy infrastructures. 

The main area of competence include Product & Application Engineering, DevOps, Cloud Security & Managed Services and AI & Data Enablement.

About Project

We help enterprises scale revenue and profit through secure, compliant generative AI solutions.

This role is a key contributor on a small, high-trust team: you’ll design and operate production-grade Azure platforms, embed security at every step, and leverage AI to accelerate delivery. If you enjoy shipping, automating, and owning outcomes with real customer impact, this is for you.

What You’ll Do

Platform & DevOps

• Own and evolve Azure foundations: subscription strategy, landing zones, networking (VNets, Private Link, Firewall), identity (Entra ID), secrets (Key Vault/Managed HSM), and data services (Cosmos DB, MongoDB Atlas, Storage).

• Design, implement, and harden CI/CD (GitHub Actions and/or Azure DevOps) for apps, infrastructure, and policies; champion Infrastructure as Code (Terraform and/or Bicep).

• Build golden images/base containers, artifact pipelines, and automated drift detection.

Security & Compliance (DevSecOps)

• Operate and automate threat detection/response (Microsoft Sentinel, Defender for Cloud) and container/dependency scanning (Snyk, Trivy).

• Enforce least-privilege IAM, certificate rotation, and secrets hygiene.

• Map controls to frameworks (ISO 27001, SOC 2, NIST, HIPAA, GDPR, FedRAMP) and produce evidence via policy-as-code and reporting.

Reliability & Operations (SRE)

• Establish SLOs/SLIs, error budgets, and proactive capacity/performance management.

• Implement end-to-end observability (Azure Monitor, Log Analytics, Application Insights) and actionable alerting; reduce MTTR with auto-remediation.

• Lead incident response, post-incident reviews, and systemic hardening.

AI-Enabled Automation

• Use LLMs/code generation to accelerate infra and ops workflows: pipeline scaffolding, policy generation, runbook creation, and knowledge capture.

• Collaborate with product teams to run AI workloads securely in production.

Client-Facing Impact

• Work directly with enterprise clients; translate requirements into secure, reliable designs; present trade-offs; guide adoption and handover.

Prerequisites

Must-Have

• Senior-level experience operating and securing Azure at scale (multi-subscription/tenant patterns, landing zones, network isolation, identity, and data).

• Hands-on expertise with Terraform (or Bicep), GitHub Actions/Azure DevOps, containers, and artifact workflows.

• Practical security skills: SIEM/SOAR (Sentinel or similar), image/dependency scanning, vulnerability management, and policy-as-code.

• Strong observability knowledge (Azure Monitor/Log Analytics/App Insights, OpenTelemetry) and an SRE mindset.

• Clear communicator, comfortable with client interaction and documentation.

• Experience with Azure Container Registry (ACR), GitHub Actions pipelines, and deployments.

Core Stack

• Infra as Code: Terraform

• Cloud & Containers: ACA, ACR, Key Vault, Storage, Cosmos DB, Monitor, App Insights, Application Gateway, Private Endpoints, Bastion

• Databases: MongoDB Atlas, Cosmos DB, MeiliSearch, Vector Search

• AI/ML: Azure OpenAI (GPT-4.1), RAG pipelines, multi-cloud AI providers

• CI/CD & DevOps: GitHub Actions, Terraform automation, Docker workflows

• Security & Identity: Azure AD/Entra ID, OIDC/JWT, Defender/Sentinel, Key Vault, policy-as-code

• Observability: Azure Monitor, Log Analytics, Application Insights

Nice to Have

• Cross-cloud exposure (AWS/GCP), private connectivity (ExpressRoute), and hybrid/on-prem integrations.

• Background in secure enterprise environments; audit evidence automation and compliance reporting.

We Offer

• MultiSport card

• LuxMed medical package

• Allianz group insurance

• Value-based work culture

• Flexible working hours and remote work options