Site Reliability Engineer

Do you know askblue?

We were born in 2013, and we provide services in the field of information technology. We are looking for a

We are looking for Site Reliability Engineer to join our company, in one of our projects, in the the industry sector, located in Lisbon. The Site Reliability Engineer must demonstrate knowledge and proficiency around the requested skills together with work experience (min 5 years) in an international company environment.
This position supports the company’s digital strategy by enforcing security and identity standards across Azure-based services, while maintaining high availability, performance, and compliance. The engineer plays a key role in vulnerability remediation, patch management, and identity governance, ensuring that security controls are consistently implemented and operated across global cloud workloads.
Working closely with Cloud Security, IAM, SOC, and platform engineering teams, the role contributes to incident response, risk mitigation, and continuous improvement of security and identity operations. A strong emphasis is placed on operational excellence, audit readiness, automation, and adherence to corporate security frameworks.

Team:

The Site Reliability Engineer Cloud Services Platform Reliability team, contributing to the reliability, security, and operational stability of Saint‑Gobain’s Public Cloud services. The role sits at the intersection of cloud operations, cybersecurity, and identity management, with a strong focus on ensuring secure-by-design and resilient cloud platforms at scale.

Tasks:

• 1. Security & Platform Reliability
  • Ensure availability, stability, and security of Public Cloud services with a focus on identity layers.
  • Deliver secure-by-design cloud operations aligned with corporate security frameworks and approved architectures.
  • Act as a senior technical reference for security and identity reliability within the Cloud Services Platform Reliability team.
• 2. Vulnerability & Patch Management
  • Deliver and maintain end‑to‑end vulnerability remediation across Windows and Linux cloud workloads.
  • Operate WSUS and Red Hat Satellite as authoritative patching platforms and ensure consistent execution at scale.
  • Produce regular patching compliance reports, including risk exposure, SLA breaches, and remediation status.
  • Ensure patching baselines align with corporate security policies while minimizing service disruption.
• 3. Identity & Access Management (AD / Entra ID)
  • Ensure secure operation of Active Directory and Entra ID environments according to IAM and security directives.
  • Operationalizae the enforcement of least‑privilege access, RBAC, and Privileged Identity Management (PIM) across admin, service, and workload identities.
  • Deliver periodic access reviews, audit evidence, and remediation actions for privileged access.
  • Maintain compliant Active Directory OU structures, GPOs, delegation models, and admin separation.
• 4. Security Controls & Compliance
  • Implement and validate cloud security controls in line with minimum security requirements and hardening standards.
  • Ensure cloud services comply with approved security architectures and governance rules.
  • Support security assessments, audits, and risk analyses for both new and existing cloud services. Drive remediation of non‑conformities and residual risks in coordination with security governance teams.
• 5. Security Tooling & Monitoring
  • Ensure mandatory security tooling (EDR, vulnerability scanning, logging, inventory agents) is deployed, operational, and monitored at scale.
  • Deliver accurate security KPIs and dashboards covering coverage, health, and compliance of security agents.
  • Maintain alignment between cloud assets and CMDB / inventory systems.
  • Contribute to automation and standardization of security tooling integration.
• 6. Incident & Change Management
  • Act as a technical escalation point during cloud security or identity‑related incidents.
  • Coordinate containment, remediation, and recovery actions with SOC, Cloud Security, IAM, and platform teams when engaged. Coordinate the build of incident post‑mortems, root cause analyses, and improvement actions.
  • Ensure controlled execution of standard cloud changes aligned with operational and security requirements.
• 7. Operational Excellence & Continuous Improvement
  • Drive automation and Infrastructure as Code practices to enforce security and identity controls consistently.
  • Contribute to continuous improvement initiatives across reliability, security posture, and operational efficiency.

Requirements:

• CROWDSTRIKE.
• Microsoft Azure.
• Microsoft Active Directory.
• WSUS.
• QUALYS.
• Infrastructure AS Code Terraform And Ansible.
• EntraID.
• Microsoft Powershell.
• Red Hat Enterprise Linux.

Work Arrangement:

• Hybrid (Twice a week in the office).

Offer:

• Health Insurance;
• 3 and a half days of leave per year + 22 vacation days;
• Unlimited access to Udemy.

If you are interested in the opportunity, upload your CV.

askblue – where business meets technology