2 months
01/10/2024 - 27/12/2024 Brussels, Belgium
Requirements
Roles
  • Devops - Cloud Engineer Senior
Languages
  • Dutch Native or bilingual proficiency
  • French Native or bilingual proficiency
  • English Full professional proficiency
Skills
  • Azure Expert
  • DNS Intermediate
  • Cyber Security Nice to have
  • SSL Advanced
  • Terraform Advanced
  • Security Expertise Intermediate
  • Agile Beginner
  • Firewall Intermediate
  • VPN Advanced
  • Gitlab Advanced
  • Azure DevOps Expert
Description

IMPORTANT INFORMATION 

(An identified breach will result in an immediate removal from the distribution list) 

  1. Only applications that meet exactly the BNB’s selection criteria (skills, work experience, language skills and availability) can be proposed. 

  2. Make sure that the proposed candidate name is written correctly, and that his/her name is the same as mentioned on its official identification document (ID). 

If your candidate is selected for a contract, you will be asked to provide us with a copy of their ID card, an ID picture and the postal address of the candidate. 

————————————————————————————– 

The National Bank of Belgium is an institution that works towards the stability of the financial system and the reliability of the institutions operating within it. The National Bank contributes to creating a climate of confidence conducive to the well-being of all. 

Its missions: 

  • Maintain price stability in the Eurosystem 

  • Oversee the Belgian financial system 

  • Ensure the security of banknotes and the efficiency of payment systems 

  • Provide economic and financial data and analyses 

————————————————————————————– 

Migrate the Security Operation Centre applications from the on-premise dedicated SOC infrastructure to the NBB Azure tenant.

During the mission, the person will be working closely with the SOC engineers and a Security architect to design and deploy the needed Azure infrastructure via the NBB Infrastructure as Code process based on Terraform and GitLab.

 

The mission can be completed with up to 50% of the work done remotely, with a preference for on-site work on Fridays.

 

This is a list of the different tasks that the Azure DevOps engineer will take part in:

 

1. Designing Azure Solutions

  • Assess Requirements: Work with stakeholders to understand business and technical requirements.
  • Solution Architecture: Design scalable, secure, and cost-effective cloud solutions using Azure services.
  • Infrastructure Design: Develop architecture for cloud networks, storage solutions, and computing environments.

2. Implementation & Deployment

  • Set Up Cloud Infrastructure: Request Virtual Machines (VMs), storage, and networking.
  • Migrate Workloads: Plan and execute migration of on-premises infrastructure to Azure.
  • Automate Deployments: Use Infrastructure as Code (IaC) tools (Terraform).
  • Implement CI/CD Pipelines: Set up continuous integration and continuous delivery pipelines using GitLab.

3. Monitoring & Management

  • Monitoring & Alerting: Set up monitoring, logging, and alerting through Azure Monitor, Azure Log Analytics.
  • Backup & Disaster Recovery: Request to implement an Azure Backup strategy to backup the SOC infrastructure. Check with the infrastructure team how Azure Site Recovery can help for business continuity.
  • Security Management: Use the internal process to request to configure and manage security features like Azure Active Directory, role-based access control (RBAC), and network security groups (NSGs).

4. Cost Management & Optimization

  • Cost Optimization: Monitor Azure costs and make recommendations for reducing expenses by using reserved instances, spot VMs, or optimizing workloads.
  • Resource Tagging: Use the resource tagging policies to track resource usage by SOC applications.

5. Security and Compliance

  • Identity & Access Management: Request via internal processes the creation of users, groups, and permissions through Azure Active Directory (AD) and Azure RBAC.
  • Network Security: Set up, in collaboration with the Network team, secure virtual networks, subnets, firewalls, and VPNs.
  • Compliance: Ensure that the Azure infrastructure complies with industry-specific regulations (e.g., GDPR, HIPAA).

6. Performance Optimization

  • Load Balancing: Colaborate to implement load balancing, and traffic management solutions for high availability and fault tolerance.
  • Performance Tuning: Optimize Azure services (e.g., VMs, databases) for better performance.

7. Troubleshooting & Support

  • Issue Resolution: Diagnose and resolve technical issues, whether in networking, compute, storage, or identity.
  • Customer Support: Provide support to development teams and clients to resolve SOC Azure-related issues.
  • Incident Response: Respond to security or performance incidents by identifying root causes and implementing solutions.

8. Documentation & Knowledge Sharing

  • Technical Documentation: Create and maintain comprehensive documentation for the Azure infrastructure and services.
  • Training & Support: Provide training to internal teams and assist with onboarding to Azure services.

9. Upgrading & Patching

  • Patch Management: Collaborate with the patching team to apply necessary updates and security patches to Azure resources.
  • Upgrade Services: Monitor Azure services and ensure they are using the latest versions to avoid deprecation.

10. Research and Innovation

  • Stay Updated: Keep up with the latest Azure services and updates to leverage new features and optimize solutions.

Propose Enhancements: Continuously explore ways to improve infrastructure, workflows, and security practices using new Azure features.

—————————————————————————————————————————————————————————

ProUnity/Staffing MS is the single point of contact (SPOC) for this mission. 

If you have any questions, please contact Charlotte Dejonckheere, Client Satisfaction Manager, by e-mail at charlotte.dejonckheere@pro-unity.com.