[Remote] Sr. DevOps Engineer (DevOps Engineer IV) - REMOTE
Note: The job is a remote job and is open to candidates in USA. Net Health is a leading-edge SaaS company in healthcare, focused on delivering solutions that enhance patient care. They are seeking a Senior DevOps Engineer who will develop reusable patterns and automation for secure and compliant architectures, while collaborating with various teams to enhance platform capabilities.ResponsibilitiesDevelop reusable reference architectures and patterns for compute and storage; implement networking, identity, and security within standards set by the Network, Identity, and Security teamsDesign patterns for resilient data and service backends (Azure SQL, SQL Managed Instance, Storage, Redis Cache, Service Bus, Event Grid); develop and validate DR patterns against defined RTO/RPO targetsDevelop patterns for secrets, identity, and configuration management (Key Vault, managed identities, federated credentials, Entra workload identity) aligned with Zero Trust and Security standardsDevelop and maintain networking patterns (hub/spoke, Private Endpoint/Link, DNS forwarder topology, NSG and route-table patterns) that realize the architecture the Network team ownsOwn Azure landing zone and subscription governance patterns: management group hierarchy, Azure Policy initiatives, cost guardrails, and role-separation models defined with Security and Zero TrustDefine and own the GitOps and continuous delivery strategy: policy gates, approval workflows, environment promotion logic, and automated rollback across platform pipelinesServe as the authoritative Terraform practitioner: versioned module libraries, policy-as-code enforcement, drift detection, and CI-integrated plan/apply with full audit trailsOwn the Azure DevOps multi-stage YAML pipeline standards for infrastructure deployment that all teams build fromBuild and maintain platform automation tooling in PowerShell and Azure CLI: self-service infrastructure templates, golden images, and operational tooling that reduce manual toilOwn the patterns and platform for container and application hosting (Container Apps, App Service, Function Apps); implement networking integration, registry governance (ACR), identity federation, and security controls per Network, Identity, and Security team standardsDefine deployment patterns, scaling strategies, and troubleshooting runbooks for container workloads; drive reliability and operational maturity across hosted application surfacesDevelop platform observability patterns and tooling (Log Analytics, Application Insights, Azure Monitor); implement alerting standards and the SLO framework owned by the Reliability teamImplement platform security guardrails as Azure Policy patterns, enforcing the standards and least-privilege models owned by Security and Zero Trust; detect and remediate policy drift before it becomes riskImplement platform patterns that satisfy SOC 2, HIPAA, and HITRUST control requirements; produce audit-ready evidence for the platform layerContribute to cost management: right-size compute and storage, tune autoscale and VMSS profiles, optimize reservation and spot usage, and deliver dashboards and forecasts that inform decisionsIdentify and drive cost-reduction initiatives (caching, CDN, data lifecycle, build-farm efficiency); track realized savings and communicate ROI to engineering and finance stakeholdersOwn quality and discoverability of the platform documentation ecosystem; author ADRs, pipeline standards, and runbooks that become the trusted reference for engineering teamsDrive adoption of the internal platform catalog; contribute reusable, versioned Terraform modules and patterns that eliminate one-off solutionsSkillsBachelor's degree in Computer Science, Software Engineering, Information Technology, or a related field — or equivalent professional experience if you don't have a degree10+ years hands-on Azure platform engineering in multi-subscription enterprise environments, with a track record of reusable patterns and platform decisions adopted across teamsDeep Azure expertise across compute (VMSS, Container Apps, App Service), networking (VNet, Private Link, App Gateway, Front Door, DNS), data (SQL MI, Azure SQL, Storage), and identity (Entra ID, Managed Identity, RBAC)Terraform mastery at org scale: advanced state strategy, reusable versioned module libraries, policy-as-code enforcement, automated drift detection, and CI-integrated plan/apply with change controlsAzure DevOps pipeline proficiency: multi-stage YAML design, approval and environment governance, and progressive delivery patterns applied to infrastructure deploymentsAdvanced PowerShell automation with delivery of reusable platform tooling; Azure CLI proficiency in production automation and pipeline contextsDeep networking expertise (VNets, routing, DNS, load balancing, private endpoints) to implement hub/spoke and zero-trust segmentation patterns in productionExperience implementing compliant platform patterns under SOC 2, HIPAA, and HITRUST, including producing audit-ready evidence and supporting remediation of findingsKnowledge of Azure landing zone design, management group hierarchy, Azure Policy, and subscription governance at enterprise scaleFamiliarity with event-driven and messaging patterns (Service Bus, Event Grid, Storage Queues) in resilient, decoupled platform architecturesExperience with Azure AI platform services (Azure OpenAI Service, Azure AI Foundry) and patterns for AI workload deploymentBenefitsWork-from-anywhere environmentUnlimited PTOWorld-Class Benefits That Reflect Our World-Class