Apply on Employer Site

EY · 4 days ago

GPS - Azure Cloud Platform Engineer - Supervising Associate

Atlanta, GA

Full-time

Hybrid

Mid, Senior Level

$90K/yr - $168K/yr

5+ years exp

EY is a global leader in assurance, consulting, tax, and transaction services, committed to building a better working world. The Azure Cloud Platform Engineer - Supervising Associate role involves designing cloud platform architectures, building DevSecOps automation, and enabling containerized workloads in Azure environments while mentoring junior engineers.

AccountingAdviceBusiness IntelligenceConsultingFinancial ServicesProfessional Services

Growth Opportunities

No H1B

U.S. Citizen Only

Responsibilities

Design and maintain reusable IaC (Bicep, ARM templates) for scalable, secure Azure / Azure Gov environments

Implement and improve Azure Policies and initiatives to enforce standards and guardrails

Apply modern engineering and security standards across platform components

Engineer, automate, and deploy platform solutions and applications using platforms such as Kubernetes, Azure Kubernetes Service (AKS), Azure Container Apps, with supporting technologies like Docker or Helm

Develop and maintain base container images and hardened OS images aligned to DISA STIGs and other security baselines

Evolve and promote DevSecOps practices across teams

Build and operate CI/CD pipelines using Azure DevOps, Git, and automation tooling (e.g., Ansible)

Automate repeatable infrastructure and application deployment tasks

Use both manual and automated quality controls to ensure reliable releases

Troubleshoot and remediate issues in cloud and container platforms

Identify and communicate risks, assumptions, issues, and decisions throughout the product lifecycle

Document and improve processes, and collaborate closely with product managers, architects, and security teams

Mentor junior engineers and help build a high-performing DevSecOps culture

Qualification

Azure Cloud PlatformInfrastructure as CodeDevSecOps AutomationContainerizationAzure DevOpsNetworking FundamentalsCloud Security PrinciplesIdentityAccess ManagementWindows AdministrationLinux AdministrationScripting/ProgrammingAgile MethodologiesCommunication Skills

Required

Bachelor's degree in Computer Science, IT, or equivalent experience

Microsoft Certified: Azure Administrator Associate (AZ-104)

5+ years in engineering roles working with private/public cloud IaaS, PaaS, and/or SaaS

Eligibility to obtain and maintain a Top Secret security clearance

Strong hands-on experience with (in order of importance):

Infrastructure as Code & CI/CD – designing and delivering with tools such as Bicep, Azure DevOps, ARM templates, or Ansible

Containers and orchestration – experience building and running containerized workloads using technologies such as Docker, Kubernetes, Azure Kubernetes Service (AKS), Azure Container Apps, or Helm for packaging and deploying services at scale

Networking fundamentals – strong foundation designing and troubleshooting VNets, subnets, network security groups (NSGs), routing (UDRs), and basic load-balancing scenarios, with enough depth to reason about hub-and-spoke or similar topologies and diagnose common connectivity issues

Cloud security principles – solid understanding of concepts such as shared responsibility, least privilege, identity-driven security, network segmentation, encryption, and logging/monitoring, and how to apply them for customers driven by regulatory compliance requirements, such as: NIST, Fedramp

Identity and access – understanding of Microsoft Entra ID, Azure RBAC, Entra ID RBAC, Privileged Identity Management (PIM), and managed identities for Azure resources

Windows and Linux administration – hands-on experience managing, troubleshooting, and hardening server workloads, including patching, performance tuning, and applying security baselines (e.g., DISA STIG or equivalent)

Scripting / programming – practical automation experience using PowerShell (Python or similar scripting languages is a plus but not required)

Additional expectations:

Experience with government security frameworks (e.g., NIST controls)

Hands-on delivery in Agile environments (Scrum, Kanban, SAFe, or similar)

Strong written and verbal communication and the ability to work effectively on distributed teams

Preferred

Deeper hands-on experience with:

Git-based source control and branching strategies

Azure DevOps Pipelines and broader Azure platform services

Ansible and Bicep for advanced automation and configuration

Azure Policy and multi-tenant / multi-subscription design patterns

Advanced Azure networking experience – hands-on exposure to one or more of: VPN Gateway or ExpressRoute, Azure Firewall or other NVAs, Virtual WAN hubs, Application Gateway or similar L7 gateways, and more complex hybrid or multi-region network designs

Additional relevant certifications, such as:

AZ-400, AZ-500, AZ-700

Certified Kubernetes Administrator (CKA) or CKAD / CKNS

Red Hat Certified Specialist in Ansible Automation