Responsibilities
- Design and own environment-management foundations (env repos, env modules, promotion patterns) for consistent Dev/Stage/Prod provisioning.
- Publish and govern Terraform modules, managing registry operations, versioning, reviews, documentation standards, and deprecation.
- Administer Terraform Cloud workspaces, policies/approvals, secure variables, and run workflows for scalable delivery.
- Define and enforce platform IAM standards across Azure and tooling (RBAC, managed identities, service principals), including SP→MI modernization and governance integration.
- Implement secrets-binding patterns with Azure Key Vault, including access models, references, and rotation across IaC workflows.
- Lead FinOps enablement: tagging/labeling, budgets/alerts, and cost/productivity KPI dashboards using Cloudability.
- Administer platform tooling (GitHub, Azure DevOps, Docker Hub licensing) including governance, cost/resource optimization, and support.
- Integrate platform workflows with enterprise systems such as ServiceNow CMDB and IdentityNow for auditable provisioning and access governance.
- Build and operationalize VM fleet patterns (image strategy, patching/maintenance, scaling, reliability) with automation and runbooks.
- Establish infrastructure guardrails (CI validation/testing, policy checks, drift detection) and drive adoption via templates and infra-testing standards.
- Provide certificate lifecycle automation and CA integrations (issuance, renewal, rotation) for platform components.
- Produce and maintain platform documentation, templates, release notes, and onboarding materials; run office hours and support motions to drive self-service adoption.
- Drive platform feedback loops, community building, and evangelism; translate signals (NPS/surveys) into roadmap inputs.
- Administer Copilot/agent enablement and MCP server catalog integrations with instructions/runbooks for safe, consistent usage.
Requirements
- 6+ years building and operating enterprise cloud/platform foundations: landing zones, shared services, and environment patterns.
- 4+ years hands-on infrastructure as code with Terraform, including reusable module design and multi-team consumption.
- Experience governing a Terraform module registry: versioning, reviews, documentation standards, and deprecation lifecycle.
- Experience administering Terraform Cloud: workspace patterns, policies/approvals, secure variables, and run workflows.
- Experience establishing environment-management patterns: env repos/modules and promotion models.
- Experience integrating secure secrets with Azure Key Vault (binding patterns, access models, rotation).
- Strong IAM background for Azure and tool IAM: RBAC, least privilege, managed identities, service principals, and governance integration.
- FinOps experience: tagging/labeling, budgets/alerts, and cost reporting/dashboards (Cloudability).
- Experience operating VM fleets: image strategy, patching/maintenance, scaling, and reliability.
- Experience integrating platform workflows with enterprise systems such as ServiceNow CMDB and IdentityNow.
- Experience with infrastructure guardrails: CI validation/testing, policy-as-code checks, and drift detection.
- Strong written and verbal communication skills for documentation, templates, and technical enablement.
Nice to Have
- Experience with SP→MI conversion patterns and managed identity modernization.
- Experience administering Azure DevOps (projects, repos, pipelines).
- Experience with Cloudability (IBM FinOps) dashboards and reporting.
- Experience administering Docker Hub licensing and resource optimization.
- Experience running NPS/feedback programs and platform community building.
- Experience with Copilot enablement: runbooks, instruction management, and MCP server catalog administration.
