We are currently looking for a talented Senior Cloud Engineer with expertise in Azure and M365 platforms. Work across multiple clients and are an Australian owned and operated business, Microsoft Partner and a growing Managed Services Provider supplying the likes of Australian Federal Government and commercial clients with services. This role is open to Australian citizens whom are able to hold and maintain a minimum Baseline AGSVA clearance. As an Azure Engineer you will specialise in implementing secure environments, with a focus on ensuring Azure infrastructure is designed, deployed, and managed securely while ensuring compliance with industry-leading security standards. This role requires deep technical expertise in designing, deploying, and securing Azure-based cloud solutions. You will play a key role in designing, implementing, and maintaining cloud infrastructure solutions to meet the evolving needs of our clients. This is an opportunity to work on diverse projects, collaborate with cross functional teams, and contribute to the success of our clients' digital initiatives. Responsibilities: Deploy, and manage Azure cloud environments according to best practices and client requirements. Implement and optimize cloud-based solutions for productivity, collaboration, security, and scalability. Perform migration of on-premises infrastructure and applications to the cloud, ensuring minimal disruption and maximum efficiency. Configure and maintain identity and access management, including Azure Active Directory and single sign-on solutions. Monitor, troubleshoot, and resolve issues related to cloud infrastructure and services, ensuring high availability and performance. Collaborate with stakeholders to gather requirements, provide technical guidance, and deliver customized solutions that align with business objectives. Stay updated on the latest trends and advancements in cloud technology and recommend innovative solutions to enhance our offerings. Requirements: Designing, implementing, and managing Microsoft 365 and Azure cloud environments. Bachelor’s degree in computer science, Information Technology, or related field or experience. Strong understanding of cloud computing concepts, including Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS). Hands-on experience with Microsoft 365 suite, including Exchange Online, SharePoint Online, Teams, and Power Platform. Proficiency in Azure services such as Virtual Machines, Azure Active Directory, Azure Networking, and Azure Storage. Experience with automation tools and scripting languages (e.g., PowerShell) for provisioning and configuration management. Excellent communication skills with the ability to collaborate effectively with internal teams and external clients. Relevant certifications such as Microsoft Certified: Azure Administrator Associate or Microsoft 365 Certified: Modern Desktop Administrator Associate are a plus Key Responsibilities: Azure Architecture Design & Implementation: Design, architect, and implement scalable, secure, and highly available Azure cloud environments with a focus on securing data and infrastructure. Implement Infrastructure as Code (IaC) using Terraform, ARM templates, or Bicep to automate the provisioning of secure environments. Design secure, multi-region Azure environments leveraging Azure Availability Zones and Azure Site Recovery to ensure business continuity and disaster recovery. Identity & Access Management (IAM): Architect and implement Azure Active Directory (AAD) to manage identity and access across Azure environments, ensuring secure authentication and authorization. Deploy and configure Privileged Identity Management (PIM) to manage and monitor privileged access, enforcing Just-in-Time (JIT) access to resources. Implement Conditional Access Policies and Multi-Factor Authentication (MFA) to protect user and application access. Design and implement Identity Federation using Azure AD B2B and B2C for external partner and customer access management. Network Security: Design and implement Azure Virtual Networks (VNets) with Network Security Groups (NSGs), Azure Firewall, and Azure Bastion to protect the environment from unauthorized access. Configure Azure DDoS Protection and Web Application Firewall (WAF) to safeguard against common cyber threats. Implement VPN Gateway and ExpressRoute for secure hybrid connectivity between on-premises infrastructure and Azure, ensuring secure data transfer. Data Protection & Encryption: Architect and deploy secure data storage solutions using Azure Storage and Azure Key Vault to store and manage encryption keys. Design and implement data encryption at rest, in transit, and in use, utilizing Azure native encryption services such as Azure Disk Encryption and Transparent Data Encryption (TDE). Implement Azure Information Protection (AIP) and Azure Rights Management to classify and protect sensitive data within the environment. Monitoring & Threat Detection: Leverage Azure Security Center, Microsoft Sentinel, and Azure Monitor to implement threat detection, logging, and alerting across all layers of the cloud environment. Configure Azure Defender to provide advanced threat protection for workloads, databases, and virtual machines. Use Azure Sentinel for security incident response and monitoring, integrating threat intelligence and automating alert triage processes. Automation & CI/CD Security: Implement DevSecOps pipelines within Azure DevOps or GitHub Actions to integrate security into the development lifecycle. Automate security configurations using Azure Automation and Logic Apps to enforce security policies across resources. Ensure secure deployment of resources by integrating security scanning tools like SonarQube and Aqua Security in CI/CD pipelines. Governance & Compliance Tools: Deploy and configure Azure Policy and Azure Blueprints to enforce organizational security and compliance requirements. Implement Azure Resource Manager (ARM) templates and Blueprints to standardize and automate secure resource configurations across Azure subscriptions. Incident Response & Forensics: Design secure logging strategies using Azure Monitor Logs and Log Analytics to capture security-relevant data for forensic investigations. Configure Azure Sentinel to support proactive threat hunting and to enable security incident investigations with integrated playbooks for incident response. Continuous Security Improvement: Stay current on new Azure features and security tools, continuously updating cloud security designs to take advantage of the latest innovations. Conduct regular vulnerability assessments and penetration testing using Azure Security Center to identify and mitigate risks in the environment. Personal attributes: analytical and decision-making skills problem-solving skills, attention to detail the ability to work independently and within a team excellent verbal and written communication ability to manage multiple tasks in a fast-paced environment leadership and mentoring abilities What is in it for you? involvement in projects with leading-edge technology in a collaborative environment competitive salary and performance-based incentives. Professional development opportunities including training, certification support, and career advancement. diverse and dynamic teams with a supportive and inclusive culture. flexible hours potential for hybrid work once established capability offices in Canberra and Sydney a commitment to People & Culture and new team to drive initiatives the chance to work with a talented and dedicated team . About Us: Digital61 are a Cloud first systems and security integrator that is passionate about ensuring our customers are digitally equipped to provide high quality services to Australians. Our people love working with the latest technology and are excited to collaborate with new starters that share this passion, especially when they can bring a fresh perspective to the way we build solutions for our customers. We are committed to technical development through training, mentoring, and coaching, so regardless of previous technical experience, we strongly encourage you to apply if you have an analytical approach to problem solving and learn best by doing so. We embody these three principles in the solutions and services which we design, deploy, and manage. Simplicity Digital61 meets our customers’ requirements with the simplest, standards-based solutions: simplicity is the key to system management and security. Mobility Digital61 assist business to unlock the inherent mobility embedded in cloud: ensuring mobility is deployed in a secure and stable manner, without disruption to existing processes. Security Digital61 builds security into all services and solutions: providing accredited IRAP assessors (Infosec Registered Assessors Program) and security analysis capability to all managed services. As our clients are primarily government, to be eligible for this role, you will need to be an Australian Citizen who holds a Baseline Australian Security Clearance or have the ability to obtain. Applicants that do not meet this requirement will not be considered.