Public Cloud Senior Infrastructure Engineer

JOB TITLE: Public Cloud Infrastructure Engineer

SALARY: £70,929 - £78,810
LOCATION(S): Halifax or Leeds
HOURS: Full time
WORKING PATTERN: Our work style is hybrid, which involves spending at least two days per week, or 40% of our time, at our locations noted above.

About this Opportunity:

We are modernising with cloud, a platform that is quick, secure and resilient for customers and easy, modern and green for developers.
Our core technology focus is on Microsoft Azure and Google Cloud Platform.

We're on a mission to build the bank of the future, and we need your expertise to help us get there. Continuing our extensive transformation program, we're redefining what a bank is from the inside out. Our technology, our culture, and our mind-set is changing to craft a true engineering-led organisation.

Our Cloud Engineering team is seeking a seasoned and passionate Senior Cloud Engineer with deep hands-on development experience. As a Cloud Engineer you'll be an active and leading member of a cloud-focused team of engineers - working on one of the Group's flagship projects to deliver a strategic platform on Google Cloud Platform (GCP) & Azure that will enable the business to realise the next generation of services that form the Bank's vision.

This role requires taking part in an on-call rotation.
Key Responsibilities:
*Collaborate across cross-functional teams to architect, implement, and maintain a highly resilient and scalable Kubernetes environment in the cloud.
*Engineer and optimise Kubernetes infrastructure to support multitenant workloads, ensuring strong isolation, resource efficiency, and operational scalability.
*Implement and manage robust security controls, including OPA gatekeeper policies and fine-grained RBAC policies, to safeguard infrastructure and enforce least-privilege access across environments.
*Build and manage CI/CD pipelines to enable automated testing, seamless deployment, and continuous integration across environments.
*Diagnose and resolve complex system-level issues related to scalability, performance, and automation, ensuring optimal infrastructure health.
Essential Skills & Experience:
*Extensive experience in a DevOps or Site Reliability Engineering role, ideally across both consumer and SaaS technology landscapes.
*Proven expertise in deploying and maintaining production-grade Kubernetes clusters and services.
*Hands-on experience with Kubernetes (k8s) and Containers in live environments.
*Strong background in designing and implementing CI/CD pipelines for automated build, test, and deployment workflows.
*Proficient in programming with Python, Go, and Bash for automation and tooling.
*Demonstrated ability to take ownership of projects and drive them to successful delivery.
*Skilled in writing and managing Infrastructure as Code (IaC) using tools such as Terraform.
*Experience in curating and managing the full product lifecycle of cloud-native core services.
Desirable Skills:
*Hands-on experience with cloud infrastructure and services across Google Cloud Platform (GCP)/Azure.
*Proficient in writing Infrastructure as Code (IaC) using Terraform, with a strong understanding of modular and reusable code practices.
*Experience with Service Mesh technologies such as Istio and Anthos for managing microservices communication and observability.
*Deep understanding of networking concepts in Cloud like Hybrid Connectivity, VPN, NAT, IPAM, DNS and routing.

Comprehensive knowledge of Cloud Security, Key Management Service (KMS), Public Key
Infrastructure (PKI), Encryption, and the principles of least privilege.
* Deep understanding of Linux operating systems, including system internals, networking, and
performance tuning.
* Exposure to high-throughput environments with experience implementing observability stacks.
Prometheus /Dynatrace for logging and metrics, and OpenTelemetry for distributed tracing.
* Strong security mindset with a track record of designing and implementing secure, resilient systems.
* Excellent verbal, written, and interpersonal communication skills, with the ability to convey complex
technical concepts clearly.
* Comfortable operating in fast-paced, dynamic environments-able to adapt quickly, embrace
ambiguity, and remain effective through change.
* Understanding of shared services such as CoreDNS, cert-manager, Dynatrace, Cloudability, and
Infoblox.
* Familiarity with Aqua Security for container runtime protection.
* Knowledge of OPA Gatekeeper for policy enforcement and tenant isolation.
* Experience with Harness CI/CD pipelines for secure and scalable deployments.
* Exposure to Backstage GitOps workflows for automation.
* Hands-on experience with Anthos Config Management for GitOps-driven provisioning.
* Understanding of Istio telemetry and observability integration.
* Proficiency in enforcing mTLS and managing sidecar injection in Istio service mesh.
* Experience with Istio ingress and egress gateways for secure service communication.

What We Offer:
We offer a dynamic, inclusive, and supportive environment that fosters equal opportunity and real career progression. We are committed to your personal and professional development, empowering you to make a meaningful impact throughout your career with us. Together we make it possible.

We'll also give you a broad remuneration package which includes:
* A performance share bonus
* A generous pension contribution
* A flex cash pot you can adjust to suit your lifestyle
* Private health cover
* 30 days holiday plus bank holidays
* Various share schemes including free shares

If you're eager to take on a challenging engineering role in a dynamic environment where quality is paramount, and want to grow within a collaborative and motivated team, we'd love to hear from you!

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.