We are seeking a Senior Azure Platform Consultant to own and govern the enterprise Azure platform, spanning platform design, service provisioning, automation, operations, FinOps‑led cost governance, CI/CD enablement, performance, security assurance, and regulatory compliance. This role defines how Azure is designed, consumed, secured, and operated at scale, acting as the central platform authority while coordinating with Cloud Infrastructure (CIS), Network, Security, and Data Platform architects. The focus is on delivering a secure, performant, cost‑transparent, and compliant Azure platform for high‑scale and regulated digital environments.
Key Responsibilities Azure Platform Architecture & Governance
Own the end‑to‑end Azure platform architecture, including landing zones, subscription models, shared services, connectivity, and PaaS foundations.
Define and enforce enterprise standards for subscriptions, resource hierarchies, tagging, naming, RBAC, networking, and Azure Policy.
Act as design authority for platform‑level decisions, aligned with the Azure Well‑Architected Framework.
Service Provisioning & Automation
Define standardized, self‑service Azure platform services for application and data teams.
Lead Infrastructure as Code and platform automation using Terraform, Bicep, or ARM, with reusable blueprints and reference implementations.
Ensure all platform services are secure by design, zero‑trust aligned, and consistently deployed across environments.
CI/CD & DevSecOps Engineering
Define and govern CI/CD standards and reference pipelines for platform and infrastructure deployments using Azure DevOps and/or GitHub Actions.
Embed DevSecOps practices into platform pipelines, including policy as code, secrets management, security scanning, and automated compliance checks.
Enable safe and repeatable deployment patterns (e.g., blue/green, rolling upgrades) for shared platform components.
Partner with engineering teams to ensure CI/CD pipelines align with platform guardrails, security controls, and cost governance.
FinOps, Cost Monitoring & Optimization
Own the Azure FinOps strategy, embedding cost management into platform architecture, service design, and delivery processes.
Define and enforce mandatory tagging, cost allocation (show‑back/chargeback), budgets, alerts, and forecasting models.
Establish cost monitoring and usage transparency dashboards for platform, product, and delivery teams.
Drive architectural and operational decisions that optimise cost to performance, scalability, and resilience.
Act as the primary interface between platform, operations, and finance stakeholders on cloud cost accountability.
Performance Engineering & Troubleshooting
Define platform‑level performance and scalability guardrails for compute, storage, networking, and PaaS services.
Lead investigation of performance bottlenecks, capacity constraints, and scaling limits at the platform layer.
Support complex root‑cause analysis in collaboration with application, data, and infrastructure teams.
Ensure proactive monitoring, telemetry, and alerting are embedded into the platform by default.
Security Assurance & Regulatory Compliance (UK)
Embed security by design and zero‑trust principles across all platform components.
Support and lead security audits, assurance reviews, penetration testing, and vulnerability assessments.
Ensure platform alignment with UK regulated industry requirements, including:
NCSC Cloud Security Principles
Cyber Essentials (CE) and Cyber Essentials Plus (CE+)
UK GDPR, covering data protection, access control, auditability, and data residency
Ensure the platform is audit ready by design, with clear evidence, logging, and policy as code controls.
Cross Architecture Leadership
Coordinate closely with CIS/Infrastructure, Security, Network, and Data Platform architects to ensure aligned designs and shared guardrails.
Lead architecture reviews, governance forums, and Azure platform roadmap discussions.
Mentor senior engineers and architects, raising overall cloud and platform maturity.
Qualifications
Strong working experience in infrastructure/cloud engineering, with proven experience owning or leading Azure platforms at enterprise scale.
Deep expertise in Azure landing zones, networking, Entra ID, security, monitoring, and PaaS services.
Strong experience in CI/CD pipeline design and DevSecOps enablement.
Demonstrated experience in performance tuning, troubleshooting, and capacity planning.
Hands‑on experience with IaC, automation, and policy‑driven governance.
Proven experience supporting security audits, penetration testing, and compliance assessments.
Practical experience with NCSC guidance, Cyber Essentials, and UK GDPR.
Strong stakeholder management and communication skills.
Azure certifications (AZ 305, AZ 400, AZ 700; FinOps Foundation preferred).
Experience in regulated or public sector environments.
Experience supporting high usage, mission‑critical digital applications.
Cross‑cloud integration experience, particularly Azure with Oracle Cloud Infrastructure (OCI), including networking, identity, and data integration.
Exposure to data platforms (Microsoft Fabric, Synapse, Databricks) and their performance and cost models.
Personal Attributes
High analytical skills
High degree of initiative and flexibility
High customer orientation
High quality awareness
Excellent verbal and written communication skills
#J-18808-Ljbffr