We are hiring a Senior Cloud & Infrastructure
Engineer to join its technology team.
This is a hands-on, breadth-oriented role for an engineer who wants to run a real production environment, modernize
how infrastructure is built and operated, and work closely with security and development to ship and run software
safely. As lead infrastructure engineer for Omni’s multi-tenant Azure estate and Windows server fleet, this role works
in close daily partnership with Omni’s Senior Security Infrastructure Engineer, who acts as the technical sounding
board, security reviewer, and sign-off authority on significant infrastructure decisions. This role operates under a
matrix reporting structure, with a functional reporting line to the CTO, Omni Agent Solutions (USA) and an
administrative reporting line to the Associate Director IT (India).
JOB RESPONSIBILITIES
- Operate as the lead infrastructure engineer in close daily partnership with Omni’s Senior Security Infrastructure
Engineer, who provides technical direction, conducts security review, and signs off on significant infrastructure
decisions before they reach production.
- Run and modernize Omni’s Azure environment, including compute, networking, identity, Azure App Services,
Azure SQL, Microsoft WAF, Azure Virtual Desktop and Windows 365, and Azure Monitor.
- Own the Windows Server fleet end-to-end: provisioning, patching cadence, Group Policy and Active Directory
operations, lifecycle planning, and end-of-support migrations.
- Own Microsoft 365 license allocation and Azure subscription management across Omni’s multi-tenant
environment, including license assignment and recovery, subscription and tenant governance, cost visibility, and
ongoing right-sizing.
- Modernize the infrastructure-as-code practice. Propose tooling and patterns for joint review with the Senior
Security Infrastructure Engineer, and incrementally bring infrastructure under code with security guardrails built
in from the start.
- Partner with the senior developer and broader development team to extend modern CI/CD patterns from
application code into infrastructure deployment, and to design systems that scale securely as the business grows.
- Work closely with Omni’s security team and managed SOC on hardening, vulnerability remediation, identity
controls, endpoint protection through SentinelOne, and compliance evidence.
- Cross-train into the security workstreams the Senior Security Infrastructure Engineer manages day-to-day,
including endpoint detection and response, SASE and ZTNA networking, SIEM, and the managed SOC’s tooling,
so the two roles can back each other up across disciplines.
- Manage observability across Datadog and Azure Monitor, including alerting, on-call signal hygiene, and runbook
development.
- Maintain the homegrown line-of-business application infrastructure (Azure App Services, Azure SQL, and
Microsoft WAF).
- Run day-to-day business continuity and disaster recovery operations within Omni’s defined RPO and RTO
targets. Maintain DR runbooks and run periodic failover and tabletop exercises.
- Build and maintain runbooks, architecture diagrams, and change records so the environment can be supported by
anyone on the team.
- Partner with Omni’s co-managed MSP as a shared delivery team across day-to-day operations and escalations,
rather than treating the MSP as an outside vendor.
- Provide escalation support to internal end users for infrastructure-impacting tickets routed through the helpdesk
and the co-managed MSP.
- Participate in an after-hours rotation covering monthly maintenance windows and incident response, and co-lead
post-incident reviews. Formalizing the rotation is part of the role, in partnership with the Senior Security
Infrastructure Engineer.
KNOWLEDGE, SKILLS AND ABILITIES
- 3+ years operating Windows Server environments at production scale.
- Hands-on experience with hybrid identity, including Active Directory, Group Policy, and Entra ID, in a Windows-
centric environment.
- Strong cloud and hybrid networking experience, including firewall change management, network segmentation,cross-tenant routing, IPsec and SSL VPN, NSGs, and subnet design.
- Experience operating to defined RPO and RTO targets, including DR runbook maintenance and failover testing.
- Strong infrastructure-as-code experience. Terraform preferred, with openness to Azure-native equivalents such as
- Bicep or ARM templates.
- Demonstrated ability to modernize engineering practices in close collaboration with security counterparts,
- partnering on the final shape of the practice rather than dictating it.
- Comfort operating in a role where a security peer reviews and signs off on significant infrastructure decisions, and
- where outcomes are defined jointly rather than independently.
- Comfort cross-training across infrastructure and security disciplines, holding a primary area of focus while
- providing secondary coverage of the other.
- Track record of partnering closely with security and development teams to ship and operate software safely and at
PREFERRED QUALIFICATIONS
- Familiarity with Microsoft 365 Copilot or other enterprise AI rollouts.
- Exposure to NIST CSF, CIS Controls, or ISO/IEC 27001, and how these frameworks apply to both cloud and on-
premises or Group Policy deployment.
- Familiarity with SOC 2 control operation and evidence collection.
- Working knowledge of California privacy regulation (CCPA / CPRA). HIPAA exposure also a plus.
- Microsoft partnership program exposure (CSP, Solutions Partner designations).
- Secondary cloud and SaaS familiarity beyond Azure, including Google Workspace, Google Cloud Storage, and
Wasabi object storage.
- Exposure to thin-client deployments and cloud browser management.
- Cloudflare familiarity (edge, DNS, security).
- Next-generation firewall platform experience (Palo Alto Networks, Fortinet FortiGate, or comparable).
- Enterprise backup and DR platform experience (Veeam, Axcient, Azure Backup, or comparable).
- Experience migrating workloads from traditional VMs to serverless or cloud-native application platforms.
- SQL Server DBA exposure for day-to-day database operations (not a primary focus of the role).
- IIS management experience.
- AWS, Kubernetes, or serverless experience.
- Experience operating in a small infrastructure team where breadth matters more than depth in any one area.
Pay: ₹1,700,000.00 - ₹2,000,000.00 per year
Benefits:
- Food provided
- Provident Fund
Education:
Experience:
- Microsoft SQL Server: 3 years (Preferred)
- Azur sql: 5 years (Preferred)
- Cloud security: 8 years (Preferred)
- Firewall: 8 years (Preferred)
Language:
License/Certification:
- Azure Certification (Preferred)
- Microsoft Certified: Azure Fundamentals (Preferred)
Shift availability:
- Night Shift (Preferred)
- Day Shift (Preferred)
Work Location: In person