Ascent is seeking a Sr Azure Cloud Engineer - Data to lead the design and implementation of enterprise-grade data protection and encryption across the entire platform, including TDE, Always Encrypted, Dynamic Data Masking and row-level encryption. The successful candidate will also be responsible for defining reference architectures for OLTP/OLAP, HA/DR, capacity planning, multi-region resilience, and data lifecycle, and leading end-to-end tuning, workload baselining, indexing strategies, query plans, parameter sniffing, concurrency, and storage I/O optimization.
Requirements
- Define reference architectures for OLTP/OLAP, HA/DR (AGs, clustering), capacity planning, multi-region resilience, and data lifecycle (backup/restore/RPO/RTO).
- Build and operate SQL on Azure SQL/MI, Azure SQL/VM, Azure SQL DB, AWS RDS (SQL Server), GCP Cloud SQL, plus hybrid SQL Server; Integrate with Synapse/Databricks/Snowflake where appropriate.
- Lead end-to-end tuning, workload baselining, indexing strategies, query plans, parameter sniffing, concurrency, and storage I/O optimization.
- Own SLOs/SLIs, patching, upgrades, schema changes, release orchestration, and incident response/on-call for critical systems.
- Enforce least-privilege access via Azure AD, RBAC, Private Link, VNet integration, and managed identities.
- Implement and own enterprise-grade data protection and encryption across the entire platform, including TDE, Always Encrypted, Dynamic Data Masking and row-level encryption.
- Design, implement, and maintain comprehensive SQL monitoring, including Azure Monitor, Database diagnostic settings, Query Store DMVs/DMFs at scale, and alerts on DTU/Vcores
- Proactive Data Backup Solutions for mission-critical availability & resiliency
- Implement Always on Availability Groups (multi-subnet, read-scale, hybrid Azure/on-prem) with Failover automation, quorum design, and regular DR drills
- Implement RBAC, encryption, secrets, masking, and audit trails, align with change management and regulatory needs, and drive posture reviews.
- Participate as a member of the off-hours on-call data support team.
- Standardize IaC (Terraform/Bicep/CloudFormation), DB DevOps (Flyway/Liquibase), and CI/CD for schema migrations; codify runbooks and self-service.
- Translate business goals into platform roadmaps, lead design reviews, and provide executive-ready status on risk, capacity, and cost.
- Technically lead and mentor IT data engineers/DBAs.
- Lead SQL performance reviews, DB performance reviews, and ensure proper security connectivity and governance over the Azure managed instance ecosystem.
- Evaluate tools, manage SOWs/licensing, and optimize cloud/database spend (rightsizing, storage tiers, reserved capacity).
Benefits
- 401(k) and employer matching
- Life Insurance
- Health, Dental, Vision Insurance
- Short- & Long-Term Disability
- Paid Time Off (PTO)
- Employee Assistance Program
- Paid Parental Leave
- Employee Wellness Program
- Paid Holidays
- Employee Recognition Programs
- Flexible Spending Account (FSA)
- Tuition Reimbursement
- Health Savings Account (HSA)
- Overtime, Differential & Bonus Pay
