DevSecOps engineer- MS Fabrics

ROLE SUMMARY

We are looking for a profile capable of bridging the gap between data engineering, security, and automated operations. The DevSecOps engineer will be responsible for ensuring that the Microsoft Fabric environment is scalable, secure by design, and fully integrated into automated deployment workflows

DESCRIPTION OF TASKS

· Pipeline Automation: Build and manage end-to-end CI/CD pipelines using Azure DevOps or GitHub Actions to automate the deployment of Fabric workspaces, notebooks, and semantic models.

· Secure Perimeter Management: Configure and maintain private network connectivity, including Private Endpoints and VNET injection, to ensure Fabric traffic never traverses the public internet.

· Security Orchestration: Integrate automated security scanning (SAST/SCA) and secret management into data workflows to prevent credential leakage and vulnerabilities.

· Gateway & Proxy Management: Deploy and manage API Gateways and Reverse Proxies to mediate access to data APIs, ensuring traffic filtering and load balancing.

· Infrastructure Automation: Provision and manage Fabric capacities and network security (Private Links, VNET injection) using Bicep, Terraform, or ARM templates.

· Monitoring & Alerting: Configure real-time observability using Azure Monitor and Log Analytics to track platform health, cost consumption, and security incidents.

· Access Governance: Implement and audit granular access controls using Microsoft Entra ID (formerly Azure AD) and Fabric-specific RBAC models.