Cloud Architect

Job Description: Senior Cloud Platform Engineer

L3 / Senior | 5–8 Years Experience | Architecture & Design

Job Title

Senior Cloud Platform Engineer

Level

L3 — Senior

Department

Cloud Infrastructure & Platform

Reporting To

Cloud Platform Architect

Collaborates With

Principal Architect, Product Heads, DevOps, Security

Experience

5–8 years (3+ years in cloud-native / Azure architecture)

Employment Type

Full-time

Location

Kolkata

About The Role

The Senior Cloud Platform Engineer is the primary owner of the modern application platform for the Ginesys One retail SaaS suite. The core mandate is to design, build, and continuously evolve a container-native platform on Azure — making it scalable, stable, and manageable at SaaS scale. This role leads AKS adoption across Ginesys One product services, drives CI/CD maturity, and works closely with the Cloud Platform Architect to ensure the platform aligns with the Well-Architected Framework. It serves as the primary technical escalation point for platform engineering decisions.

Core Responsibilities

AKS & Modern Application Platform
Own the design, deployment, and evolution of Azure Kubernetes Service (AKS) as the primary hosting platform for Ginesys One product services.
Assess containerisation readiness of individual product services; define and drive the migration path from IaaS to AKS.
Design cluster topology for SaaS scale — multi-tenancy, node pools, namespaces, resource quotas, and auto-scaling policies (HPA / VPA / KEDA).
Architect for platform stability — define pod disruption budgets, liveness/readiness probes, graceful drain, and upgrade strategies.
Design for manageability — standardise Helm chart structures, config management, and environment promotion across dev/staging/prod.
Collaborate with product engineering teams to align container and service design with platform capabilities.
Work with the Security team to baseline AKS security — RBAC, network policies, pod security standards, and image scanning policies.
CI/CD & DevOps Engineering
Design and own the CI/CD pipeline architecture for all Ginesys One product services running on the platform.
Establish pipeline standards — build, test, security scan, image publish, and deployment stages using Azure DevOps or GitHub Actions.
Implement GitOps practices for AKS workload delivery; evaluate and adopt tooling such as Flux or ArgoCD.
Define environment promotion gates — automated quality, compliance, and rollback triggers between dev, staging, and production.
Drive IaC adoption using Terraform or Bicep for all platform infrastructure; enforce version control and peer-review discipline.
Establish release management standards — versioning, changelogs, blue-green and canary deployment patterns.
Scalability, Stability & Platform Architecture
Collaborate with the Cloud Platform Architect and Principal Architect on platform roadmap and architecture decisions.
Design for horizontal and vertical scalability — workload-aware auto-scaling, cluster auto-provisioner, and burst capacity strategies.
Conduct architecture reviews and produce Architecture Decision Records (ADRs) for significant platform changes.
Evaluate new Azure and CNCF ecosystem capabilities; recommend adoption where they improve scalability, stability, or manageability.
Contribute to Well-Architected Framework reviews — with focus on Reliability, Operational Excellence, and Performance Efficiency.
Networking Optimisation — Placement & Grouping
Design and optimise VNet topology — hub-spoke architecture, peering, and segmentation for AKS and supporting services.
Define subnet placement strategy aligned to workload classification (prod, non-prod, data, app, management).
Evaluate and implement private endpoints, service endpoints, and DNS private zones for PaaS services.
Optimise egress paths, NAT gateway usage, and bandwidth cost.
Review NSG rule sets for operational efficiency and correctness; coordinate with the Security team for hardening.
Disaster Recovery & High Availability
Define RTO/RPO targets per product tier in alignment with business requirements.
Design and document DR architecture — geo-redundancy, backup strategy, failover procedures.
Implement and periodically test HA configurations for critical workloads (DB clusters, AKS, app tiers).
Establish and validate runbooks for partial, complete, and degraded-performance outage scenarios.
Cost Estimation, Budgeting & Optimisation
Produce Azure cost models for new architectures and migration scenarios using Azure Pricing Calculator and Retail Prices API.
Conduct monthly cost reviews; identify and act on rightsizing, reserved instance, and savings plan opportunities.
Define cost allocation tagging taxonomy and governance; ensure 100% tag compliance.
Present cost vs. architecture trade-offs to stakeholders for informed decision-making.

Skills & Qualifications

Area : AKS / Containers

AKS design and operations; Docker; Helm; Kubernetes networking, scaling, upgrades (MUST HAVE)

Area: CI/CD & DevOps

Azure DevOps or GitHub Actions; GitOps (Flux / ArgoCD); release management; Jenkins

Area: IaC

Terraform or Bicep — production-grade, version-controlled infrastructure (MUST HAVE)

Area: Cloud Platform

Azure — advanced IaaS/PaaS, architecture patterns, landing zones

Area: Networking

Hub-spoke VNet design, NSG, DNS, private endpoints, routing concepts

Area: DR / HA

Azure Site Recovery, geo-redundancy, backup design, RTO/RPO modelling

Area: Multi-cloud

AWS / GCP architecture awareness — strong added advantage

Area: OS / Infra

Windows Server & Linux — working knowledge; not a primary focus

Area: WAF / Security

Well-Architected Framework; Defender for Cloud, RBAC, WAF — knowledge is a plus

Area: Observability

Azure Monitor, Log Analytics, Prometheus, Grafana, APM — knowledge is a plus

CERTIFICATIONS

AZ-104 + AZ-305: Required (Solutions Architect Expert strongly preferred).
CKA / CKAD (Kubernetes): Preferred.
AZ-400 (DevOps Engineer): Preferred.
AZ-700 (Network Engineer): Preferred.
AZ-500 (Security Engineer): Good to have.
AWS Solutions Architect Associate / GCP Professional Cloud Architect — significant advantage.

BEHAVIOURAL COMPETENCIES

Systems thinking — sees platform-wide implications of individual design choices.
Collaborative by default — designs are shaped with teams, not handed to them.
Bias for documentation — decisions, trade-offs, and designs are written down.
Cost-aware engineering — considers financial impact as a first-class design constraint.
Mentorship — actively raises the technical bar of the L1/L2 operations team.
Vendor-neutral judgement — selects the right tool, not the familiar one.