We're hiring a senior cloud infrastructure engineer for a client engagement migrating a legacy single-server e-commerce stack into a modern, secure, PCI-compliant Azure environment. The client currently runs NopCommerce, SQL Server, IIS, and SFTP all bundled on a single AWS EC2 instance from 2014. This role covers architecture design, hands-on Azure provisioning, and building data pipelines from an on-premises SQL layer (fed by a SaaS ERP) into a cloud data lake.
The client has a strong Azure preference and has already sketched a target architecture — this person will validate, refine, and build that vision, not start from a blank page. This is an end-to-end ownership role: one engineer covering infrastructure, data pipeline, and security/compliance baseline, working closely with a client-side IT director and a separate offshore vendor handling the e-commerce platform upgrade in parallel.
Required Skills
- 5+ years hands-on Microsoft Azure — VNet, Azure SQL, Blob Storage, Azure Monitor, Key Vault, IAM/RBAC
- Infrastructure-as-Code experience (Terraform or ARM/Bicep)
- Azure Data Factory or equivalent ETL/orchestration tool experience — building pipelines from SQL Server sources into a data lake (batch, full + incremental loads)
- Strong SQL Server experience — comfortable reverse-engineering and documenting existing schemas, not just writing queries
- Experience unbundling monolithic server setups into separated compute/database/file-transfer tiers
- PCI DSS exposure — encryption at rest/in transit, network segmentation, access controls, compliance documentation
- Scripting ability (Python, PowerShell, or Bash) for migrating existing automation workflows
- Comfortable working with third-party SaaS integrations in the architecture (e.g., ERP-as-SaaS, tax calculation services, payment processors, EDI/punch-out connectors) — does not need prior exposure to the specific vendors, but must be comfortable mapping and validating integration points
- Familiarity with cloud monitoring/observability tools beyond native cloud offerings (e.g., DataDog) is a plus
- Familiarity with SFTP gateway / managed file transfer products (e.g., Couchdrop, GoAnywhere, JSCAPE) is a plus
- Exposure to CDN/WAF tools (e.g., Cloudflare) is a plus
- Comfortable working alongside an external SOC/security monitoring vendor rather than building security monitoring in-house
Soft Skills
- Able to work independently — this is a single-resource engagement with no second engineer for backup
- Strong documentation discipline — architecture decision records, runbooks, and a phased migration roadmap are explicit deliverables
- Comfortable reviewing and giving an independent opinion on another vendor's architecture proposal
- Clear communicator — will participate in weekly client syncs and needs to translate technical tradeoffs for a non-technical-leaning IT director
Pay: ₹395,088.73 - ₹1,554,748.38 per year
Work Location: In person