Application Developer II

Title: Application Developer II Location: Remote Duration: 06 MonthsDescription: We're seeking a Senior DevOps Engineer (Azure) to design, build, and operate secure, scalable CI/CD and platform automation for City of Hope's cloud workloads-spanning research, clinical, and enterprise domains. You will be a technical leader driving best practices across Azure, Azure DevOps, and GitHub, enabling product and data teams to deliver safely and quickly. A key focus will be supporting HopeLLM, our strategic AI initiative, ensuring robust MLOps, environment automation, and secure platform foundations aligned to healthcare compliance (HIPAA/HITRUST). You will partner closely with Security, Networking, Data/AI, and Application teams, and mentor engineers while contributing hands-on to our infrastructure-as-code and automation ecosystems. Key Responsibilities Platform Engineering & IaC Architect, implement, and maintain Azure landing zones and foundational services using Infrastructure as Code (Bicep/Terraform/ARM) and GitOps patterns. Standardize environment provisioning, configuration, and policies with Azure Policy, Blueprints, Managed Identities, and Key Vault. CI/CD & Developer Productivity Own and optimize Azure DevOps and GitHub ecosystems: Pipelines/Actions, Repos, Packages/Artifacts, Environments, and protected branch strategies. Build reusable pipeline templates, task libraries, and golden paths for app, data, and ML teams (multi-stage YAML, environment approvals, gating, quality signals). MLOps for HopeLLM Implement secure, compliant MLOps workflows integrating Azure Machine Learning, AKS/ACI, Azure OpenAI (or compatible LLM services), Model Registry, and feature stores. Support reproducible training/inference pipelines, dataset versioning, model promotion, and observability (drift, latency, quality metrics). Observability, SRE & Reliability Establish SLOs/SLIs and implement end-to-end telemetry with Azure Monitor, Log Analytics, Application Insights, Dynatrace/Datadog (as applicable). Drive incident response, blameless postmortems, runbooks, and reliability engineering improvements (resiliency testing, autoscaling, chaos experiments). Security & Compliance Embed security-by-design: DevSecOps scanning (SAST/DAST/Secrets/Container), supply chain integrity, SBOM, and policy-as-code (e.g., OPA/Conftest). Ensure HIPAA-aligned controls across pipelines, secrets, networking (Private Link, VNET integration), data governance, and auditability. Cost & Performance Optimization Implement tagging strategies, budgets/alerts, rightsizing, and workload optimization for Azure services (compute, storage, networking, AI/ML). Collaboration & Leadership Mentor engineers, review designs/PRs, and advocate best practices, documentation, and knowledge sharing. Partner with Infrastructure Services Manager to shape roadmaps, standards, and vendor/tool evaluations. Required Qualifications 7+ years in DevOps/SRE/Platform Engineering with at least 4+ years focused on Microsoft Azure. Expert with Azure DevOps (Repos, Pipelines, Artifacts) and GitHub (Actions, Advanced Security, Packages, Environments). Strong IaC experience: Terraform and/or Bicep; modular design, remote state, and policy integration. Proficiency with scripting/automation (PowerShell, Python, Bash) and YAML-based pipelines. Containerization & orchestration: Docker, AKS (or Kubernetes equivalents), image registries, and admission controls. Observability in Azure: Azure Monitor, Log Analytics, App Insights, alerting & dashboards. Proven track record implementing DevSecOps (SAST/DAST/Secrets scanning, IaC scanning, dependency management, SBOM). Understanding of healthcare compliance and security (e.g., HIPAA, HITRUST, PHI handling) or other regulated environments. Excellent communication, documentation, and cross-functional collaboration skills. Preferred Qualifications Experience supporting LLM/AI platforms (e.g., Azure ML, Azure OpenAI, model registries, feature stores, vector databases, Prompt/Guardrails). GitOps tools (e.g., Argo CD, Flux), policy-as-code (OPA/Conftest, Azure Policy). Networking in Azure: Hub/Spoke, Private Link, WAF, Application Gateway, Firewall, ExpressRoute/VPN, DNS, and certificate automation. Secret management at scale (Key Vault, managed identities, workload identities). Security frameworks and supply chain: GitHub Advanced Security, Dependabot, CodeQL, Defender for Cloud, Notary/COSIGN. Data platform familiarity (Databricks, Synapse, Purview) or eventing (Event Hubs, Service Bus, Kafka). Certifications: AZ400, AZ104/AZ305, CKA/CKAD, SC100/200, DP100 (nice to have).

Created: 2026-03-04