Cloud Engineer (AVD)

Ivy Rock Partners Ltd

Charing Cross, United Kingdom

2 days ago

Role details

Contract type

Contract

Employment type

Full-time (> 32 hours)

Working hours

Regular working hours

Languages

English

Experience level

Senior

Compensation

£ 140K

Job location

Remote

Charing Cross, United Kingdom

Tech stack

Microsoft Active Directory

Azure

Cloud Computing

Cloud Engineering

Configuration Management Databases

Data as a Services

File Systems

Identity and Access Management

Kerberos (Protocol)

Virtual Desktops

Network Architecture

NT File System (NTFS)

OAuth

OpenID

Powershell

Role-Based Access Control

Azure

Runbook

Virtualization Technology

Firewalls (Computer Science)

Microsoft InTune

Deployment Automation

Bicep

Terraform

Azure

Job description

Cloud Engineer (AVD)

Initial 3 month contract (high chance of extension) - £500-£540 per day (inside IR35) - 2 days per week from London office (they can not offer fully remote)

Our London based Public Sector client are looking for a specialist Cloud Engineer with extensive commercial experience of Azure Virtual Desktop (AVD) to join their cloud engineering team. You will be responsible for designing, delivering, and maintaining enterprise cloud infrastructure with a focus on identity, virtualisation, endpoint management, and security.

Key responsibilities for the Cloud Engineer:

Design, deploy, and manage enterprise VDI/DaaS platforms at scale, including session host provisioning, image life cycle management, and end-to-end deployment automation
Develop and maintain infrastructure-as-code pipelines (Bicep/ARM/Terraform) and PowerShell automation frameworks to reduce manual effort and eliminate configuration drift
Manage hybrid identity environments across on-premises Active Directory and Microsoft Entra ID, including Entra Connect Sync, conditional access policies, and MFA configuration
Administer enterprise app registrations, OAuth 2.0/OIDC authentication flows, service principals, and managed identities for secure application and service-to-service authentication
Implement and maintain RBAC, Privileged Identity Management (PIM), and least-privilege access governance across Azure resources and directory services
Deploy and manage MDM/MAM platforms (Microsoft Intune) including compliance policies, configuration profiles, and automated remediation workflows
Diagnose and resolve complex hybrid-join, Entra join, and MDM enrolment failures across large managed device estates
Design and maintain secure cloud network architectures including VNets, NSGs, private endpoints, and next-generation Firewall (NGFW) integration
Manage cloud-based file storage solutions with enterprise authentication (Kerberos/AD DS/Entra ID), NTFS permission models, and storage account life cycle management
Maintain centralised log analytics, alerting pipelines, and CMDB integrations to support proactive incident detection and asset life cycle management
Produce and maintain high-quality technical documentation, including architecture designs, runbooks, and operational procedures aligned with ITIL practices

Key experiences & skills required for the Cloud Engineer (AVD):

Vast commercial experience as an Azure SME - 5+ years
Extensive experience operating with Azure Virtual Desktops
Microsoft Certified (AZ or MCSE)

Requirements

Vast commercial experience as an Azure SME - 5+ years
Extensive experience operating with Azure Virtual Desktops
Microsoft Certified (AZ or MCSE)

Benefits & conditions

Initial 3 month contract (high chance of extension) - £500-£540 per day (inside IR35) - 2 days per week from London office (they can not offer fully remote)