Job Description The Cloud IT Operations Engineer plays a critical role in ensuring the security, availability, and performance of our cloud-hosted infrastructure. Working closely with a fellow Cloud IT Ops Engineer and collaborating with development teams, the role is responsible for maintaining and evolving our Microsoft Azure environment, supporting our automated release processes, and managing core infrastructure services. The role also includes participation in an out-of-hours on-call rota to handle incidents and essential maintenance. Job Requirements Competencies (knowledge/skills/experience) Essential: Hands-on experience managing Microsoft Azure infrastructure (IaaS and PaaS). Proficiency with Azure DevOps pipelines and Git. Solid knowledge of Bicep or ARM templates for infrastructure as code. Strong scripting skills in PowerShell and Azure CLI. Experience managing Windows Server, IIS, and virtual machines. Understanding of networking fundamentals in Azure (e.g. NSGs, VNets, firewalls, DNS). Experience with certificate management (e.g. MMC, SSL bindings, renewals). Familiarity with database access and permission models. Understanding of Entra ID (Azure Active Directory) and role-based access control. Availability to participate in an on-call rota and perform out-of-hours maintenance tasks. Desirable: Experience building and maintaining Power Automate flows. Exposure to monitoring tools (e.g. Azure Monitor, Log Analytics). Knowledge of compliance frameworks relevant to cloud operations (e.g. ISO 27001, Cyber Essentials Plus). Job Responsibilities Azure Infrastructure Management : Maintain, monitor, and enhance our Microsoft Azure infrastructure, ensuring high availability, cost-efficiency, and scalability. Pipeline and Deployment Automation : Support and extend Azure DevOps release pipelines to streamline build, test, and deployment processes. Infrastructure as Code (IaC) : Manage and extend Bicep templates to define our infrastructure, ensuring maintainability, security and standardisation. Incident Response and Maintenance : Participate in an out-of-hours on-call rota to respond to incidents and perform scheduled maintenance such as server patching. Security and Access Control : Manage SSL certificates, enforce least-privilege access controls, and support secure configuration of Entra ID (Azure Active Directory). Automation and Scripting : Use PowerShell and Azure CLI to automate operational tasks and improve service reliability.