Designation : Platform Engineer
Location : Pune 3 Days WFO
Who we are
Tiger Analytics is a global AI and analytics consulting firm. With data and technology at the core of our solutions, our 3900+ tribe is solving problems that eventually impact the lives of millions globally. Our culture is modelled around expertise and respect with a team-first mindset. Headquartered in Silicon Valley, you'll find our delivery centers across the globe and offices in multiple cities across India, the US, UK, Canada, and Singapore, including a substantial remote global workforce.
We're Great Place to Work-Certified™. Working at Tiger Analytics, you'll be at the heart of an AI revolution. You'll work with teams that push the boundaries of what is possible and build solutions that energize and inspire.
Summary
The Platform Engineer is responsible for designing, operating, and securing enterprise cloud infrastructure and container orchestration platforms that ensure reliable, scalable service delivery across the organization. This role combines deep technical expertise in Azure administration, Kubernetes orchestration, and infrastructure automation to manage production-grade platform services - including Azure subscription governance, identity and access management, networking and connectivity, AKS cluster operations, and security and compliance controls. The Platform Engineer collaborates closely with DevOps teams, application development groups, security teams, and business stakeholders to align platform services with deployment timelines, enable self-service onboarding for development teams, and ensure consistent operational health across multiple environments and time zones. The ideal candidate is a hands-on engineer who thrives at the intersection of cloud infrastructure and container platform engineering, bringing deep Azure and Kubernetes expertise from architecture design to day-to-day operations while driving automation, observability, and security best practices across the enterprise.
Key Responsibilities / Essential Duties
.Own day-to-day and strategic administration of Azure subscriptions, resource groups, and shared services across multiple environments, ensuring stable, secure, and scalable platform operations for the enterprise.
.Lead identity and access management including Entra ID/Azure AD integration, Role-Based Access Control (RBAC) design, Privileged Identity Management (PIM), managed identities, service principals, access reviews, and privileged access processes to enforce least-privilege security principles.
.Design and operate networking and connectivity infrastructure including VNets/subnets, Network Security Groups (NSGs), Application Security Groups (ASGs), User-Defined Routes (UDRs), DNS, private endpoints/Private Link, load balancers, firewall integrations, and VPN/ExpressRoute coordination across hybrid environments.
.Operate and optimize compute and platform services including VMs/VMSS, Azure App Service, Azure Storage, Key Vault, Azure Backup/Recovery Services Vault, and other services required by the platform to meet performance, availability, and cost objectives.
.Drive security and compliance controls including logging/auditing, encryption, Key Vault standards, Defender for Cloud recommendations remediation, vulnerability management coordination, and policy enforcement aligned with organizational security policies and applicable regulatory requirements.
.Design, deploy, and operate Azure Kubernetes Service (AKS) clusters - both private and public - including node pool management, cluster upgrades, autoscaling configuration, and capacity planning to support containerized workloads at enterprise scale.
.Manage Kubernetes platform components including Ingress controllers (e.g., NGINX/AGIC), service mesh (if applicable), CoreDNS, cluster add-ons, and workload scheduling to ensure reliable and efficient container orchestration.
.Implement secure cluster and workload patterns including Azure AD/Entra ID integration, Kubernetes RBAC, pod security controls, secrets management (Key Vault + CSI driver), container image security/scanning, and network policies to maintain a hardened platform posture.
.Manage AKS networking end-to-end including VNets, subnets, UDRs, NSGs, Private Link, internal/external load balancers, DNS configuration, and troubleshooting connectivity across hybrid networks to ensure seamless communication between clusters, services, and on-premises resources.
.Implement monitoring and observability for clusters and workloads using Azure Monitor for containers, Log Analytics, Prometheus/Grafana (if applicable), alerting frameworks, and SLO/SLA reporting to ensure proactive incident detection and platform reliability.
.Collaborate with DevOps and platform engineering teams to improve automation using Azure DevOps and GitHub Actions, align Infrastructure as Code practices using Terraform and Bicep, and enable self-service onboarding for application teams across the organization.
.Document platform architecture decisions, standard operating procedures, runbooks, and knowledge artifacts to ensure operational continuity during transitions, enabling seamless integration of evolving team structures.
Qualifications
Education
.Bachelor's degree in Computer Science, Information Technology, or equivalent related experience (required).
.Master's degree in Computer Science, Cloud Computing, Information Systems, or a related technical discipline (preferred).
Experience
.Minimum professional experience as per the Level in cloud platform engineering, with a focus on administering Azure subscriptions, resource groups, and shared services across multiple enterprise environments.
.Minimum of hands-on experience as per the Level designing, deploying, and operating Azure Kubernetes Service (AKS) clusters and Azure infrastructure services in production environments.
.Demonstrated experience with end-to-end cloud infrastructure operations - including identity and access management (Entra ID/Azure AD, RBAC, PIM), networking (VNets, NSGs, Private Link, DNS), and security compliance (Defender for Cloud, encryption, vulnerability management) - within an enterprise environment.
