Project Overview We are seeking a high-level Azure Cloud Engineer/Developer to build a multi-tenant SaaS platform. The project consists of three subdomains: a Corporate Site, a Product Management Platform, and a Gateway Configuration portal. The architecture must be 100% Serverless, secure, and optimized for an initial low-volume phase (5 customers, ~50k API calls/month). Technical Stack & Constraints Infrastructure: Everything must be deployed via Infrastructure as Code (Bicep preferred or Terraform). No manual portal configurations. Backend: Azure Functions (Python v2 Programming Model) using Blueprints for modularity. Identity: Azure AD B2C for Single Sign-On (SSO) across subdomains (platform., gateway.). Database: Azure SQL Serverless with Row-Level Security (RLS) for tenant isolation. Search: Azure AI Search (Basic Tier) implementing Vector Search and Hybrid Search (RAG architecture). Security: Managed Identity (Passwordless) authentication for all inter-service communications. DevOps: Compatibility with Azure Developer CLI (azd) is mandatory. Key Responsibilities IaC Deployment: Provision the environment (SQL, AI Search, Functions, SWA) using Bicep scripts. Identity Management: Configure Azure AD B2C to handle cross-subdomain authentication. Backend Development: Build Python Azure Functions to manage product configurations and execute vector-based search queries. Data Isolation: Implement logic to ensure total data isolation between tenants at both the Database and Search Index levels. Maintenance, Support & Future Development We are looking for a long-term partner. Please include in your proposal: Monthly Maintenance Retainer: A fixed fee for security patching, dependency updates, and monitoring system health (Azure Monitor/App Insights). Support SLA: Defined response times for critical bugs or system downtime. Future Development: A separate hourly rate for implementing new features, UI enhancements, or onboarding complex new tenants. Required Experience Proven track record with Azure Serverless ecosystem. Deep expertise in Azure AI Search and Vector DB implementations. Experience with Python v2 Functions and async patterns. Solid understanding of Azure Networking (Front Door, WAF) and B2C. Definition of Done A single azd up command provisions the entire environment and deploys the code. Demonstration of functional SSO across all three subdomains. Verified tenant isolation where "Customer A" cannot access "Customer B" data via API or Search. Contract duration of 1 to 3 months. with 40 hours per week. Mandatory skills: Python, Software Architecture & Design, Microsoft Azure, Azure DevOps