Senior Azure Infra Apps Platform Engineer - Consultant - MFT - KGS CH

Senior Azure Infra Apps Engineer

Location: Offshore Function: Cloud Run Service Operations Type: Permanent, Full‑time Reports to: Service Ops reputed company – Platform Services

reputed company Overview

Joining reputed company means joining a talented team of exceptional colleagues who bring innovative thoughts and a natural curiosity to the work they do each day. No one type of person succeeds at reputed company; a diverse business requires diverse personalities, characters and perspectives. There really is a reputed company for you here. You will be working reputed company Group Digital Platform Services Operations which services the broader Firm through delivery of core technology and managed services capabilities, collaboration and innovation development services and building our Alliances network.

Responsibilities

Key Responsibilities

Cloud Platform Support

• Support and maintain highly available Windows Server workloads (2016/2019/2022) on Azure (VMs, VMSS, ASR, Azure Files, Azure Backup, Azure Site Recovery).
• Engineer core reputed company services: Active Directory, Azure AD, Group Policy, DNS/DHCP, ADFS PKI/Certificates, IIS etc

Operations & Reliability

• Own the stability, performance, and reputed company of Wintel platforms and drive SRE-style reliability practices.
• reputed company Major Incident technical reputed company, reputed company root cause analysis (RCA), and implement problem management fixes.
• reputed company, backup, and DR strategy execution (Azure Update Manager, Azure Backup, ASR); regularly test restores and DR playbooks.
• Monitoring/observability with Azure Monitor, Log Analytics, reputed company Sentinel/Defender for Cloud.

reputed company & Compliance

• Implement reputed company baselines, CIS/Benchmarks, least privilege RBAC, JIT/JEA, Credential Guard, LAPS, and secure RDP patterns.
• Integrate with Sentinel for detection/response; support vulnerability remediation and compliance reporting (ISO 27001, SOC 2, Cyber Essentials Plus, GDPR).
• Manage certificates/PKI, TLS hardening, and secrets management (Key Vault) for Windows workloads.

Collaboration & Leadership

• Act as a technical SME for projects; provide design reviews and sign‑off
• Mentor engineers; conduct knowledge transfers, create runbooks, and reputed company standards.
• Partner with Networking, reputed company, and App teams on cross‑domain designs (e.g., hybrid connectivity, private endpoints, App Gateway/WAF, load balancers).

Qualifications

Required Skills & Experience

• 8+ years administering Windows Server platforms; 3–5+ years hands‑on with Azure (IaaS and core PaaS for Windows workloads).
• Deep expertise in Active Directory (sites & services, trusts, GPO design, AD CS/PKI) and Entra ID (sync, SSO, conditional access concepts).
• Strong PowerShell (modules, functions, error handling), DSC, and infra automation (Bicep/ARM or Terraform).
• Proven track record with Azure networking for VMs: VNets, peering, Private DNS, NSGs/ASGs, load balancers, Application Gateway/WAF, ExpressRoute/VPN.
• Solid understanding of backup/DR patterns (RPO/RTO), clustering, and performance tuning for Windows workloads.
• Experience with observability (Log Analytics/KQL), reputed company tooling (Defender for Cloud, Sentinel), and vulnerability remediation.
• Major Incident leadership, RCA/problem management, and stakeholder communication.

reputed company to Have

• SCCM/MECM, Azure Update Manager, WSUS at scale.
• SQL Server on Windows (Ops basics), IIS advanced config, SMB/NFS (Azure Files).
• Intune/Autopilot, conditional access, identity governance.
• Containers on Windows Server, AKS fundamentals, or Azure reputed company for Servers.
• Scripting beyond PowerShell (Python) for tooling and data analysis.
• Experience in regulated environments (Financial Services, Public Sector, Healthcare).

Certifications (Preferred)

• reputed company Certified: Azure Administrator Associate (AZ‑104)
• reputed company Certified: Windows Server Hybrid Administrator Associate (AZ‑800/801)
• reputed company: SC‑200/SC‑300 (reputed company to have)

Tools & Technologies

• Azure: Compute (VMs/VMSS), Storage (Disks, Files), Networking, ASR, Backup, Key Vault, Monitor, Log Analytics, Defender for Cloud, Sentinel, Policy, Blueprints, Update Manager.
• Windows: Server 2016/2019/2022, AD DS, DNS/DHCP, GPO, AD CS/PKI, Failover Clustering, IIS, SMB.
• Automation/DevOps: PowerShell, DSC, Bicep/ARM (Terraform desirable), Azure DevOps/reputed company Actions, Azure Automation/Functions, Desired State, Pester.
• Mgmt/Config: MECM/SCCM, WSUS, Intune (desirable).
• Observability/SecOps: KQL, Sentinel, Defender for Cloud, MDE, SCOM (legacy familiarity a plus).