Lead DevOps Engineer

You will work in partnership with the Product Development Team Leader to agree and evolve delivery system standards and priorities, ensuring the delivery system supports squad throughput and quality while maintaining appropriate control.

Note: There is no on-call requirement at present. The role is expected to define and improve incident response and operational readiness processes; any future on-call rota would be introduced by agreement as the function matures.

The work you will be doing

The Lead Dev Ops Engineer is accountable for the Azure platform, infrastructure-as-code (IaC) and the delivery system (CI/CD standards, templates and controls) that enables Birketts squads to deliver to Azure quickly, safely and consistently.

You will establish and maintain the "one right way" of working for Azure environments: guardrails, governance, repeatability and operational readiness. You will work closely with Product development leadership, security and infrastructure stakeholders to ensure standards are adopted through tooling (Azure Policy and Azure DevOps), not documentation alone.

Platform ownership, governance and control

• Own subscription and landing zone hygiene, including remediation of legacy resources outside the agreed model
• Define and enforce platform governance standards: naming conventions, tagging schema, Azure Policy baseline and controlled exception handling
• Define and maintain identity and access patterns (RBAC and, where applicable, PIM) and platform security guardrails in collaboration with security and relevant stakeholders
• Improve platform cost governance by ensuring ownership and tagging discipline supports accurate reporting and accountability

Infrastructure as Code (IaC) standards and integrity

• Establish and maintain Terraform as the authoritative mechanism for platform and environment provisioning and change control
• Design and maintain reusable IaC modules/patterns; implement safe change practices (review, validation, controlled applies)
• Reduce drift and improve environment repeatability across dev/QA/prod

Delivery system (CI/CD) ownership and standardisation

• Define and evolve delivery system standards in partnership with the Product Development Team Leader, and enforce them through Azure DevOps templates, policies and required checks
• Own and improve Azure DevOps CI/CD standards, pipeline templates, approvals/gates, and environment promotion model
• Provide "golden path" templates and patterns for application-level and data-level delivery (including Azure resources) so squads can deliver without bespoke pipeline design per product
• Embed automated quality controls and security scanning into pipelines (e.g., SAST/SCA) and define secure secret-handling patterns aligned to Birketts expectations
• Implement and enforce PR/branch policies and release controls to reduce variability and operational risk

Platform observability and operational readiness

• Provide and evolve platform observability foundations: monitoring, logging, metrics, dashboards and alerting (using the agreed toolset)
• Define and improve incident response and operational readiness expectations (runbooks, escalation paths, recovery/rollback patterns, environment health checks)
• Establish and maintain DR and operational processes for the platform and environments, with clear escalation to development squads where required

Ways of working, coaching and continuous improvement

• Maintain a visible platform backlog and roadmap (stabilisation, governance, standardisation, developer experience)
• Coach squads in using the delivery system effectively (templates, PR discipline, gated releases, environment promotion)
• Support capability building for internal engineers (including infrastructure engineers where willing) using pairing and staged responsibility ("gated autonomy")
• Create and maintain platform documentation: handbook, onboarding guides, decision records and runbooks to reduce key-person dependency
• Assess DevOps capacity and resilience needs over time and provide recommendations for scaling the function as workload/support requirements mature

Please note that this job profile is not an exhaustive list of duties but merely an outline of the key components of the role. You may be required by your line manager to take on additional responsibilities when requested.

What we are looking for

This role is well suited to someone who:

• Has owned or led DevOps / platform engineering capability in Azure and can balance delivery speed with governance and risk control
• Enjoys creating standards and guardrails that enable teams rather than slow them down
• Can operate effectively in an environment with mixed maturity, coaching teams while maintaining safe operational practices

Do you have experience in Terraform?, * Proven, hands-on experience designing, deploying and operating Azure infrastructure (subscriptions, governance, identity/access, and core platform services)

• Strong Infrastructure-as-Code experience, ideally Terraform (module/pattern design, environment patterns, safe change practices)
• Strong CI/CD engineering experience, ideally Azure DevOps (templating, approvals/gates, environment promotion strategies, required checks)
• Working understanding of security practices in cloud delivery (least privilege/IAM, secrets handling, secure pipeline patterns)
• Practical understanding of observability and operational readiness (logs/metrics/tracing concepts; dashboards/alerts; runbooks)
• Strong communication skills and ability to explain standards/guardrails in business-impact terms

Desirable

• Experience implementing Azure Policy at scale and moving controls from audit to enforcement
• Container and orchestration experience (Docker/Kubernetes/AKS) if relevant to platform direction
• Familiarity with platform engineering / SRE practices (incident review discipline, reliability measures, operational readiness)
• Experience of cost governance and showback/chargeback readiness

Hybrid Working

Pulled from the full job description

• Company pension
• Private medical insurance
• Discounted gym membership
• Enhanced maternity leave
• Enhanced paternity leave
• Car scheme, As a Birkett colleague, you will be eligible to receive a wide range of benefits:
• 25 days holiday (FTE) plus Bank Holidays
• Long Service holiday award - 1 extra week every 10 years continuous service
• Private Healthcare with BUPA (offered after probation is passed)
• Scottish Widows Pension Scheme (5% employer / 5% Employee)
• Staff Profit Share and Individual Performance Bonus Scheme
• Salary sacrifice (Pensions, Staff Profit Share)
• Life Assurance - 4 x salary / Permanent Health Insurance
• Paid CSR Day
• Enhanced Maternity/Paternity Leave
• Subsidised gym membership
• Electric car scheme
• Dress for your Day Policy

At Birketts, our culture is driven by ambition and a commitment to positively impact all the communities we serve. We are dedicated to the success, development, and wellbeing of our colleagues, helping them achieve their goals and seize the opportunities that come with our growth.