About the Role
<p><strong><em>This is us</em></strong><em><br><br></em>At Avenga, we believe that human creativity empowers technology that matters. Operating globally, our 6000+ specialists provide a full spectrum of services, including business and tech advisory, enterprise solutions, CX, UX and Ul design, managed services, product development, and software development. <br><strong><em><br>This is you</em></strong></p><p>Cloud Platform & Architecture</p><ul><li><p>Cloud platform expertise (OCI / AWS / Azure)</p></li><li><p>Secure provisioning & tenancy hygiene</p></li><li><p>Backup, DR, geo‑redundancy design</p></li><li><p>PaaS service management</p></li><li><p>Cloud governance & compliance frameworks</p></li></ul><p>Infrastructure as Code & Automation</p><ul><li><p>Terraform (IaC, modules, drift control)</p></li><li><p>CLI / PowerShell automation</p></li><li><p>CI/CD for IaC with policy/test gates</p></li><li><p>Environment promotion workflows</p></li></ul><p>Security, Identity & Secrets</p><ul><li><p>IAM architecture (SSO, federation, workload identities)</p></li><li><p>Conditional Access & JIT/PAM</p></li><li><p>Least‑privilege access patterns</p></li><li><p>KMS/HSM architecture</p></li><li><p>Secret lifecycle management (rotation, envelope encryption, scanning)</p></li><li><p>CSPM/CWPP tooling & security posture management</p></li></ul><p>Networking & Connectivity</p><ul><li><p>VNet/VPC design & segmentation</p></li><li><p>Private links/endpoints & service endpoints</p></li><li><p>Routing, peering, DNS architecture</p></li><li><p>Global load balancing</p></li><li><p>Egress control & traffic governance</p></li></ul><p>Policy‑as‑Code & Guardrails</p><ul><li><p>Azure Policy / Defender for Cloud</p></li><li><p>AWS SCPs / Config</p></li><li><p>OCI Policies / Cloud Guard</p></li><li><p>Enforcement of tagging, naming, quota & region standards</p></li></ul><p>Containers & Kubernetes</p><ul><li><p>AKS / EKS / OKE operations</p></li><li><p>Cluster lifecycle & autoscaling</p></li><li><p>Admission controllers</p></li><li><p>Image signing & SBOM</p></li><li><p>Registry governance</p></li><li><p>Runtime hardening</p></li></ul><p>FinOps & Cost Governance</p><ul><li><p>Cost optimisation & anomaly detection</p></li><li><p>Commitment planning (RI / Savings Plans)</p></li><li><p>Showback/chargeback models</p></li><li><p>Cost allocation tagging & policies</p></li></ul><p>Observability & Operations</p><ul><li><p>Monitoring & observability tooling</p></li><li><p>ITSM automation</p></li><li><p>SLOs, error budgets, toil reduction</p></li><li><p>Runbook creation & incident command</p></li><li><p>Post‑incident review facilitation</p></li></ul><p>Migration & Platform Engineering</p><ul><li><p>Cloud migration planning & execution</p></li><li><p>Data protection & residency compliance</p></li><li><p>Backup immutability & retention alignment</p></li><li><p>Standardisation into reusable blueprints</p></li></ul><p>Leadership & Enablement</p><ul><li><p>Mentoring L2 analysts</p></li><li><p>Cloud build standards coaching</p></li><li><p>Troubleshooting guidance</p></li></ul><p><strong><em>Your role</em></strong></p><ul><li><p>Lead the provisioning, management, and optimisation of cloud infrastructure and services (OCI, AWS, Azure, Native Services, IaaS, PaaS).</p></li><li><p>Oversee the deployment and configuration of public cloud resources, ensuring security, scalability, and cost efficiency.</p></li><li><p>Develop and maintain automation scripts and tools for cloud resource management.</p></li><li><p>Implement Infrastructure-As-Code approach and develop Terraform scripts for all cloud Infrastructure deployments.</p></li><li><p>Drive integration with DevOps workflows, supporting rapid deployment and continuous delivery.</p></li><li><p>Mentor and guide L2 Support Analysts, promoting knowledge sharing and skill development. Organize an On-Call rota for this area.</p></li><li><p>Lead cloud migration projects, ensuring minimal disruption and robust risk management.</p></li><li><p>Participate in governance, reporting, and service review meetings.</p></li><li><p>Establish and maintain cloud landing zones with policy‑as‑code guardrails (e.g., Azure Policy/Defender for Cloud, AWS Organizations/Control Tower SCPs, OCI Policies), including tagging, naming, quota, and region use standards.</p></li><li><p>Own identity and access standards (enforce least privilege, SSO, role mapping, privileged access break‑glass, workload identities) and key/secrets management (KMS/HSM, rotation SLAs, secret scanning).</p></li><li><p>Define and operate network reference architectures (hub‑and‑spoke, private endpoints, service endpoints, egress controls, DNS, global load balancing, cross‑cloud connectivity) with security baselines.</p></li><li><p>Lead container/Kubernetes platform operations (AKS/EKS/OKE): cluster lifecycle, node pools, autoscaling, admission control, image provenance, and supply chain security.</p></li><li><p>Own FinOps operations (allocation/chargeback, budgets/alerts, rightsizing, RIs/Savings Plans/Flexible commitments, lifecycle policies for idle/orphaned resources).</p></li><li><p>Maintain golden images/base templates and patch pipelines for compute/container runtimes; ensure vulnerability management and CIS/NIST/CIS‑benchmark alignment.</p></li></ul><p><strong><em>What awaits you at Avenga?</em></strong></p><ul><li><p>Private medical care</p></li><li><p>Cafeteria benefits program</p></li><li><p>Private isurance<br><em><br>At Avenga, everyone matters. We provide equal opportunities in recruitment, career development, and leadership, regardless of race, ethnicity, gender identity, sexual orientation, disability, age, religion, or any other characteristic. We are committed to fostering a work environment where our diverse community of employees, candidates, and business partners actively shapes our growth. By bringing together people from different backgrounds and experiences, we build a workplace where everyone feels free to be themselves while honoring the boundaries of others.</em></p></li></ul>