Microsoft Azure Engineer

Who We Are

At Kyndryl, we run and reimagine the mission-critical technology systems that drive advantage for the world’s leading businesses.  We are at the heart of progress; with proven expertise and a continuous flow of AI-powered insight, enabling smarter decisions, faster innovation, and a lasting competitive edge. For our people—Kyndryls—that means doing purposeful work that powers human progress. Join us and experience a flexible, supportive environment where your well-being is prioritized and your potential can thrive.

The Role

We are looking for a hands-on Microsoft Azure Engineer to design, build, and operate secure, scalable Azure environments. You will play a key role in establishing and evolving Azure Cloud Landing Zones, enabling DevOps and CI/CD, delivering Infrastructure as Code (IaC), executing cloud migrations, and implementing strong security and governance controls across the platform.

This role suits someone who enjoys building repeatable cloud foundations, automating everything possible, and partnering with application, infrastructure, and security teams to modernize workloads safely and efficiently.

• Design and implement Azure Cloud Landing Zones aligned to the Microsoft Cloud Adoption Framework (CAF) and enterprise best practices.

• Build and manage core platform components, including:

  • Management groups, subscriptions, and resource organization

  • Standardized networking (hub-spoke or vWAN patterns), DNS, routing, and segmentation

  • Identity integration (Microsoft Entra ID), RBAC, and privileged access approaches

• Implement and maintain governance guardrails using Azure Policy/Initiatives, management group hierarchy, tagging standards, and compliance baselines.

• Define standard patterns for workload onboarding, including subscription vending, baseline monitoring, and security controls.

• Build and maintain CI/CD pipelines and automation workflows using Azure DevOps and/or GitHub Actions.

• Enable “platform as a product” capabilities, providing reusable templates and self-service provisioning for engineering teams.

• Automate operational tasks using PowerShell, Azure CLI, Bash, or Python.

• Implement Git-based practices (branching strategy, code reviews, approvals, release management) to support safe, auditable deployments.

• Develop and maintain infrastructure using Terraform and/or Bicep (ARM) with modular, reusable design.

• Implement policy-as-code, configuration standards, and environment promotion strategies (dev/test/prod).

• Create and manage secure state handling, secrets management, and pipeline-integrated validations (linting, security scanning, drift detection).

• Document and version IaC modules to accelerate delivery and reduce operational risk.

• Plan and execute migrations using tools such as Azure Migrate, Azure Site Recovery, and other migration frameworks.

• Support migration strategies including rehost, re-platform, refactor, retire, retain.

• Coordinate with application owners to migrate workloads such as:

  • Virtual machines and VM estates

  • Databases (using Azure Database Migration Service, where applicable)

  • Web apps and APIs (App Service, container platforms, AKS)

• Establish cutover plans, rollback strategies, and post-migration stabilization processes.

• Implement cloud security best practices across identity, network, data, and platform layers:

  • Microsoft Defender for Cloud recommendations and secure score improvements

  • Network security controls: NSGs, Azure Firewall, WAF, DDoS, Private Link/Private Endpoints

  • Secrets and key management using Azure Key Vault and managed identities

  • Logging/monitoring security integration using Azure Monitor, Log Analytics, and optionally Microsoft Sentinel

• Partner with security stakeholders to enforce security standards and support audits/compliance requirements (e.g., CIS guidance, internal baselines).

Who You Are

• Strong hands-on experience engineering solutions in Microsoft Azure (typically 3+ years Azure-focused, depending on level).

• Demonstrated experience implementing or operating Azure Landing Zones / enterprise Azure foundations.

• Strong IaC experience with Terraform and/or Bicep/ARM (modules, standards, environments, pipelines).

• Solid DevOps experience building CI/CD workflows using Azure DevOps and/or GitHub Actions.

• Migration experience supporting cloud adoption and workload transitions to Azure.

