Job Description

Job Advert

Lead DevOps Engineer

Location:

London/Hybrid

Contract Type:

Permanent

Hours:

Full time, 35 hours

Salary:

Competitive + Benefits

PURPOSE OF THE JOB:

We are looking for a technically strong, people-focused Lead DevOps Engineer to take ownership of our Azure Landing Zone. The role covers everything from architecture to operational delivery across a hybrid cloud environment integrating with VMware-based co-located data centres. You will lead infrastructure provisioning and automation across management groups and subscriptions in our Azure Landing Zone, using Infrastructure as Code (IaC) and Azure DevOps pipelines, while mentoring and supporting Onsite and Offshore team of Cloud Engineers to mature into DevOps professionals.

KEY ACTIVITIES/ACCOUNTABILITIES:

Work with the IT Delivery Manager to define and implement the IAC coding standards and patterns Collaborate with Operations, Security and Development teams to define and document best practice for Automation of IAC and Application builds and deployments in the Azure Landing Zone Ensure all patterns related to Devops, IAC, Build and Release processes and documents are up to date and where they exist reviewed in the TFS/ADO Wiki Collaborate and mentor Cloud Engineers and other Devops Engineers, helping them grow into full-stack DevOps practitioners. Identify needs of the individuals and work with the IT Delivery Manager to define Training plans Promote best practices in infrastructure coding, CI/CD, security, and peer review. Implement and maintain Azure Landing Zones in line with Microsoft's enterprise-scale architecture. Integrate Azure services with on-premises VMware infrastructure in a hybrid setup.

Azure Landing Zone Scope

Manage groups and subscriptions for identity, management, connectivity, and workload isolation Hub-and-Spoke Networking with Virtual Networks, Azure Firewall, ExpressRoute/VPN, DNS, and routing, peering, private links Identity & Access Management with Entra ID, B2C, PIM, and Managed Identities, service accounts Supporting security Operations with Security & Governance using Azure Policy, Defender for Cloud, Microsoft Sentinel, RBAC, and compliance auditing Infrastructure Services including Azure Bastion, Key Vault, Storage, Virtual Machines, and Load

Tooling & Technologies

IaC: Terraform, Powershell, in future possibly Bicep or ARM templates CI/CD: Azure DevOps, Github Enteprise code management, YAML Pipelines, some classic might be required Cloud Services: All Azure Resources and Platforms Azure Landing Zone: Adopt Microsoft Recommended Architecture for Landing Zone Security: Entra ID, RBAC, Conditional Access, Defender, Sentinel Monitoring: Azure Monitor, Application Insights, Log Analytics,

KEY KNOWLEDGE, QUALIFICATIONS AND EXPERIENCE:

6+ years' experience in Azure cloud and DevOps roles Proven leadership in managing hybrid cloud infrastructure and Azure Landing Zones Strong expertise in IaC, CI/CD pipelines, and DevOps engineering practices, with a background in Cloud Engineering and administration and trouble shooting Experience building and destroying cloud infrastructure across subscriptions using automated pipelines with a (dev, test, uat, staging, production) lifecycle Demonstrated ability to mentor engineers and promote engineering best practices Microsoft Certifications: Minimum AZ-104, at least one of the others AZ-305, AZ-400 Experience with regulated environments (legal, Insurance, healthcare, financial) Agile/DevSecOps/FinOps familiarity Knowledge of Vmware, Imperva and Checkpoint firewall, Netscope Proxy ideal A background in Microsoft technologies and Windows server ideal


REF-223 175