Your innovation delivery partner.
Lead Cloud Infrastructure Engineer – Azure, AWS
Location
Pakistan
Posted
113 days ago
Salary
0
Seniority
Senior
Job Description
Lead Cloud Infrastructure Engineer – Azure, AWS
Creative Chaos
**Job Summary: ** We are hiring a Lead Infrastructure & Cloud Engineer with a strong Wintel infrastructure foundation and current, hands-on capability in modern cloud infrastructure across Azure (primary) and AWS. This role exists to close a capability gap: we have deep on-prem expertise, and we need a leader who can define and drive modern cloud standards, guide technical direction, and uplift the team. You’ll operate as a technical lead with an architecture mindset: creating reference designs, setting guardrails, making pragmatic trade-offs (security, resilience, cost), and leading delivery across infrastructure and hybrid cloud. This is not a DevOps role, you will collaborate with DevOps and engineers, but your focus is infrastructure/platform, governance, reliability, and technical leadership. **Job Responsibilities:** **Cloud & Hybrid Architecture (Azure & AWS)** - Own the target-state hybrid cloud architecture and roadmap (12–24 months), aligning security, resilience, and cost requirements. - Define reference architectures and standards: landing zones, network patterns, identity patterns, logging/monitoring, backup/DR, and environment separation. - Lead design and implementation of secure cloud networking: VNets/VPCs, routing, VPN, ExpressRoute/Direct Connect, Private Link/Endpoints, load balancers, WAF where needed. - Own cloud governance foundations: subscriptions/accounts, management groups, RBAC, naming/tagging, logging, budgets and policy guardrails. **Modern Cloud Operations (Hands-on Leadership)** - Ensure cloud platforms, services, and workloads remain on supported, secure versions; implement drift detection and lifecycle management. - Establish platform observability: Azure Monitor/Log Analytics/App Insights, CloudWatch, OpenTelemetry where used; improve alert quality and operational readiness. - Build and maintain backup/DR posture with tested RTO/RPO, runbooks, and regular restore/DR exercises. - Drive FinOps discipline: cost allocation, tagging compliance, rightsizing, reservations/savings plans, and cost anomaly detection. **Security, Governance & Incident Readiness** - Ensure security controls are in place and effective (least privilege, secure baselines, encryption, key management, vulnerability/patch posture). - Log & telemetry onboarding: own onboarding of data/log sources and integration with the SIEM (e.g., Microsoft Sentinel/Splunk) in partnership with Security. - Lead incident response for infrastructure/cloud events: triage, investigation, reporting, RCA, and implementation of preventative controls and guardrails. - Manage, document, and audit configuration changes; champion “repeatable by design” changes and reduce configuration drift. **Wintel & Core Infrastructure Leadership** - Provide technical leadership across core infrastructure services: Windows Server, AD DS, DNS/DHCP, certificates/PKI, and integration with Entra ID. - Guide virtualisation/storage teams (VMware/Hyper-V, SAN/storage) towards cloud-aligned standards for resilience, security, and lifecycle. **Leadership and Uplift** - Act as the technical authority for infrastructure and hybrid cloud lead technical decisions and drive outcomes. - Mentor and upskill engineers on modern cloud infrastructure practices; run knowledge sessions and codify standards into reusable patterns. - Provide input during design and architectural discussions with DevOps and software teams; unblock delivery with clear, pragmatic guidance.
Job Requirements
- Must-Have Skills & Experience**
- Strong enterprise infrastructure background with a Wintel core (Windows Server, AD, DNS/DHCP, certificates) and operational discipline.
- Demonstrable, hands-on Azure production experience including:
- Identity/RBAC/Entra integration
- VNets, VPN/ExpressRoute, Private Link/Endpoints
- Azure Monitor/Log Analytics, backup/DR patterns, policy/guardrails
- Working knowledge of AWS production environments (accounts/VPC, security groups, IAM basics, CloudWatch).
- Strong troubleshooting and incident leadership across OS/network layers; confident with vendors/escalations.
