Company Background Firemelon is the UK’s leading provider of software solutions to the Travel and Pet Insurance sectors. Through our flagship Magenta system, we provide a platform to sell insurance policies via call centres, direct websites and price comparison sites. Firemelon has a wide range of clients in the UK and worldwide from small brokers to large blue-chip organisations. In today’s fast-paced world, new technologies and disruptive change create exciting opportunities to work diversely, identifying and creating new ways of working more effectively and enhance the high quality service we provide. The Role The Azure Platform Engineer will be responsible for designing, maintaining, and optimising cloud platforms across multiple Azure tenants and subscriptions. The role focuses on ensuring secure, scalable, and cost‑effective operation of Azure App Services, Azure SQL Databases, and core identity/security components including Entra ID, RBAC, Intune, and Defender for Cloud. The engineer will play a key role in maintaining ISO 27001‑aligned controls, cloud governance, monitoring, alerting, and operational excellence across the organisation’s cloud estate. The Person This is an exciting opportunity for an experienced Azure Cloud Platform Engineer who has a deep understanding of and technical lead for all aspects of the Microsoft Azure platform. You will oversee the deployment, management and optimization of the Azure cloud infrastructure as well as supporting Azure across the development teams. Key Responsibilities Azure Platform Management Manage resources across multiple Azure tenants and subscriptions, ensuring consistent standards, policies, and tagging. Deploy, configure, and maintain: Azure App Service (Web Apps, API Apps, App Service Plans) Azure SQL Database (PaaS) Azure Storage, Key Vault, Managed Identities, VNETs, and related services. Configure and maintain auto‑scaling rules, performance tuning, and capacity planning including managing reserved instances. Identity, Access & Security Manage Entra ID (Azure AD) including Conditional Access, identity governance, and application registrations. Implement and manage role-based access control (RBAC) for Azure resources, including Azure SQL RBAC and least-privilege model. Maintain current VPN access using Twingate. Ensure compliance with ISO 27001 information security controls, including configuration hardening, access management, and audit readiness. Configure and maintain Defender for Cloud, including security posture management, secure score tracking and remediation. Endpoint & Device Management Manage and administer Microsoft Intune (Endpoint Management), including compliance policies, device provisioning, and app deployment. Integrate Intune and Entra ID P1/P2 features for endpoint security and governance. Monitoring, Alerting & Reliability Implement and maintain cloud monitoring and alerting using: Configure proactive monitoring for App Services, SQL, network components, and security events. Support high availability, disaster recovery, and resilience planning for cloud workloads. Platform Governance & Cost Management Implement and maintain Azure policies, blueprints/bicep governance, and landing zone standards. Conduct continuous cost analysis, forecasting, and optimisation across subscriptions. Provide regular reporting on spend, budget variance, and opportunities to reduce consumption. Ensure tagging, resource hygiene, and lifecycle management standards. Operational Support & Continuous Improvement Support DevOps and development teams with platform‑level guidance and troubleshooting. Participate in incident response, root cause analysis, and platform reliability improvements. Maintain documentation, standards, runbooks, and knowledge base articles. Identify opportunities for automation and CI/CD improvements using GitHub Actions or Azure DevOps. Essential Criteria Minimum of 5 years’ successful experience in designing, implementing and managing Azure cloud environments Strong expertise with Azure App Services and Azure SQL Database. Proficiency managing multi-tenant, multi subscription cloud estates. Deep understanding of Entra ID, RBAC, Conditional Access, and identity security. Experience with Intune administration and modern endpoint management. Solid experience with Defender for Cloud, security baselines, and threat protection. Hands-on experience with Azure Monitor, Log Analytics, KQL, and alerting. Knowledge of platform governance, tagging standards, and cloud cost optimisation. Understanding of ISO 27001 or similar security frameworks. Scripting experience (PowerShell, Bash, ARM/Bicep/Terraform beneficial). Desirable Criteria One or more of the following certifications: Azure Administrator Associate (AZ-104) Azure Solutions Architect Expert (AZ-305) Microsoft Azure Security Engineer Associate (AZ-500) Benefits To attract the very best talent, we offer a great package and numerous benefits, including: · Microsoft Training and Certification · Continuous Professional Development · Hybrid Working · Flexible Working · Salary Sacrifice Company Pension · Private Healthcare and Wellbeing Membership · Employee Optical Scheme · Enhanced Holiday Entitlement · Holiday Trading Scheme · Annual and Mid-Term Performance Reviews · Social and Team Events · Paid Lunch Hour Firemelon Limited is an equal opportunities employer and welcomes applications from all sections of the community.