WHAT MAKES US A GREAT PLACE TO WORK

We are proud to be consistently recognized as one of the world’s best places to work. We are currently the top ranked consulting firm on Glassdoor's Best Places to Work list and have earned the #1 overall spot a record seven times. Extraordinary teams are at the heart of our business strategy, but these don’t happen by chance. They require intentional focus on bringing together a broad set of backgrounds, cultures, experiences, perspectives, and skills in a supportive and inclusive work environment. We hire people with exceptional talent and create an environment in which every individual can thrive professionally and personally.

WHO YOU'LL WORK WITH

You'll join Bain's NextGen Software Solutions (NGSS) team, where we build and operate the cloud platforms that power the firm's global product portfolio. In this role you will be a principal technical voice - working alongside engineering leads, architects, and security teams to set infrastructure direction, drive platform maturity, and raise the bar on reliability, security, and delivery speed across the organisation.

WHERE YOU'LL FIT WITHIN THE TEAM

As a Staff Engineer II, DevOps and Cloud Infrastructure, you will own the end-to-end platform engineering layer for Bain's next-generation digital products. You will lead the design of scalable, secure, and highly automated cloud environments, act as the primary authority on cloud infrastructure standards, and drive cross-team adoption of DevSecOps practices. You are expected to identify problems before they surface, propose solutions at the architectural level, and mentor a distributed team of engineers across multiple GBS locations.

WHAT YOU'LL DO

Infrastructure Architecture & Automation - 35%

• Own the design, provisioning, and lifecycle management of cloud infrastructure using Terraform (modular, multi-environment) and env0. Define IaC standards and govern adoption across the team.
• Lead platform lifecycle automation initiatives that reduce deployment time, eliminate manual toil, and ensure full environment reproducibility.
• Conduct architectural audits of existing infrastructure; identify and resolve gaps in scalability, resilience, and security posture.

Azure & Kubernetes Platform Engineering - 25%

• Act as the team's primary authority on Azure, with deep hands-on ownership of AKS cluster design, lifecycle management, and performance optimisation.
• Design and enforce identity and access management patterns using Microsoft Entra ID (Azure AD), Managed Identities, and Key Vault - including PKI, secret management, and least-privilege access controls.
• Manage platform-level Azure services: networking (VNets, Private Endpoints, Front Door), SQL/PostgreSQL/Cosmos DB, App Services, Azure OpenAI, and Cognitive Search.

CI/CD & DevSecOps - 20%

• Architect and continuously improve CI/CD pipelines using GitHub Actions and Azure DevOps. Embed security scanning (SAST, secret detection, dependency analysis) as first-class pipeline stages.
• Drive adoption of DevSecOps practices - including policy-as-code, automated compliance checks, and shift-left security - across all product teams.

Observability & Reliability - 10%

• Define observability standards using Datadog, Azure Application Insights, and Log Analytics. Build dashboards and alerting that enable proactive incident prevention.
• Lead post-incident reviews, drive root cause elimination, and own reliability SLOs for critical platform components.

Technical Leadership & Mentoring - 10%

• Serve as a technical mentor for mid-level and senior engineers across the NGSS DevOps team. Lead design reviews, define coding and infrastructure standards, and promote a culture of continuous improvement.
• Represent the DevOps and infrastructure function in cross-functional planning; advise engineering leads and architects on platform strategy and trade-offs.

ABOUT YOU

Education

• Bachelor's degree in Computer Science, Engineering, or a related technical field.
• Professional certifications required or in progress: Azure Solutions Architect Expert (AZ-305), Azure DevOps Engineer Expert (AZ-400), or HashiCorp Terraform Associate - or equivalent demonstrated expertise.

Experience

• 10+ years of experience in senior, staff, or principal-level DevOps or cloud infrastructure engineering roles.
• Proven track record of architecting and delivering complex cloud platforms in large-scale, regulated, or fast-paced environments (financial services, pharma, consulting, or equivalent).
• Experience owning end-to-end infrastructure lifecycle: from initial design through provisioning, operations, cost governance, compliance, and decommission.
• Demonstrated experience leading infrastructure initiatives across distributed, multinational engineering teams.

Technical Skills

• Expert-level Terraform: modular design, remote state management, multi-environment governance, and team-wide adoption. env0 or equivalent experience a plus.
• Deep Azure expertise: AKS (cluster design, node pools, Helm, network policies), Entra ID, Managed Identities, Key Vault, Azure Monitor, Log Analytics, App Services, Azure SQL, Cosmos DB, Azure OpenAI, Cognitive Search.
• Strong Kubernetes and container platform skills: Kubernetes internals, Helm (custom charts), Docker, and familiarity with service mesh (Istio or equivalent).
• Advanced CI/CD: GitHub Actions, Azure DevOps, GitOps patterns. Ability to design pipelines that balance delivery speed with security and compliance requirements.
• Observability and SRE: Datadog, Azure Application Insights, and/or the ELK/Prometheus/Grafana stack. Experience defining and operating against SLOs.
• Scripting and automation: Bash and Python at an advanced level; PowerShell proficient.
• Security: DevSecOps practices, secret management,
• Familiarity with AI/ML service integration into enterprise platforms (Azure OpenAI, Cognitive Search).

Leadership and Ways of Working

• Proactive by default - identifies risks, inefficiencies, and architectural gaps before they become incidents or blockers.
• Strong communicator: able to translate complex infrastructure decisions into clear trade-offs for non-technical stakeholders.
• Comfortable operating in ambiguity; brings structure and clarity to loosely defined problems.
• Experience with Agile delivery and a genuine commitment to team enablement and knowledge sharing.

This role follows a hybrid work model, with 2 days per week in the office.