Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
Axos Bank

Senior Systems Engineer – Azure

Axos Bank

Sr. Azure Engineer managing Azure infrastructure and security at Axos Bank.

Posted 6/24/2026full-timeSan Diego • California, Colorado, New York • 🇺🇸 United StatesSenior💰 $120,000 - $150,000 per yearWebsite

Tech Stack

Tools & technologies
AzureCloudPythonServiceNow

About the role

Key responsibilities & impact
  • Azure Infrastructure Design, deploy, and maintain Azure subscription architecture including management groups, resource groups, and naming and tagging governance across all subscriptions
  • Own and administer Azure Virtual Network topology including hub-spoke design, VNets, subnets, NSGs, route tables, and VNet peering aligned to bank security requirements
  • Manage IaaS and PaaS resource lifecycle — provisioning, scaling, monitoring, and decommission — with full change management documentation in ServiceNow
  • Maintain the documented baseline state of the Azure environment; identify and remediate configuration drift from established standards on a defined cycle
  • Serve as the primary technical owner for Azure-dependent infrastructure projects including AXOS Private Cloud and data lake infrastructure initiatives
  • Administer and maintain Entra ID (Azure Active Directory) tenancy health — user lifecycle, group management, application registrations, and service principal governance
  • Design, implement, and maintain Conditional Access policies, named locations, sign-in risk policies, and MFA enforcement in alignment with bank security policy and FFIEC guidance
  • Manage Privileged Identity Management (PIM) including role activation policy, access reviews for privileged accounts, and just-in-time access configuration
  • Monitor and maintain Azure AD Connect synchronization health; resolve sync conflicts; coordinate with the Sr. Architect on hybrid identity topology changes
  • Coordinate with the Intune/GPO/Entra sub-team on endpoint compliance integration with Conditional Access and device-based authentication requirements
  • Conduct and document semi-annual Azure RBAC assignment reviews and deliver findings to the Audit and Compliance Engineer
  • Own Defender for Cloud operational posture — monitor, prioritize, and drive hands-on remediation of high and critical recommendations, not dashboard observation alone
  • Manage Azure Policy assignments for baseline compliance enforcement; author and test policy definitions as bank requirements evolve
  • Design and maintain RBAC assignments across Azure resources in alignment with least-privilege principles; document all role assignments with business justification
  • Produce quarterly Azure security posture reports for the Audit and Compliance Engineer; provide documentation sufficient to satisfy KPMG audit requests related to Azure infrastructure and identity
  • Participate as the Azure technical SME in KPMG audit preparation and response
  • Maintain working knowledge of FFIEC IT examination guidance and align Azure governance practices accordingly
  • Own Azure Cost Management analysis, reporting, budget alert configuration, and anomaly detection across all Azure subscriptions
  • Enforce tagging policy compliance; identify and remediate untagged or incorrectly tagged resources on a defined cycle
  • Provide monthly cost forecasting and variance analysis to the Sr. IT Manager — communicate material spend changes before they appear in billing, not after
  • Identify and recommend cost optimization opportunities including right-sizing, reserved instance analysis, and elimination of unused resources
  • Develop and maintain Azure Automation runbooks and PowerShell/Python scripts for operational task automation; prioritize progressive elimination of manual repetitive processes
  • Configure and maintain Azure Monitor alerts, Log Analytics workspaces, and operational dashboards for infrastructure health and performance visibility
  • Author and maintain runbook documentation for all operational procedures within the Azure domain — sufficient for another senior engineer to execute independently
  • Participate in quarterly cross-team cross-training; contribute at least one procedural training session per cycle
  • Serve as primary backup to the Sr. Engineer and Technology Architect for Azure decisions, architecture reviews, and cross-domain escalation during periods of unavailability
  • Partner with the Sr. Engineer and Technology Architect on changes to hybrid identity topology, Entra tenant configuration, and Azure AD Connect sync rules — this is a genuine peer relationship with shared architectural ownership, not a sign-off chain
  • Contribute to architectural discussions, design reviews, and platform standards development as a senior technical voice on the Microsoft Operations team
  • Participate in the weekly leads synchronization meeting and contribute Azure platform status, blockers, and capacity to the standing agenda
  • Complete ServiceNow change requests for all Standard, Normal, and Emergency changes including full description, rollback plan, and approval routing per change management policy

Requirements

What you’ll need
  • Bachelor's degree in Computer Science, Information Technology, Information Systems, or a directly related field; OR equivalent combination of education and verifiable professional experience
  • 7+ years of hands-on, production-environment experience administering and engineering Microsoft Azure infrastructure and Microsoft identity technologies
  • 5+ years administering Active Directory Domain Services in a multi-domain enterprise environment — Group Policy, OU structure, trust relationships, and schema-level understanding
  • 4+ years with Entra ID (Azure Active Directory) including Conditional Access policy authoring, PIM configuration, and Azure AD Connect sync administration in a hybrid identity environment
  • 3+ years of experience in a federally regulated industry — banking, financial services, healthcare, or government — with direct exposure to audit processes, change management requirements, and compliance documentation
  • Demonstrated experience designing and maintaining Azure Virtual Network topology — hub-spoke architecture, NSG management, and on-premises connectivity
  • Demonstrated experience with Defender for Cloud and Azure Policy including hands-on security recommendation remediation — not limited to monitoring
  • Demonstrated experience with Azure Cost Management including budget configuration, cost anomaly detection, and spend forecasting across multiple subscriptions
  • Proficiency in PowerShell scripting for Azure and Active Directory automation — scripts that are maintainable and executable by other engineers
  • Required Certification Microsoft Certified: Azure Administrator Associate (AZ-104)

Benefits

Comp & perks
  • Medical, Dental, Vision, and Life Insurance
  • Paid Sick Leave, 3 weeks’ Vacation, and Holidays (about 11 a year)
  • HSA or FSA account and other voluntary benefits
  • 401(k) Retirement Saving Plan with Employer Match Program and 529 Savings Plan
  • Employee Mortgage Loan Program and free access to an Axos Bank Account with Self-Directed Trading

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
Azure Infrastructure DesignAzure Virtual NetworkIaaSPaaSAzure Active DirectoryConditional AccessPrivileged Identity ManagementAzure PolicyAzure Cost ManagementPowerShell
Soft Skills
communicationcollaborationproblem-solvingdocumentationtraining
Certifications
Microsoft Certified: Azure Administrator Associate (AZ-104)