Senior Azure Platform Engineer at Contracts IT Recruitment Consulting Ltd, London, £Competitive Rate

We are seeking a Senior Azure Platform Engineer to support the delivery of a critical, Internet-facing cloud platform within a regulated legal services environment.

The organisation is standing up a secure, scalable Azure-based platform to support consumer-facing workflow operations. This is a delivery-critical programme with tight timelines, requiring an experienced engineer who can bridge the gap between architectural design and hands-on implementation.

You will work closely with the internal Cloud Centre of Excellence (CCoE), project delivery teams, and technical architects to implement secure, automated, production-grade Azure infrastructure while foundational cloud capabilities continue to mature.

This is a highly hands-on role requiring strong Azure platform engineering expertise, Infrastructure-as-Code automation, and security-first thinking.

Project Context

• Delivery of a new Azure-hosted platform supporting regulated, consumer-facing operations

• Internet-facing workloads requiring strong governance and API security

• Cloud Centre of Excellence actively evolving platform standards

• Immediate need for senior-level expertise to remove delivery bottlenecks

• Focus on operationalising cloud designs into secure, production-ready infrastructure

Primary Objectives (First 90-120 Days)

• Implement and enhance Azure landing zones aligned to enterprise governance standards

• Build and deploy reusable Terraform or Bicep modules for automated infrastructure provisioning

• Strengthen RBAC models, Azure Policy guardrails, and governance controls

• Implement secure networking patterns for Internet-facing services

• Embed DevSecOps controls into CI/CD workflows

• Establish monitoring, observability, and alerting capabilities

• Validate resilience and disaster recovery configurations (RTO/RPO testing)

• Produce high-quality documentation and operational runbooks

• Enable internal teams through structured knowledge transfer

Core Responsibilities

• Engineer secure, scalable Azure infrastructure across IaaS and PaaS services

• Translate architectural designs into production-ready deployments

• Build and manage Infrastructure-as-Code (Terraform or Bicep) modules

• Configure and optimise Azure networking (vNETs, private endpoints, DNS, Firewalls)

• Implement Azure Policy, RBAC, and identity governance best practices

• Integrate CI/CD pipelines using Azure DevOps or GitHub Actions

• Embed security scanning and DevSecOps practices within infrastructure delivery

• Configure monitoring using Azure Monitor, Log Analytics, and Application Insights

• Implement backup, restore, and disaster recovery patterns

• Collaborate with technical architects and project delivery teams

• Provide clear documentation, diagrams, and operational runbooks

Required Skills & Experience

• Extensive hands-on experience with Microsoft Azure in enterprise environments

• Strong experience building Azure Landing Zones

• Deep expertise in Terraform or Bicep module development

• Experience delivering infrastructure for production, Internet-facing platforms

• Azure networking expertise (vNETs, Private Link, DNS, Firewalls)

• Identity & access management (Entra ID, RBAC, Conditional Access awareness)

• DevSecOps integration within CI/CD pipelines

• Security-first mindset, particularly around API and platform security

• Monitoring and observability implementation (Azure Monitor, Log Analytics)

• Experience validating resilience and DR against RTO/RPO targets

• Proven ability to operate independently and deliver under tight timelines

• Strong documentation and knowledge transfer capability

Desirable Experience

• Experience in regulated sectors (legal, financial services, healthcare)

• Azure certifications (AZ-104, AZ-400, AZ-500, AZ-700 or similar)

• Experience with Azure Sentinel or Defender for Cloud

• FinOps practices (tagging, cost optimisation, rightsizing)

• Exposure to containerisation/AKS fundamentals

• Familiarity with ITIL/SRE operational practices

Key Deliverables

• Approved and reusable Terraform/Bicep modules

• Secure Azure landing zones implemented or enhanced

• Operational CI/CD infrastructure pipelines

• Hardened security configurations and governance controls

• Monitoring dashboards and alerting packs

• Documented disaster recovery runbooks with tested evidence

• Complete as-built documentation and architectural diagrams

• Knowledge transfer sessions delivered to internal teams

Ways of Working

• Fully remote (UK-based contractor)

• Agile delivery model

• Collaboration with Cloud Engineering, Architecture, and Security teams

• Ticket management via Jira/Azure Boards/ITSM tools

• Emphasis on rapid iteration and delivery impact

Contract Structure

• Initial 4-month engagement (approx. 100 working days)

• Outside IR35

• High-priority hire with accelerated interview process

• 1st Interview with hiring manager (30mins) - 2nd Stage with hiring manager & Technical Architect (1hour) - Offer!

• Extension potential subject to programme funding

Submission Requirements

• Updated CV highlighting Azure platform, Terraform/Bicep, and DevSecOps experience

• Short written summary (max 300 words) mapping experience to project objectives

• Two recent enterprise client references