Senior Support Engineer – Azure(L2)

Role Summary

Provide L2 support for Microsoft Azure across compute, networking, storage, identity (Azure platform side), backup and disaster recovery, and cloud security. As the senior engineer across managed subscriptions, you drive incident resolution, execute infrastructure changes, enforce cloud security posture, and lead root-cause analysis for platform disruptions.

Key Responsibilities

Compute, Networking & Storage

•    Perform advanced troubleshooting of Azure VMs, VM Scale Sets, Availability Sets, and managed disks.

•    Configure and troubleshoot VNets, subnets, NSGs, route tables, Azure Firewall, VPN, and ExpressRoute connectivity.

•    Manage Azure Storage (Blob, File, Queue), lifecycle policies, private endpoints, and SAS.

•    Troubleshoot hybrid connectivity between on-premises networks and Azure.

Identity & Access (Azure Platform)

•    Design and implement Azure RBAC — custom roles, scope boundaries, and least-privilege reviews.

•    Administer Entra ID from the platform angle: PIM, GDAP, managed identities, and service principals.

•    Configure federation, hybrid identity, and Conditional Access as it applies to Azure resources.

Security & Governance

•    Enforce security policies via Defender for Cloud and Azure Policy (assignments, initiatives, remediation).

•    Investigate and respond to Azure security alerts; drive triage through to closure.

•    Manage Key Vault, certificates, and secrets rotation.

Backup, DR & Resilience

•    Design and implement Azure Backup and Azure Site Recovery configurations.

•    Validate backup integrity, run recovery drills, and document RPO/RTO attainment.

•    Operate within CAB for DR test windows.

Monitoring & Automation

•    Configure Azure Monitor, Log Analytics workspaces, KQL-based alert rules, and action groups.

•    Build and maintain dashboards; tune alert thresholds to reduce noise.

•    Automate operational tasks via PowerShell, Azure CLI, ARM/Bicep, or Terraform.

Support Operations

•    Own P2 and P3 Azure-related tickets escalated from L1/L1.5; meet response and resolution SLAs.

•    Prepare RFCs with impact assessment, rollback plan, and validation steps; execute via CAB.

•    Lead Post-Incident Reviews and root-cause analysis on Azure service disruptions.

•    Engage Microsoft support for platform-level issues; drive premier/professional cases to resolution.

•    Author and maintain Azure runbooks, SOPs, and KB articles.

•    Mentor L1 engineers on Azure fundamentals; run monthly knowledge-sharing sessions.

•    Generate Azure cost, security, and operational reports for clients.

Required Skills & Experience

•    Bachelor's degree in IT, Computer Science, or related field (or equivalent experience).

•    5+ years hands-on Azure administration and L2 support in an MSSP/MSP/managed services environment.

•    Deep working knowledge of Azure compute, networking, storage, Entra ID, RBAC, Monitor, Backup, and Defender for Cloud.

•    Strong PowerShell and Azure CLI scripting; IaC exposure (ARM/Bicep or Terraform) preferred.

•    KQL proficiency for Log Analytics and security investigations.

•    Solid networking fundamentals – VNET, NSG, DNS, routing, firewalls, VPN, and hybrid topologies.

•    ITIL-aligned ticketing discipline, change management, RFC authoring, and PIR participation.

•    Clear written and verbal communication with client IT contacts.

Preferred Certifications

Certification

Detail

AZ-104

Azure Administrator Associate — Must have

AZ-500

Azure Security Engineer Associate

AZ-700

Azure Network Engineer Associate

ITIL Foundation

Service management fundamentals

Shared role attributes:

• Onsite 5 days/week, shift-based coverage as required, on-call participation for P1/P2 escalations, and contribution to the continuous-improvement and automation backlog.