📌 Role

Expert in DevSecOps – Microsoft Fabric / Azure

We are supporting a major European institution in strengthening and automating its HR Data & Analytics ecosystem, with a strong focus on Microsoft Fabric, Azure DevOps, security-by-design, and governance-driven data operations.

We are currently looking for an Expert in DevSecOps to design, implement, secure, and automate CI/CD pipelines, data workflows, and cloud infrastructure supporting the HR Data Governance team. This role is central to ensuring secure deployments, network isolation, identity governance, and compliance enforcement across a large-scale, multi-team, multi-environment data platform.

🎯 About the Role

In this position, you will play a key role in the intersection of DevOps, security, data engineering, and cloud governance, supporting the evolution of the Microsoft Fabric ecosystem used across the HR domain.

You will design and operate CI/CD pipelines, enforce security guardrails, automate infrastructure provisioning, and ensure network isolation and identity compliance. You will collaborate closely with data architects, security teams, and governance stakeholders to ensure that all Fabric workspaces, capacities, and data flows are deployed securely, consistently, and in alignment with Commission standards.

The role combines hands-on engineering with security orchestration, policy enforcement, network governance, and DevSecOps automation.

📋 Responsibilities

• Build and manage end‑to‑end CI/CD pipelines (Azure DevOps / GitHub Actions) for deploying Fabric workspaces, notebooks, data models, and configurations

• Implement security scanning (SAST/SCA), secret management, and compliance validation within CI/CD workflows

• Configure and maintain private network connectivity, including Private Endpoints and VNET injection, ensuring Fabric traffic never traverses the public internet

• Automate infrastructure provisioning using Terraform, Bicep, ARM templates, and Azure CLI

• Deploy and manage API Gateways and Reverse Proxies to secure access to data APIs

• Implement identity and access governance using Microsoft Entra ID (RBAC, managed identities, service principals, conditional access)

• Configure monitoring and observability using Azure Monitor and Log Analytics (cost, performance, security events)

• Implement data security controls, including RLS/OLS, Purview classification, and secure workspace configurations

• Integrate Microsoft Fabric REST APIs into automation workflows for workspace administration

• Enforce Policy-as-Code using Azure Policy to ensure compliance across cloud resources

• Support risk assessments, audits, and compliance reviews

• Produce and maintain technical documentation, deployment guides, and governance procedures

• Collaborate with data architects, security teams, and governance stakeholders to ensure alignment with HR Data Strategy

• Participate in multilingual meetings and contribute to cross-team coordination

• Ensure secure handling of sensitive HR data in compliance with EU security standards

🎯 Mandatory Requirements

🎓 Education

• Master’s degree (EQF Level 7) or equivalent experience

Mandatory Certification

• AZ‑400 – Microsoft Certified: DevOps Engineer Expert

⭐ Nice to Have / Preferred Certifications

• AZ‑500 – Microsoft Azure Security Technologies

• AZ‑700 – Microsoft Azure Network Engineer Associate

• DP‑600 – Fabric Analytics Engineer Associate

🧠 Professional Experience & Expertise

• Strong experience in DevOps / DevSecOps in enterprise environments

• Proven experience building CI/CD pipelines (Azure DevOps or GitHub Actions)

• Experience with Microsoft Azure, including networking, identity, governance, and security

• Hands-on experience with Infrastructure-as-Code (Terraform, Bicep, ARM, Ansible, PowerShell, Azure CLI)

• Experience implementing security scanning, secret management, and compliance validation

• Strong understanding of network security (DNS, NSGs, firewalls, Private Link, VNET injection)

• Experience with authentication standards (OAuth2, OIDC, SAML)

• Experience working with data platforms and secure data workflows

• Ability to collaborate in multicultural, multilingual environments

• Strong documentation, communication, and stakeholder management skills

🧰 Technical Knowledge & Skills

• Azure DevOps / GitHub Actions

• Terraform / Bicep / ARM templates

• Microsoft Fabric (OneLake, Lakehouses, Warehouses) – or strong Azure data platform experience

• Azure Networking (Private Link, VNETs, NSGs, DNS)

• Entra ID (RBAC, managed identities, service principals)

• API Gateways / Reverse Proxies

• Azure Monitor / Log Analytics

• Security scanning (SAST/SCA), secret management

• Policy-as-Code (Azure Policy)

• REST API automation

• Python / PowerShell scripting

• Data security (RLS/OLS, Purview classification)

🌐 Languages

• Fluent English (mandatory)

• French is an asset

📍 Location

• Near-site to Brussels (within 2 hours travel time)

💼 Work Model

• Hybrid

• Full-time