Senior Cloud Platform Engineer in Hybrid - San Jose, California at BERTRANDT US INC

We are seeking a Senior Cloud Platform Engineer to design, build, and operate a secure, scalable cloud platform supporting ADAS data ingestion, processing, analytics, and validation workflows.

This role combines hands-on engineering with platform ownership across Azure infrastructure, Databricks, CI/CD pipelines, and operational tooling. The engineer will act as a key technical bridge across data engineering, backend, cybersecurity, privacy, and governance teams, ensuring the platform is secure-by-default, audit-ready, and aligned with data protection requirements such as GDPR, data residency, retention, and cross-border data constraints.

The position requires strong DevSecOps thinking, ownership mindset, and the ability to translate security, compliance, and operational requirements into practical engineering solutions.

a { text-decoration: none; color: #464feb; } tr th, tr td { border: 1px solid #e6e6e6; } tr th { background-color: #f5f5f5; }

• Design, implement, and operate Azure infrastructure across multiple subscriptions, regions, and environments
• Build and maintain networking components including VNets, subnets, NSGs, private endpoints, private DNS zones, route tables, and service endpoints
• Operate Azure services such as App Services, deployment slots, Container Registry, Storage, PostgreSQL Flexible Server, Key Vault, and Entra ID
• Develop and maintain reusable Terraform modules for infrastructure and data platform provisioning
• Enforce infrastructure-as-code standards including environment segregation, plan reviews, approval gates, drift detection, and state hygiene

• Design and administer Databricks workspaces, Unity Catalog structures, clusters, cluster policies, SQL warehouses, and jobs
• Build and deploy scalable Spark-based data pipelines for ingestion and processing
• Manage identities, service principals, secret scopes, and Key Vault integrations
• Optimize platform performance, cost efficiency, and governance
• Support domain-driven and region-aware data products with consistent access control and governance

• Own Azure DevOps delivery processes end-to-end
• Design and maintain multi-stage YAML pipelines, service connections, environments, approvals, and branch policies
• Standardize release processes, deployment patterns, and code review practices
• Containerize applications using Docker and manage image lifecycle via private registries
• Improve deployment reliability, traceability, and recovery capabilities across environments

• Design and operate secure-by-default platforms using least-privilege access, network isolation, and secure secret management
• Own identity and access management across Azure, Databricks, and Azure DevOps (RBAC, Entra ID, managed identities)
• Support security assessments, penetration testing, and audits by providing technical evidence and implementing remediation
• Manage service principal lifecycle, credential rotation, and secret governance
• Implement privacy-by-design principles including GDPR compliance, data minimization, retention, and residency requirements
• Translate security and compliance findings into actionable system improvements (IaC, policies, logging, encryption, backup, recovery)

• Monitor, troubleshoot, and resolve infrastructure and platform incidents across cloud, data, and application layers
• Improve system performance, observability, and cost efficiency
• Implement best practices for scaling, lifecycle management, and resiliency
• Maintain operational documentation, runbooks, and post-incident reports

• Collaborate with ADAS, data engineering, backend, cybersecurity, and governance teams
• Contribute to architecture discussions and technical roadmaps
• Mentor team members on Terraform, Azure, Databricks, and DevSecOps practices
• Communicate technical risks and solutions clearly to both technical and non-technical stakeholders

• 5+ years of experience in cloud infrastructure, platform engineering, DevOps, or data platforms
• Hands-on ownership of Azure and Databricks environments across multiple environments and regions
• Experience in regulated, data-intensive environments with strong governance and compliance requirements
• Proven experience supporting audits, security assessments, and remediation activities
• Working knowledge of privacy and data protection frameworks (e.g., GDPR, data residency, retention policies)

• Bachelor’s or Master’s degree in Computer Science, Engineering, or related field, or equivalent experience

• Cloud (Azure): App Services, Container Registry, Key Vault, PostgreSQL, Storage, networking (VNets, NSGs, private endpoints), Entra ID, RBAC
• Infrastructure as Code: Terraform (modular design, environments, state management, providers)
• Data Platform: Databricks, Unity Catalog, Spark pipelines, SQL warehouses, access governance
• Programming: Python, SQL, Bash
• DevOps: Azure DevOps pipelines, YAML, branching strategy, service connections, CI/CD best practices
• Containers: Docker and container deployment patterns
• Security & Compliance: Identity management, secrets handling, vulnerability remediation, audit readiness
• Data Governance: Privacy-aware design, data classification, retention, residency compliance
• Version Control: Git workflows and code review practices
• Streaming Technologies: Kafka or similar

• Experience with Kubernetes / Azure Kubernetes Service (AKS)
• Observability tools (Azure Monitor, Prometheus, OpenTelemetry, Log Analytics)
• Experience with policy-as-code, IaC scanning, and security posture management tools
• Familiarity with FinOps and Azure cost optimization practices
• Knowledge of compliance frameworks (ISO 27001, SOC 2, TISAX, NIST, CIS)
• Experience with enterprise-scale security and governance models

• Senior individual contributor role with strong technical ownership
• No direct personnel management; provides technical leadership and mentorship
• Operates across infrastructure, data platform, DevOps, and security domains
• Critical role in enabling secure, scalable, and compliant ADAS data platforms
• Works across global teams and multi-region cloud environments

• Strong ownership mindset and accountability for platform reliability
• Ability to operate independently across complex environments
• Structured and analytical approach to problem-solving and incident management
• Clear and effective communication across technical and business stakeholders
• Strong documentation skills for architecture, operations, and compliance
• Collaborative mindset across engineering, security, and governance teams