Senior (Azure) Cloud Engineer (8+ years)

Key Responsibilities

• Azure Platform Ownership
• Own Azure PaaS operations including SQL Databases (Elastic Pools), App Services, Function Apps, Storage Accounts, Key Vault, App Configuration, and Service Bus.
• Manage lifecycle activities including provisioning, optimisation, decommissioning, and capacity planning.
• Lead troubleshooting of complex performance, scaling, availability, and resilience issues.
• Manage edge controls including Application Gateway (WAF), Traffic Manager, and support Azure Front Door planning where required.
• Critical Incident Leadership (P1/P2)
• Lead high-severity incident response triggered by monitoring platforms.
• Coordinate cross-functional technical teams during outages.
• Provide structured, executive-ready communications during incidents.
• Conduct detailed Root Cause Analysis (RCA) with corrective and preventive actions.
• Identify recurring patterns and drive permanent fixes.
• App Services & Web Services – Advanced Support
• Diagnose scaling failures, memory leaks, deployment failures, and performance bottlenecks.
• Support rollback strategies and change validation.
• Troubleshoot connectivity issues involving Application Gateway, Traffic Manager, VNets, and Private Endpoints.
• · Partner with application teams to optimise service performance and reliability.
• Azure SQL & Elastic Pool Operations
• Investigate performance degradation, blocking, and query inefficiencies.
• Analyse DTU/vCore consumption and pool resource contention.
• Validate backup strategies and lead restore testing exercises.
• Support high availability and failover troubleshooting.
• Monitoring & Observability
• Own Azure Monitor, Log Analytics, and Application Insights configurations.
• Define SLIs/SLOs and tune alert thresholds to reduce operational noise.
• Build dashboards and proactive health checks.
• Drive automation of alert remediation and operational runbooks.
• Identity, Access & Security
• Manage operational IAM using Entra ID, RBAC, and Privileged Identity Management (PIM).
• Enforce least-privilege access and conduct access reviews.
• Lead security vulnerability remediation and hardening initiatives.
• Manage Key Vault access policies and secrets lifecycle.
• Support audit, compliance, and security review activities.
• Governance & Azure Policy
• Implement and maintain Azure Policy definitions and initiatives.
• Enforce tagging, naming conventions, and compliance standards.
• Contribute to governance maturity and subscription-level controls.
• Cost Optimisation
• Identify optimisation opportunities across Elastic Pools, App Service Plans, Storage Accounts, and Reserved Instances.
• Provide cost insights and recommendations to stakeholders.
• Partner with FinOps to safely implement optimisation initiatives via standard change controls.
• Backup & Disaster Recovery
• Own backup configuration and validation across SQL Databases, Storage Accounts, and App Services.
• Maintain documented RTO/RPO definitions.
• Ensure restore testing and DR validation are performed and evidenced.
• Automation & Continuous Improvement
• Develop and maintain Terraform configurations for infrastructure provisioning.
• Write PowerShell scripts to automate administrative tasks.
• Contribute to CI/CD pipelines using Azure DevOps and GitHub Actions.
• Identify and eliminate repetitive manual operational tasks.
• Networking
• Manage private networking including VNets, NSGs, Private Endpoints, and Private DNS Zones.
• Troubleshoot connectivity issues across subscriptions and environments.
• Ensure network design aligns with security and least-privilege principles.
• Mentorship & Technical Escalation
• Mentor IC1 and IC2 engineers.
• Develop knowledge articles, runbooks, and technical documentation.
• Conduct peer reviews and knowledge-sharing sessions.
• Act as the Azure technical escalation point within the team.

Essential Skills & Experience

• 8-10+ years in Cloud / DevOps / SRE roles, with 8+ years hands-on Azure experience.
• Strong operational experience with Azure App Services and Function Apps.
• Azure SQL Database and Elastic Pool performance tuning, backup, and restore expertise.
• Proven experience handling P1/P2 incidents independently.
• Deep knowledge of Azure Monitor, Log Analytics, and Application Insights.
• Strong networking fundamentals: VNet, NSG, Private Endpoints, Application Gateway, WAF, Traffic Manager.
• Entra ID, RBAC, and Privileged Identity Management (PIM).
• Azure Policy and governance controls.
• Backup and Disaster Recovery strategy and validation.
• Infrastructure as Code using Terraform.
• PowerShell scripting and automation.
• CI/CD experience with Azure DevOps and/or GitHub Actions.
• Cost optimisation and FinOps collaboration experience.


• Highly Desirable
• Azure Front Door experience.
• Automation using Bash and Azure CLI.
• Familiarity with Azure Well-Architected Framework.
• Experience with ITSM tools (Jira, JSM, ServiceNow).
• Exposure to AWS within a multi-cloud environment.

Additional Information:

• This position follows a hybrid work model, requiring in-office presence on days defined by your manager. Occasional out-of-hours engagement may be required for major incidents or critical escalations in coordination with the 24/7 Operations Centre.