Azure Consultant

Senior Azure Consultant (Contract)

Contract: ASAP - 3 Months

Rate: £600 per day (via Umbrella)

Working Pattern: Hybrid – predominantly remote, 2 days per week, Onsite in Bristol for the first month.

Overview

We are seeking an experienced Senior Azure Consultant to lead a large-scale cloud security transformation programme for a major enterprise organisation. This is a senior technical leadership role focused on the design, governance, and delivery of a strategic migration from third-party virtual firewall platforms to Azure Firewall across multiple global Azure regions.

The successful consultant will act as the technical design authority, owning the target-state architecture, security and routing strategy, policy governance framework, migration methodology, and operational handover. You will work closely with infrastructure, security, networking, and application teams to deliver a secure and scalable cloud networking solution.

Key Responsibilities

• Lead technical discovery workshops and assess existing firewall policies, NAT configurations, routing, traffic flows, and regional dependencies.
• Own the end-to-end design of a global Azure Firewall architecture leveraging Azure Virtual WAN hub-and-spoke networking.
• Define security zoning, segmentation, and cross-region traffic inspection patterns.
• Design and implement a global firewall governance model, including base and regional policies, rule lifecycle management, and recertification processes.
• Lead the translation and rationalisation of legacy firewall rules into Azure Firewall Policy, identifying and managing feature gaps through agreed compensating controls.
• Design and implement routing strategies including UDRs, Virtual WAN routing, BGP, and ExpressRoute integration.
• Conduct public IP planning, SNAT capacity assessments, and Azure Firewall SKU selection based on business and technical requirements.
• Define and implement logging, monitoring, and security operations integration using Log Analytics and Microsoft Sentinel.
• Design and validate integrations with cloud security and application delivery services, including secure internet access platforms, application gateways, and edge delivery services.
• Deliver Infrastructure-as-Code solutions (Terraform preferred), including reusable modules, promotion pipelines, and Git-based change management.
• Develop migration runbooks, cutover plans, rollback procedures, validation processes, and operational readiness documentation.
• Lead migration execution, hypercare support, troubleshooting, and stakeholder coordination across multiple teams and regions.
• Mentor technical teams and provide knowledge transfer to support long-term operational ownership.

Required Skills & Experience

• Extensive experience designing and delivering enterprise-scale Microsoft Azure networking and security solutions.
• Proven expertise with Azure Firewall, Azure Firewall Policy, and Azure Virtual WAN.
• Strong understanding of cloud networking concepts including routing, BGP, UDRs, NAT, and hybrid connectivity.
• Experience migrating from traditional or virtual firewall platforms to cloud-native security controls.
• Strong knowledge of ExpressRoute, hub-and-spoke architectures, and multi-region Azure deployments.
• Experience with Microsoft Sentinel, Log Analytics, and cloud security monitoring practices.
• Hands-on experience with Terraform and Infrastructure-as-Code delivery.
• Strong stakeholder management and technical leadership skills.
• Experience producing high-quality architecture, governance, and operational documentation.

Desirable

• Experience integrating Azure networking with secure web gateway or SSE platforms.
• Knowledge of Azure Front Door and Application Gateway design patterns.
• Relevant Microsoft Azure certifications.
• Experience working within complex global enterprise environments.

This is an excellent opportunity for a senior cloud security and networking specialist to lead a high-profile Azure transformation programme within a large-scale enterprise environment.