.Experience in a regulated industry (pharmaceutical, healthcare, or life sciences) is a plus.
Certifications (Required / Preferred)
Microsoft Certified: Azure Administrator Associate (AZ-104) or Certified Kubernetes Administrator (CKA) - Required (one of the two).
.Microsoft Certified: Azure Solutions Architect Expert (AZ-305) - Preferred.
HashiCorp Certified: Terraform Associate - Preferred.
.Certified Kubernetes Security Specialist (CKS) - Preferred.
Knowledge, Skills & Abilities
.Expert-level proficiency in Microsoft Azure administration, including day-to-day and strategic management of subscriptions, resource groups, and shared services across multiple environments, with deep knowledge of Azure compute services (VMs/VMSS, Azure App Service), Azure Storage, Key Vault, and Azure Backup/Recovery Services Vault.
.Strong experience with Azure Kubernetes Service (AKS) cluster design, deployment, and operations - including node pool management, cluster upgrades, autoscaling configuration, and capacity planning for both private and public cluster topologies.
.Proficiency in Azure networking and connectivity design including virtual networks (VNets/subnets), network security groups (NSGs/ASGs), user-defined routes (UDRs), DNS, private endpoints/Private Link, load balancers, firewall integrations, and VPN/ExpressRoute coordination across hybrid network environments.
.Hands-on experience with Kubernetes platform components and workload management, including Ingress controllers (NGINX/AGIC), service mesh technologies, CoreDNS, cluster add-ons, workload scheduling, and end-to-end AKS networking troubleshooting.
.Solid understanding of identity and access management using Entra ID/Azure AD integration, Role-Based Access Control (RBAC) design, Privileged Identity Management (PIM), managed identities, service principals, access reviews, and privileged access processes across Azure and Kubernetes environments.
.Proficiency in Infrastructure as Code (IaC) tools such as Terraform and Bicep for deploying and managing Azure resources, with experience integrating infrastructure provisioning into CI/CD pipelines using Azure DevOps or GitHub Actions.
.Strong experience with cloud security and compliance controls, including logging/auditing, encryption, Key Vault standards, Microsoft Defender for Cloud recommendations remediation,
vulnerability management coordination, and policy enforcement across managed platform environments.
.Hands-on experience implementing monitoring and observability solutions for clusters and workloads using Azure Monitor for containers, Log Analytics, Prometheus/Grafana, automated alerting, and SLO/SLA reporting to ensure operational health and performance visibility.
.Proficiency in implementing secure Kubernetes cluster and workload patterns, including pod security controls, secrets management using Key Vault with CSI driver integration, container image security and scanning, and network policy enforcement to protect workloads in production environments.
.Excellent communication and problem-solving skills with the ability to collaborate effectively with DevOps teams, application development teams, and cross-functional stakeholders to improve automation, self-service onboarding, and platform reliability across geographically distributed environments.
Work Environment / Physical Requirements
.CBS - Pune office-based or Pune city-based for remote/hybrid work environment with access to necessary compute resources.
.Standard working hours with flexibility to accommodate project deadlines and team members across multiple time zones.
.Ability to sit for extended periods and use a computer for the majority of the workday.
Competencies
.Operational Excellence: Maintains exceptionally high standards for platform availability, reliability, and performance by proactively monitoring infrastructure health, implementing automated alerting, and driving continuous improvement in SLO/SLA reporting across all managed Azure and AKS environments.
.Security & Compliance Mindset: Champions security-first platform engineering by proactively implementing encryption standards, vulnerability remediation, Defender for Cloud recommendations, pod security controls, image scanning, and policy enforcement aligned with organizational and regulatory requirements.
.Collaboration & Teamwork: Works effectively with cross-functional teams including DevOps engineers, application development teams, security teams, and business stakeholders to improve automation, align Infrastructure as Code practices, and enable self-service onboarding across geographically distributed groups.
.Adaptability: Thrives in a fast-paced environment where cloud platform capabilities, Kubernetes ecosystem technologies, and infrastructure requirements evolve rapidly, adjusting operational approaches to accommodate new workload patterns, networking architectures, and security paradigms.
.Technical Excellence: Demonstrates deep expertise across Azure infrastructure administration and AKS cluster operations, maintaining rigorous standards for identity and access management, networking design, capacity planning, and Infrastructure as Code alignment using Terraform and Bicep.
.Results Orientation: Focuses on delivering highly available, secure, and scalable platform services that generate tangible operational value, ensuring continuous uptime, efficient resource utilization, and measurable improvements in deployment velocity and infrastructure reliability across the enterprise.
You are important to us, let's stay connected!
Every individual comes with a different set of skills and qualities so even if you don't tick all the boxes for the role today, we urge you to apply as there might be a suitable/unique role for you tomorrow. We are an equal-opportunity employer. Our diverse and inclusive culture and values guide us to listen, trust, respect, and encourage people to grow the way they desire.
Note: The designation will be commensurate with expertise and experience. Compensation packages are among the best in the industry.
