As a Senior Cloud Platform Engineer, you'll take ownership of day to day operations and deliver impactful projects across Azure and IaaS (Windows and Linux). You'll enhance landing zones, build reusable modules, and drive automation to strengthen our cloud platform. Working closely with DevOps and SRE teams, you'll implement secure, reliable, and cost efficient patterns, while mentoring engineers and promoting best practices. Your focus will be high quality execution, ensuring stability, performance, and compliance, while contributing to continuous improvement and collaborating across teams to deliver a scalable, resilient platform that powers business growth and innovation.
Key Responsibilities Operational Ownership (BAU)
- Operate and improve Azure platform services and IaaS workloads across Windows and Linux for stability, performance, and compliance
- Implement hardening baselines and patch orchestration, and maintain desired state with DSC or Ansible
- Enforce secure RBAC, Azure Policy, and identity patterns with AAD and PIM across subscriptions and management groups
- Own observability runbooks and baselines, including alerting, metrics, logs, dashboards, backups, and DR drills to reduce MTTR
- Administer Windows Server (AD, GPO, IIS) and provide Linux support including systemd, patching, and log management
Project Delivery and Engineering
- Contribute to landing zones and reusable platform modules using Bicep and Terraform
- Implement secure connectivity per the platform blueprint: hub and spoke or vWAN, Private Endpoints, DNS, and hybrid links via ExpressRoute or VPN
- Support VMware to Azure migrations from readiness through cutover, rollback, and DR patterns
- Deliver CI/CD pipeline templates in Azure DevOps or GitHub Actions with policy gates, secrets scanning, and SBOM generation
- Enable the Internal Developer Platform to support IaC/CaC based self service environment provisioning
Security, Reliability & Cost Controls
- Embed secure by default patterns, integrate Defender and Conditional Access, and shift left security for images and IaC in pipelines
- Apply SRE practices such as SLOs and error budgets, and codify operability standards for new capabilities
- Support FinOps guardrails with tagging, budgets, and alerts; analyse usage and implement cost optimisations without impacting SLAs
Collaboration, Mentoring and Governance
- Mentor and coach platform engineers through pairing, PR reviews, runbook creation, and knowledge sharing
- Partner with DevOps and SRE to standardise container and registry patterns for AKS or ARO, deployments, and environment parity across stages
- Contribute to technical governance forums, propose incremental improvements, and document decisions and reusable patterns
- Collaborate with Principals and architecture boards on architectural approvals where required
Skills, Qualifications and Experience Required
- Azure platform operations across enterprise IaaS and PaaS, including landing zones, subscriptions, RBAC, policy, and governance
- Strong Windows Server administration (AD, GPO, IIS) with practical Linux experience (RHEL/Ubuntu) for broader support
- Infrastructure as Code with Terraform and/or Bicep, using reusable modules and Git based workflows
- Configuration as Code with Ansible and/or DSC to maintain hardened, compliant desired state
- Automation and scripting with PowerShell and Bash, with Python desirable for tooling
- CI/CD using Azure DevOps or GitHub Actions, including quality gates, secrets/security scanning, and SBOM generation
- Azure networking fundamentals: VNets, vWAN, ExpressRoute, VPN, Private Endpoints, and DNS, plus hybrid connectivity patterns
- Containers and Kubernetes exposure (AKS or ARO), image registry practices, and environment provisioning/on demand environments
- Observability and reliability: monitoring, logging, alerting baselines, SRE concepts (SLOs, error budgets), backup/DR, and patch orchestration
- Security and compliance: Zero Trust, identity and access management (AAD, PIM), and integration with Defender and vulnerability scanning
- Cost optimisation using FinOps practices, tagging strategies, budgeting, and guardrails
Desirable (not essential)
- Experience supporting VMware to Azure migration
- Any experience working with Temenos or similar core banking platforms would be advantageous
Education
- Bachelor's degree in Computer Science, Engineering, or related field (or equivalent experience).
- Desirable (not essential): Relevant Azure certifications - Microsoft Azure Administrator AZ 104, Azure Solutions Architect/Identity/Security (AZ 305/AZ 500), DevOps Engineer Expert (AZ 400), FinOps Certified Practitioner, ITIL 4 Foundation
Fostering a culture of belonging and inclusivity
We're committed to creating a workplace where every individual feels valued, respected, and included. As an Equal Opportunity Employer, we actively cultivate an inclusive culture where diversity thrives, and we empower our colleagues to drive meaningful change within our organisation through initiatives such as our DE&I focus groups and value champion network. By measuring our efforts through regular assessments and listening to employee feedback, we strive to ensure our initiatives are impactful and responsive to the evolving needs of our workforce. Together, we want to build a workplace where everyone can bring their authentic selves to work, as we believe this is the foundation of innovation, creativity, and collective success.