Senior IT Infrastructure Engineer

Senior IT Infrastructure Engineer

Location: London or Northampton (Hybrid - 2 days a week in the office)

About the Role

We're looking for a highly skilled and motivated Senior IT Infrastructure Engineer to join our BizOps Infrastructure Team. In this role, you'll be a key player in managing our global, multi-site IT infrastructure, ensuring its smooth operation, and driving continuous improvement. You'll collaborate with 2 mid-level infrastructure engineers, a global Service Desk and Support team of 17, and a 20-member Information Security team. Your work will span a diverse technology stack, from end-user devices to cloud environments, with a focus on automation, security, and scalability. This is an exciting opportunity for a dynamic individual who thrives on meticulously designing IT architectural controls and standards, loves solving complex problems in a fast-paced environment, is passionate about cutting-edge technologies, and enjoys mentoring junior colleagues.

What You'll Do

As a Senior IT Infrastructure Engineer, your responsibilities will include:

• Project Leadership & Delivery:

• Lead and deliver large-scale technical projects across end-user device fleets (Windows/macOS), networks, and cloud environments.

• Translate complex business initiatives into actionable project plans, ensuring successful implementation in a modern cloud environment.

• Manage IT and Infrastructure projects that enhance our processes, networks, device deployments, and cloud/SaaS services.

• Infrastructure Management & Automation:

• Oversee the day-to-day operations and maintenance of our network infrastructure, including our VMware SD-WAN, Meraki LAN, Mist WiFi, and Netskope SASE.

• Support and supervise two mid-level IT infrastructure engineers, helping them grow professionally.

• Drive automation and Infrastructure as Code (IaC) initiatives, leveraging tools like Terraform for configuration management and continuous integration/continuous deployment (CI/CD).

• Develop and maintain helpful applications and scripts (PowerShell, Bash, Terraform and Python) to automate manual processes and improve efficiency.

• Oversee the wider team’s configuration of SAML and onboarding of new applications into our Single Sign-On (SSO) and deployment platforms, ensuring process adherence and seamless user access.

Defining Solutions, Architectural Standards and Controls Ownership (Unified patching cadence across technology types):

• End-User Compute (EUC) & Device Management:

• Serve as an escalation point and architectural owner for all internal technology platforms. 

• Support the wider team’s Implementation of mass deployment and management strategies for Windows and macOS end-user devices.

• Accountable for the management of the patching and updating of all end-user devices and related networks and servers.

• Accountable for the standards for policies and controls across the estate of end user compute.

• Security & Compliance:

• Ensure industry-standard compliance and enhance security within our SaaS and PaaS cloud infrastructure.

• Understand and manage corporate audits, providing evidence of controls.

• Troubleshooting & Support:

• Act as the final line escalation point for the most complex of IT problems, providing expert troubleshooting and root cause analysis across our entire technology platform.

• Continuous Improvement:

• Identify areas for automation and continuous improvement, pragmatically advocating for their prioritisation.

• Maintain meticulous attention to detail when testing and deploying changes in production environments.

• Review GitHub pull requests and monitor infrastructure communication channels.

• Stay up-to-date with advancements and best practices in IT Infrastructure, actively proposing and implementing new technologies.

• Support the leadership team with developing a strategic IT roadmap to achieve measurable time savings for the year ahead.

What We're Looking For

• Experience & Technical Expertise:

• 5+ years of progressive and directly-relevant Infrastructure architectural level experience in a modern IT Infrastructure environment, with a strong focus on cloud-first solutions.

• Familiarity with GitHub and proven experience writing and using scripts in production environments with PowerShell, Bash, Terraform or Python.

• Extensive experience working in a full cloud environment, with a strong preference for SaaS.

• Solid understanding of APIs and experience using them to pull information or update configurations and drive automation.

• Demonstrable IaC experience with working knowledge of Terraform or Ansible and a good understanding of CI/CD pipelines.

• Strong network fundamentals, including WiFi (Mist), cloud networking, Routing, VLANs, and WAN (VMware SD-WAN).

• Proven experience in designing, implementing, maintaining, and supporting Identity and Access Management (IAM) solutions (e.g. Azure AD, Okta, Google Workspace).

• Advanced experience with Microsoft Intune, Azure AD, and/or JAMF for mass deployment and management of Windows and macOS end-user devices as well as experience of managing complex Microsoft licensing.

• Very strong proficiency in Windows, macOS, and Linux administration.

• Lead the lifecycle of Privileged Access Management (PAM) solutions, including policy definition, Just-In-Time (JIT) access implementation, and proactive monitoring of privileged activity for security threats.

• Project Management & Process Improvement:

• Demonstrated project management and delivery experience with large-scale technical projects.

• Experience improving processes and solution architecture, ideally with a focus on removing single points of failure and technology overlap.

• Understanding of corporate audits and managing evidence of internal controls. 

• Proven project experience integrating HR/People data with IAM platforms to define access levels for connected systems.

• Mindset & Approach:

• Comfortable with owning and managing internal systems architecture and design

• A natural problem solver who can design and implement well considered and robust solutions.

• Organised, autonomous, and possesses meticulous attention to detail.

• A fast and natural learner who embraces the challenge of new technologies.

• A clear communicator who takes pride in process documentation and handovers.

• A collaborative team player who thrives in a high-performing environment.

• A passion for mentoring mid-level infrastructure engineers, supporting their learning, growth, and development.

Our Infrastructure Stack

• Operating Systems: Windows, macOS, ChromeOS, Linux

• Cloud: AWS, Azure and GCP

• Networking: VMware SD-WAN, Mist WiFi, Meraki LAN, Netskope SASE

• End-User Device Management: Microsoft Intune, JAMF, Google Workspace, Omnissa Workspace One

• Identity & Access Management: Okta, Google Workspace SSO, SAML, OIDC and SCIM integrations, EntraID

• Collaboration: Google Workspace, Zoom, Slack

• Automation/IaC: GitHub, PowerShell, Bash, Python, Terraform

• Patching: Automox, Nudge, Autopatch

• People Data: Workday

• ITSM: Fresh Service