- Scripting/automation mindset (strong PowerShell; Bash/Python beneficial).
- Ability to create architecture artefacts: reference designs, diagrams, standards, and decision records (ADRs).
- Preferred Certifications****AZ-104 , AZ-305 or AZ-500
- Desirable**
- Conditional Access and privileged access controls (PIM), break-glass patterns, Zero Trust principles.
- Azure Policy/AWS Config, Defender for Cloud/Security Hub, GuardDuty; landing zone governance tooling.
- AWS Control Tower, IAM Identity Center, CloudFormation (read/maintain).
- Infrastructure-as-Code familiarity (Terraform/Bicep) preferred, but not essential.
- Exposure to containers/AKS/EKS and CI/CD concepts (as an enabling partner).
- Experience supporting web hosting environments (CDN/WAF, TLS/PKI, caching/performance).
Related Guides
Related Categories
Related Job Pages
More Infrastructure Engineer Jobs
• Build data pipelines that scrub PII, create research datasets, and power the research portal for educational AI studies • Architect the path toward self-hosted and on-device model deployments for privacy and global accessibility • Design and implement model orchestration systems that intelligently route requests across multiple AI providers (OpenAI, Anthropic, AWS Bedrock, open-source models) • Build cost optimization infrastructure - implement conversation compression, prompt caching, and smart model selection to keep AI accessible • Create comprehensive observability systems for ML operations - track costs, latency, quality, and usage patterns across thousands of applications • Design and implement infrastructure for fine-tuning and deploying custom models • Build monitoring and alerting systems that help us maintain reliability as AI interactions scale
• Implement and support infrastructure technologies such as Microsoft Azure, VMware and networking technologies • Execute migrations of on-premises platforms to cloud infrastructure • Manage enterprise support requests from clients subscribing to Kraft Kennedy’s enterprise managed services • Execute planned evening and weekend maintenance tasks in support of Kraft Kennedy’s enterprise managed services clients, when necessary • Participate in weekly on-call rotation for evening and weekend support assistance, as requested by enterprise managed services clients • Escalate to internal and, when necessary, external resources in an appropriate time frame to manage the resolution of complex client issues • Provide on-site support, as necessary
IT Infrastructure Support Engineer
Apogee Global RMSTaking People, Process and Technology to the Next Level
- IT Support & Helpdesk - Provide Tier 1–2 technical support for desktops, laptops, printers, and mobile devices - Troubleshoot hardware, software, OS, and application issues - Set up, configure, and maintain user accounts, email, and access permissions - Respond to tickets, document issues, and ensure timely resolution - Support onboarding/offboarding of employees (devices, accounts, access) - Systems Administration - Install, configure, and maintain Windows/Linux servers and workstations - Manage Active Directory, user/group policies, and permissions - Monitor system performance, backups, patches, and updates - Maintain virtualization environments (VMware/Hyper-V or similar) - Ensure security best practices, antivirus, patching, and access controls - Document systems, procedures, and configurations - Network Administration - Configure and maintain LAN/WAN, switches, routers, firewalls, and Wi-Fi - Monitor network performance, uptime, and security - Troubleshoot network connectivity and performance issues - Manage VPNs, DNS, DHCP, and basic firewall rules - Assist with network upgrades, expansions, and improvements
• Own and improve observability across the entire stack: metrics, logging, alerting, dashboards. • Architect and operate browser cloud infrastructure: containerized browsers, session isolation, crash recovery, autoscaling. • Handle websocket connections, CDP tunnels, and TCP-level tuning for browser automation. • Write and maintain Terraform for all infrastructure. Everything is code. • Tune autoscaling, capacity planning, and cost optimization. • Expand to new regions as we grow. • Experiment with Lambdas, new cloud providers for custom scraping needs. • Debug production issues: memory leaks, zombie processes, network failures. • Build disaster recovery and incident response runbooks. • Work with Linux systems, Dockerfiles, container orchestration daily.
