Lead Cloud Platform Engineer (Azure, Databricks & DevSecOps)

An AI-powered consumer intelligence platform is hiring a Lead Cloud Platform Engineer (Azure, Databricks & DevSecOps). Our platform processes 50+ billion data points monthly to deliver actionable insights for leading global brands, such as Coca-Cola, Unilever, and Bayer. We run on Azure, Databricks, and GenAI workflows, and we're scaling our platform for faster delivery, stronger security, and tighter cost discipline. The Role We're hiring a hands-on cloud platform leader to own, secure, automate, and optimize our Azure-based SaaS and AI infrastructure end to end. You'll own Azure administration, Entra ID and Microsoft 365, networking, storage, Kubernetes, security, CI/CD, and FinOps, plus the cloud platform layer around Azure Databricks (networking, identity, secure access, compute governance, monitoring, and cost control). This is a hands-on role first, with a clear path to technical or people leadership as the company grows. What You'll Do • Own Azure subscriptions, governance, networking (VNets, private endpoints, DNS, NSGs), storage (ADLS Gen2, Blob), Azure SQL, Key Vault, and monitoring across all environments. • Administer Entra ID and Microsoft 365 - identities, MFA, Conditional Access, least-privilege access, and joiner/mover/leaver processes. • Manage Azure Databricks infrastructure and security: secure connectivity, networking, identity integration, compute policies, audit logging, and cost controls. • Build and improve CI/CD (Azure DevOps, GitHub Actions) and introduce Infrastructure as Code (Terraform, Bicep, or ARM) to replace manual portal changes. • Operate and secure Kubernetes/AKS environments and supporting application infrastructure. • Strengthen security and DevSecOps posture; support SOC 2 evidence, security questionnaires, and enterprise reviews. • Build monitoring, dashboards, runbooks, and incident response across the platform. • Drive Azure and Databricks cost optimization through tagging, budgets, alerts, and compute tuning. What You'll Bring: Required Qualifications • 7+ years in DevOps, Cloud, Platform, Infrastructure, or Systems Engineering, including 4+ years hands-on with Azure in production. • Strong Azure depth: subscriptions, RBAC, policies, networking, storage, monitoring, and security. • Solid experience with Entra ID and Microsoft 365 administration. • Production Kubernetes experience (AKS preferred). • Experience managing or supporting Azure Databricks infrastructure (workspace admin, compute, networking, secure storage access, identity, audit logging). • CI/CD experience with Azure DevOps and/or GitHub Actions, plus scripting (PowerShell, Azure CLI, Bash, or Python). • Strong grasp of cloud security: least privilege, secrets management, encryption, and auditability. • Proven ability to work independently, create structure, and drive improvements with minimal supervision. Nice to Have: Preferred Qualifications Experience in AI, data, analytics, or SaaS environments; Infrastructure as Code (Terraform, Bicep); SOC 2 / ISO 27001 / GDPR; Microsoft Defender for Cloud and DevSecOps tooling; FinOps and Databricks cost optimization; and working with distributed or offshore teams. What This Role Is Not This role is not a pure CI/CD role, a helpdesk-only M365 admin role, a Databricks notebook developer, a data engineering role, or a people-management role. The Opportunity • Long-term B2B contract opportunity • High Impact: We’re backed by world-class investors and work with the most iconic global consumer brands. • You’ll have ownership, with a clear path to technical or people leadership as the company grows..