Platform Engineer (AKS)

We are seeking a highly skilled Platform Engineer to join a central Platform Team responsible for enabling development, deployment, and operations across the organisation. You will design, build, and maintain the shared foundations - Azure DevOps pipelines, AKS clusters, IaC modules, and platform tooling - that all application teams rely on.

This role is ideal for an engineer who thrives in Azure, Kubernetes, DevOps automation, and Infrastructure as Code, and who enjoys building reusable, scalable platform capabilities.

Key Responsibilities

Platform Engineering & Infrastructure

• Design, build, and operate Azure Kubernetes Service (AKS) clusters (public & private), including networking, ingress, node pools, autoscaling, and confidential compute.
• Manage Azure platform components: Subscriptions, ACR, Key Vault, Service Bus, Storage, SQL.
• Operate and support OpenShift environments where required.
• Ensure platform security, reliability, and compliance (TLS, RBAC, network policies, managed identities).

CI/CD Pipeline Development

• Develop and maintain shared Azure DevOps YAML pipeline templates used across all application teams.
• Build multi-stage pipelines for .NET 8 applications, container builds, DACPAC deployments, and Service Bus provisioning.
• Write and maintain PowerShell Core 7+ modules for deployment logic, configuration generation, secret retrieval, and Helm-based deployments.
• Enforce quality gates, security checks, and controlled environment promotion (DEV * TST * VAL * Manual Gate * PRD).

Infrastructure as Code (IaC)

• Design and maintain Terraform modules for Azure resources, AKS workloads, Keycloak clients, SQL users, Key Vault HSM keys, and Service Bus RBAC.
• Automate provisioning and lifecycle management using Terraform, Azure CLI, PowerShell.
• Manage Terraform state using Azure Storage + AAD authentication.

Repository & Azure DevOps Administration

• Administer shared DevOps repositories and deployment configuration repos.
• Support GitFlow branching (DEV/MAIN/hotfix) and PR validation.
• Manage Azure DevOps service connections, agent pools, variable groups, approvals.

Collaboration & Enablement

• Act as the bridge between infrastructure and application teams.
• Provide guidance on platform standards, deployment maps, and pipeline extension patterns.
• Maintain documentation and review contributions to shared platform code.

• AKS: Cluster operations, networking, ingress, autoscaling, Helm, confidential compute.
• DevOps: Strong CI/CD principles, GitFlow, automation, environment promotion.
• .NET: Familiarity with .NET 10 build processes, NuGet, containerization.
• PowerShell: PowerShell Core 7+ modules, classes, Pester tests, robust scripting.
• Azure: Key Vault, ACR, Service Bus, Storage, SQL, Managed Identities, RBAC.
• Cloud Architecture: Scalability, HA, security, cost optimisation.
• Azure DevOps: YAML pipelines, templates, repos, service connections, artifacts.
• YAML Pipelines: Multi-stage, parameterized, reusable templates.
• Terraform: Modules, providers (azurerm, helm, keycloak, mssql, kubernetes), state management.
• Networking: VNets, NSGs, private endpoints, DNS, ingress controllers, proxies.
• Architecture: Strong reasoning around platform design, module boundaries, extensibility.

Nice to Have

• Keycloak / OpenID Connect
• Docker optimisation
• DACPAC / sqlpackage automation
• SonarQube
• Azure confidential computing
• OpenShift experience