Lead Cloud Infrastructure Engineer Creative Chaos
Share
Job Location:
Monthly Salary:
Posted on:
11 hours ago
Vacancies:
1 Vacancy
Job Summary
Our client is looking for Lead Cloud Infrastructure Engineer to work remotely.
We are hiring a Lead Infrastructure & Cloud Engineer with a strong Wintel infrastructure foundation and current hands-on capability in modern cloud infrastructure across Azure (primary) and AWS. This role exists to close a capability gap: we have deep on-prem expertise and we need a leader who can define and drive modern cloud standards guide technical direction and uplift the team.
Youll operate as a technical lead with an architecture mindset: creating reference designs setting guardrails making pragmatic trade-offs (security resilience cost) and leading delivery across infrastructure and hybrid cloud. This is not a DevOps role you will collaborate with DevOps and engineers but your focus is infrastructure/platform governance reliability and technical leadership.
Job Responsibilities:
Cloud & Hybrid Architecture (Azure & AWS)
- Own the target-state hybrid cloud architecture and roadmap (1224 months) aligning security resilience and cost requirements.
- Define reference architectures and standards: landing zones network patterns identity patterns logging/monitoring backup/DR and environment separation.
- Lead design and implementation of secure cloud networking: VNets/VPCs routing VPN ExpressRoute/Direct Connect Private Link/Endpoints load balancers WAF where needed.
- Own cloud governance foundations: subscriptions/accounts management groups RBAC naming/tagging logging budgets and policy guardrails.
Modern Cloud Operations (Hands-on Leadership)
- Ensure cloud platforms services and workloads remain on supported secure versions; implement drift detection and lifecycle management.
- Establish platform observability: Azure Monitor/Log Analytics/App Insights CloudWatch OpenTelemetry where used; improve alert quality and operational readiness.
- Build and maintain backup/DR posture with tested RTO/RPO runbooks and regular restore/DR exercises.
- Drive FinOps discipline: cost allocation tagging compliance rightsizing reservations/savings plans and cost anomaly detection.
Security Governance & Incident Readiness
- Ensure security controls are in place and effective (least privilege secure baselines encryption key management vulnerability/patch posture).
- Log & telemetry onboarding: own onboarding of data/log sources and integration with the SIEM (e.g. Microsoft Sentinel/Splunk) in partnership with Security.
- Lead incident response for infrastructure/cloud events: triage investigation reporting RCA and implementation of preventative controls and guardrails.
- Manage document and audit configuration changes; champion repeatable by design changes and reduce configuration drift.
Wintel & Core Infrastructure Leadership
- Provide technical leadership across core infrastructure services: Windows Server AD DS DNS/DHCP certificates/PKI and integration with Entra ID.
- Guide virtualization/storage teams (VMware/Hyper-V SAN/storage) towards cloud-aligned standards for resilience security and lifecycle.
Leadership and Uplift
- Act as the technical authority for infrastructure and hybrid cloud lead technical decisions and drive outcomes.
- Mentor and upskill engineers on modern cloud infrastructure practices; run knowledge sessions and codify standards into reusable patterns.
- Provide input during design and architectural discussions with DevOps and software teams; unblock delivery with clear pragmatic guidance.
Requirements
Must-Have Skills & Experience
- Strong enterprise infrastructure background with a Wintel core (Windows Server AD DNS/DHCP certificates) and operational discipline.
- Demonstrable hands-on Azure production experience including:
- Identity/RBAC/Entra integration
- VNets VPN/ExpressRoute Private Link/Endpoints
- Azure Monitor/Log Analytics backup/DR patterns policy/guardrails
- Working knowledge of AWS production environments (accounts/VPC security groups IAM basics CloudWatch).
- Strong troubleshooting and incident leadership across OS/network layers; confident with vendors/escalations.
- Scripting/automation mindset (strong PowerShell; Bash/Python beneficial).
- Ability to create architecture artefacts: reference designs diagrams standards and decision records (ADRs).
Preferred Certifications
AZ-104 AZ-305 or AZ-500
Desirable
- Conditional Access and privileged access controls (PIM) break-glass patterns Zero Trust principles.
- Azure Policy/AWS Config Defender for Cloud/Security Hub GuardDuty; landing zone governance tooling.
- AWS Control Tower IAM Identity Center CloudFormation (read/maintain).
- Infrastructure-as-Code familiarity (Terraform/Bicep) preferred but not essential.
- Exposure to containers/AKS/EKS and CI/CD concepts (as an enabling partner).
- Experience supporting web hosting environments (CDN/WAF TLS/PKI caching/performance).
Key Skills
- Jenkins
- Ruby
- Python
- Active Directory
- Cloud
- PowerShell
- Windows
- AWS
- Linux
- SAN
- Java
- Troubleshoot
- Backup
- Puppet
- hardware
