WHAT MAKES US A GREAT PLACE TO WORK

We are proud to be consistently recognized as one of the world’s best places to work. We are currently the #1 ranked consulting firm on Glassdoor’s Best Places to Work list and have maintained a spot in the top four on Glassdoor’s list since its founding in 2009.

Extraordinary teams are at the heart of our business strategy, but these don’t happen by chance. They require intentional focus on bringing together a broad set of backgrounds, cultures, experiences, perspectives, and skills in a supportive and inclusive work environment. We hire people with exceptional talent and create an environment in which every individual can thrive professionally and personally.

WHERE YOU’LL FIT WITHIN THE TEAM

You’ll be part of the DevOps and Assurance team within Bain’s Next Generation Software Solutions (NGSS) department — a multidisciplinary engineering organization responsible for building, operating, and scaling Bain’s next-generation digital products and platforms.

The DevOps and Assurance team plays a critical role in enabling secure, efficient, and reliable delivery of technology solutions across Bain’s global ecosystem. The group focuses on both technical operations and platform assurance, ensuring that every deployment meets the firm’s high standards for quality, security, and compliance.

WHAT YOU’LL DO

We are looking for an accomplished DevOps engineer to drive the design, implementation, and continuous improvement of cloud infrastructure and software delivery processes. In this role, you will lead efforts to build and scale CI/CD pipelines, provision and operate Azure infrastructure, and ensure security and reliability across the deployment lifecycle.

The ideal candidate will work in close partnership with software development, QA, and security teams to foster a culture of automation, performance excellence, and operational resilience. This position requires both strong technical expertise and the ability to guide best practices and mentor engineers across teams.

KEY RESPONSIBILITIES

Infrastructure & Automation – 30%

• Design, provision, and manage cloud infrastructure using Terraform and Terraform Cloud. Automate deployments to ensure scalability, consistency, and security across environments.

• Architect and manage Azure networking: VNet/subnet design, private endpoints, DNS resolution, NSG rules, and Front Door Premium configuration.
• Provision and maintain Azure platform services: App Services, Azure SQL, Azure OpenAI, Azure Container Registry (ACR), Key Vault, Entra ID, and Storage Accounts (ADLS Gen2).

Cloud & Platform Management (Azure) – 25%

• Manage Azure Kubernetes Service (AKS) clusters, including node pools, scaling, spot instances, and workload connectivity to dependent services (databases, storage, AI services).
• Manage identity and access: Entra ID app registrations, managed identities, RBAC, and integration with external IdPs (Okta).
• Administer database platforms from an infrastructure perspective: Azure SQL Serverless, PostgreSQL Flexible Server, Cosmos DB — including connectivity, Entra auth, firewall rules, and private endpoints.
• Ensure robust access controls and platform reliability across dev, demo, and production environments.

CI/CD & Software Delivery – 20%

• Build, optimize, and maintain CI/CD pipelines using GitHub Actions for container builds, infrastructure deployments, and application releases.
• Manage container image lifecycle: build, scan, push to ACR, and deploy to AKS or App Services.
• Implement environment promotion workflows with appropriate gating, secrets management (Key Vault), and rollback strategies.
• Design and operate GitHub-hosted private runners where required, including network integration with Azure VNets.

Monitoring, Security & Assurance – 15%

• Implement and operate observability using Datadog and Azure Application Insights. Monitor performance, resolve issues proactively, and optimize cost and reliability.
• Respond to security findings: triage, containment, IAM scoping, container image CVE remediation, and endpoint hardening.
• Handle L2/L3 incident escalations, including root-cause analysis, user journey tracing, and log analysis.
• Enforce solution compliance across products: network isolation, least-privilege access, secrets hygiene, and deployment guardrails.

Leadership & Collaboration – 10%

• Partner with architects, product engineers, and security teams to align on infrastructure standards and platform roadmaps.
• Promote DevOps culture, automation-first thinking, and continuous improvement across the NGSS engineering organization.
• Contribute to technical discovery, POCs, and innovation work streams to validate new tools, technologies, and architectural patterns.
• Support team recruiting activities: resume screening, technical interviews, and candidate evaluation.

ABOUT YOU

Education & Experience

• Bachelor’s or Master’s degree in Computer Science, Engineering, or a related technical field.
• 4–7 years of experience in DevOps, infrastructure engineering, or cloud platform engineering roles.
• Proven track record of designing and operating cloud infrastructure in production environments.
• Demonstrated experience working with cross-functional engineering teams in fast-paced product organizations.

Professional Skills & Mindset

• Excellent communication and collaboration skills, with the ability to translate complex technical topics for diverse stakeholders.
• Proactive, analytical, and systematic — strong problem-solving skills with the ability to trace issues across multiple layers (DNS, networking, identity, application).
• Results-driven with a bias for automation and continuous improvement.
• Familiarity with Agile methodologies and a commitment to team enablement.

Technical Expertise

• Hands-on experience with Terraform and Terraform Cloud (or equivalent) — workspace management, state, modules, and remote backends.
• Strong proficiency in Azure services, including AKS, Networking (VNets, subnets, private endpoints, NSGs, DNS zones), App Services, Key Vault, Container Registry, and Storage Accounts.
• Experience with containerization technologies (Docker, Kubernetes) and container image lifecycle management.
• Expertise in roles, permissions, and IAM — particularly Microsoft Entra ID and Okta.
• Advanced skills in CI/CD automation using GitHub Actions, Azure DevOps, and related DevOps toolchains.
• Proficient in Linux administration and automation scripting (Bash, PowerShell, Python) for reusable workflows.
• Experience with monitoring platforms, including Datadog and Azure Application Insights.
• Familiarity with Azure private networking: private endpoints (blob, DFS, SQL, PostgreSQL), Private DNS Zones, and VNet integration for App Services and AKS.
• Competent in database deployment and management from an infrastructure perspective — Azure SQL Serverless, PostgreSQL Flexible Server, and Cosmos DB.
• Foundation in security remediation: container CVE patching, IAM scoping, NSG/firewall tightening, and WAF/Front Door rule management.

Preferred Qualifications

• Professional certifications such as Azure DevOps Engineer Expert, Azure Administrator, Terraform Associate, or CKA (or equivalent).
• Experience managing multi-environment governance, cost optimization, and compliance frameworks in cloud environments.
• Familiarity with Azure OpenAI, Cognitive Search, Databricks, and the integration of AI services into enterprise platforms.
• Experience with workflow orchestration tools (Airflow, or similar DAG/pipeline systems).
• Snowflake administration or connectivity from a DevOps lens.