• Working knowledge of core Azure services, including:

  • Azure Networking (VNets, peering, routing, DNS, Private Endpoints)

  • Identity & Access (Entra ID, RBAC, PIM concepts)

  • Compute and platform services (VMs, App Service, Storage, AKS basics)

  • Monitoring (Azure Monitor, Log Analytics)

• Scripting and automation skills with PowerShell, Azure CLI, Bash, and/or Python.

• Ability to write clear documentation and collaborate across engineering, infrastructure, and security teams.

• Experience with the Azure CAF methodology and enterprise-scale architecture patterns.

• Strong background in cloud security architecture and operations, including:

  • Defender for Cloud, Sentinel, vulnerability management, secure workload patterns

• Experience with Kubernetes/containers (AKS, ACR, container security concepts).

• Knowledge of FinOps practices (cost allocation, tagging policies, budgets, optimization).

• Experience with hybrid connectivity and enterprise networking: ExpressRoute, VPN Gateway, vWAN.

• Familiarity with SRE/operational best practices (SLIs/SLOs, error budgets, postmortems).

• AZ-104 (Azure Administrator)

• AZ-305 (Azure Solutions Architect)

• AZ-400 (DevOps Engineer)

• Security: SC-100 / SC-200 (or equivalent experience)

• Terraform certification (HashiCorp) is a plus

• Azure: Landing Zones, Policy, Management Groups, Networking, Key Vault, Monitor, Defender for Cloud

• IaC: Terraform, Bicep/ARM (Pulumi optional)

• DevOps: Azure DevOps, GitHub Actions, Git, CI/CD

• Scripting: PowerShell, Azure CLI, Bash, Python

• Security: RBAC, PIM concepts, Private Link, Firewall/WAF, logging/SIEM patterns

• Migration: Azure Migrate, ASR, DMS (as applicable)

Salary: $114,740- $ 164,740

The above represents Kyndryl’s pay range for this role.
Salaries will vary based on factors such as location, skills, experience, education, and qualifications for the role.  The range provided reflects the target compensation range for the position at the time of posting.  Kyndryl’s total compensation package will vary based on the pay type of the position and may include performance-based incentives, discretionary bonuses, as well as other perks and rewards.

Being You

The “Kyn” in Kyndryl means kinship, which represents the strong bonds we have with each other, our customers and our communities. We focus on ensuring all Kyndryls feel included and we welcome people of all cultures, backgrounds, and experiences. Even if you don’t meet every requirement, we encourage you to apply. We believe in growth, and we’re excited to see what you can bring. At Kyndryl, employee feedback has told us that our number one driver of employee engagement is belonging. That sense of belonging — being a valued, respected, trusted member of the team — is fundamental to our culture and fueling great experiences for our customers. This dedication to welcoming everyone into our company means that Kyndryl gives you the ability to thrive and contribute to our culture of empathy and shared success. That’s The Kyndryl Way.

What You Can Expect

Your career with us isn’t just a job—it’s an adventure with purpose.  We offer a dynamic, hybrid-friendly culture that supports your well-being and empowers you to grow. Our Be Well programs are thoughtfully designed to support your financial, mental, physical, and social health—because we know that when you feel your best, you do your best.
From your very first day, you’ll dive into impactful work that powers the systems our customers rely on every day. You won’t just contribute—you’ll make a difference, tackling meaningful projects that sharpen your skills and fuel your growth.
We’re here to champion your journey. With powerful tools to chart your career path, personalized development goals aligned with your ambitions, and continuous feedback to keep you inspired and on track, you’ll have everything you need to thrive and evolve. You’ll develop in-demand skills to grow your career and achieve your ambitions with access to cutting-edge learning opportunities—from certifications with Microsoft, Google, and Amazon to coaching and hands-on experiences. And through it all, you’ll be part of a culture that values empathy, restless learning, and a devotion to shared success.
We want you to thrive here—and we’re committed to helping you do just that. Ready to make an impact? Join us and help shape what’s next.

Get Referred!

If you know someone that works at Kyndryl, when asked ‘How Did You Hear About Us’ during the application process, select ‘Employee Referral’ and enter your contact's Kyndryl email address.