Senior Azure Platform Engineer

Contracts IT
Charing Cross, United Kingdom
2 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

Remote
Charing Cross, United Kingdom

Tech stack

API
Agile Methodologies
Application Performance Management
JIRA
Azure
Cloud Computing
Cloud Engineering
Continuous Integration
Disaster Recovery
DNS
Github
Infrastructure as a Service (IaaS)
Identity and Access Management
Log Analysis
Platform as a Service (PAAS)
Role-Based Access Control
Cloud Platform System
Cloud Monitoring
Firewalls (Computer Science)
Bicep
Terraform
Devsecops

Job description

We are seeking a Senior Azure Platform Engineer to support the delivery of a critical, Internet-facing cloud platform within a regulated legal services environment.

The organisation is standing up a secure, scalable Azure-based platform to support consumer-facing workflow operations. This is a delivery-critical programme with tight timelines, requiring an experienced engineer who can bridge the gap between architectural design and hands-on implementation.

You will work closely with the internal Cloud Centre of Excellence (CCoE), project delivery teams, and technical architects to implement secure, automated, production-grade Azure infrastructure while foundational cloud capabilities continue to mature.

This is a highly hands-on role requiring strong Azure platform engineering expertise, Infrastructure-as-Code automation, and security-first thinking.

Project Context

  • Delivery of a new Azure-hosted platform supporting regulated, consumer-facing operations
  • Internet-facing workloads requiring strong governance and API security
  • Cloud Centre of Excellence actively evolving platform standards
  • Immediate need for senior-level expertise to remove delivery bottlenecks
  • Focus on operationalising cloud designs into secure, production-ready infrastructure

Primary Objectives (First 90-120 Days)

  • Implement and enhance Azure landing zones aligned to enterprise governance standards
  • Build and deploy reusable Terraform or Bicep modules for automated infrastructure provisioning
  • Strengthen RBAC models, Azure Policy guardrails, and governance controls
  • Implement secure networking patterns for Internet-facing services
  • Embed DevSecOps controls into CI/CD workflows
  • Establish monitoring, observability, and alerting capabilities
  • Validate resilience and disaster recovery configurations (RTO/RPO testing)
  • Produce high-quality documentation and operational runbooks
  • Enable internal teams through structured knowledge transfer

Core Responsibilities

  • Engineer secure, scalable Azure infrastructure across IaaS and PaaS services
  • Translate architectural designs into production-ready deployments
  • Build and manage Infrastructure-as-Code (Terraform or Bicep) modules
  • Configure and optimise Azure networking (vNETs, private endpoints, DNS, Firewalls)
  • Implement Azure Policy, RBAC, and identity governance best practices
  • Integrate CI/CD pipelines using Azure DevOps or GitHub Actions
  • Embed security scanning and DevSecOps practices within infrastructure delivery
  • Configure monitoring using Azure Monitor, Log Analytics, and Application Insights
  • Implement backup, restore, and disaster recovery patterns
  • Collaborate with technical architects and project delivery teams
  • Provide clear documentation, diagrams, and operational runbooks, Key Deliverables
  • Approved and reusable Terraform/Bicep modules
  • Secure Azure landing zones implemented or enhanced
  • Operational CI/CD infrastructure pipelines
  • Hardened security configurations and governance controls
  • Monitoring dashboards and alerting packs
  • Documented disaster recovery runbooks with tested evidence
  • Complete as-built documentation and architectural diagrams
  • Knowledge transfer sessions delivered to internal teams

Ways of Working

  • Fully remote (UK-based contractor)
  • Agile delivery model
  • Collaboration with Cloud Engineering, Architecture, and Security teams
  • Ticket management via Jira/Azure Boards/ITSM tools
  • Emphasis on rapid iteration and delivery impact

Contract Structure

  • Initial 4-month engagement (approx. 100 working days)
  • Outside IR35
  • High-priority hire with accelerated interview process
  • 1st Interview with hiring manager (30mins) - 2nd Stage with hiring manager & Technical Architect (1hour) - Offer!
  • Extension potential subject to programme funding

Submission Requirements

  • Updated CV highlighting Azure platform, Terraform/Bicep, and DevSecOps experience
  • Short written summary (max 300 words) mapping experience to project objectives
  • Two recent enterprise client references

Requirements

  • Extensive hands-on experience with Microsoft Azure in enterprise environments
  • Strong experience building Azure Landing Zones
  • Deep expertise in Terraform or Bicep module development
  • Experience delivering infrastructure for production, Internet-facing platforms
  • Azure networking expertise (vNETs, Private Link, DNS, Firewalls)
  • Identity & access management (Entra ID, RBAC, Conditional Access awareness)
  • DevSecOps integration within CI/CD pipelines
  • Security-first mindset, particularly around API and platform security
  • Monitoring and observability implementation (Azure Monitor, Log Analytics)
  • Experience validating resilience and DR against RTO/RPO targets
  • Proven ability to operate independently and deliver under tight timelines
  • Strong documentation and knowledge transfer capability

Desirable Experience

  • Experience in regulated sectors (legal, financial services, healthcare)
  • Azure certifications (AZ-104, AZ-400, AZ-500, AZ-700 or similar)
  • Experience with Azure Sentinel or Defender for Cloud
  • FinOps practices (tagging, cost optimisation, rightsizing)
  • Exposure to containerisation/AKS fundamentals
  • Familiarity with ITIL/SRE operational practices

Apply for this position