Azure DevOps Engineer

We are delivering a Centralised Automation & Scripting Platform (CASP) for an Irish infrastructure group. The client currently has scripts running on individual workstations with no version control, no CI/CD, and no standardised execution environment. The platform will centralise everything into Azure DevOps and Azure Automation, with automated governance and monitoring.

The primary integration targets are Oracle NetSuite and ARGIS (an ArcGIS based GIS platform for workforce management). Approximately 80% of the script workload concerns ARGIS feature layer data maintenance. The client has an operational Azure tenancy but no existing DevOps, Automation, or monitoring infrastructure.

This is a hands-on build role. The successful candidate will be the primary delivery engineer, responsible for building the platform end-to-end from a validated Solution Design.

What This Person Will Build

• Azure DevOps project with security groups, permissions, and service connections to the Azure subscription.

• Standardised Git repository structure with separate paths for ARGIS and NetSuite scripts, branch policies, and pull request workflows.

• YAML based CI/CD pipelines with automated linting (PSScript Analyzer for PowerShell, pylint/flake8 for Python), security scanning, and standards as code policy enforcement.

• Infrastructure as Code templates (Bicep or Terraform) for Azure Automation Account, Log Analytics workspace, Key Vault, and networking resources.

• Azure Automation Account configured with system assigned Managed Identity and RBAC for target resource access.

• Continuous Deployment pipeline that automatically publishes approved scripts as Azure Automation Runbooks on merge.

• Migration of 10 reference scripts (5 ARGIS, 5 NetSuite) through the full workflow: Git onboarding, CI validation, Runbook deployment, schedule configuration, and execution verification.

• Operational Azure Workbook dashboard showing script execution status, failure rates, and run history.

• Alert rules for Runbook failures and long running jobs.

• Platform documentation including a Migration Runbook for the client to self,serve remaining script migrations.

Must Have Skills

These are non-negotiable. The candidate needs demonstrable, hands-on, recent experience with all of the following:

Azure DevOps: Project setup, Git repos, branch policies, service connections, security groups. Not GitHub Actions, not GitLab — specifically Azure DevOps.

Azure Pipelines: YAML based, CI/CD pipelines. Multi-stage pipelines, task authoring, pipeline variables, variable groups, environments, and approval gates.

Infrastructure as Code: Bicep (preferred) or Terraform for Azure resource provisioning. Must have built and maintained IaC for production Azure environments.

Azure Automation: Automation Accounts, PowerShell and Python Runbooks, scheduling, Managed Identity integration. Must have configured Runbook execution environments, not just theory.

PowerShell: Strong scripting skills. Comfortable with PSScriptAnalyzer, module management, and writing pipeline validation tasks in PowerShell.

Azure Identity & RBAC: Managed Identities (system and user assigned), RBAC role assignments, Key Vault integration, service principals. Must understand least privilege patterns.

Azure Monitor / Log Analytics: Diagnostic settings, Log Analytics workspace configuration, KQL queries, Azure Workbooks, alert rules.