Ampa - Legal & Professional Services

Head of Cloud Services

Ampa - Legal & Professional Services

full-time

Posted on:

Location Type: Hybrid

Location: BirminghamUnited Kingdom

Visit company website

Explore more

AI Apply
Apply

Job Level

Lead

Tech Stack

AzureCloudDockerITSMKubernetesTerraformVault

About the role

  • A clear, board aligned Cloud Strategy & Roadmap, with target architecture and operating model baselined.
  • Enterprise Azure Landing Zone established/enhanced, with policy-as-code guardrails and environment standards.
  • FinOps model operational (tagging, budgeting, forecasting, optimisation cadence, showback/chargeback as appropriate).
  • Core resilience & DR patterns defined and tested for business critical services.
  • Improved reliability and lead time for changes (e.g., reduced MTTR, higher deployment frequency, lower change fail rate).
  • A skilled, motivated Cloud Engineering team with clear skills matrix, development plans, and delivery cadence.
  • Lead the Cloud Centre of Excellence, setting standards, patterns, and the Cloud adoption roadmap.
  • Define and maintain the Cloud Target Operating Model (roles, skills, processes, RACI).
  • Align Cloud strategy with Technology Operations, Security, Architecture, and business objectives.
  • Own end to end Cloud capabilities - architecture, engineering, automation, operations, observability, lifecycle mgmt.
  • Drive IaC-first delivery (Terraform) and automated configuration, using modules, pipelines, and reusable patterns.
  • Guide solution design to achieve scalability, resilience, performance, security, and cost efficiency across IaaS/PaaS/SaaS.
  • Deliver reliable, performant platforms with mature monitoring, alerting, incident/problem/change processes integrated with ITSM.
  • Define and manage SLAs, SLOs, and OLAs, ensuring service health and capacity planning.
  • Ensure effective observability (Azure Monitor, Log Analytics, App Insights) and continuous improvement.
  • Partner with Information Security to embed secure-by-design principles and shift-left practices.
  • Integrate automated guardrails (e.g., Azure Policy, Defender for Cloud), vulnerability management, secrets management (Key Vault).
  • Ensure compliance with relevant standards (e.g., ISO 27001, NIST, CIS Benchmarks) and regulatory obligations (e.g., GDPR, data residency/sovereignty).
  • DevSecOps practices embedded (shift left security, automated controls, CI/CD gates).
  • Own Cloud financial governance - tagging strategy, budgeting, forecasting, and optimisation (e.g., reservations, savings plans, rightsizing).
  • Partner with Finance to implement showback/chargeback (where appropriate) and communicate Cloud economics to stakeholders.
  • Track and report cost KPIs, ensuring value realisation and cost transparency.
  • Define and test resilience patterns, backup/restore, RTO/RPO objectives, and application DR runbooks.
  • Ensure architectural patterns meet business continuity expectations and are verified via regular exercises.
  • Own Azure landing zones, policy-as-code, RBAC, network/security baselines, and Cloud posture management.
  • Operate continuous compliance monitoring and remediation for Cloud controls.
  • Maintain risk registers for Cloud platforms and drive remediation plans.
  • Standardise Dev/Test/Pre prod/Prod environments, reference architectures, blueprints, and golden images.
  • Ensure environment parity, versioning, and repeatable provisioning via pipelines.
  • Manage strategic relationships with Microsoft, Managed Service Providers, and tooling vendors (backup, security, observability) as applicable to our Cloud environment.
  • Ensure commercial value, support effectiveness (e.g., Unified/Premier), and contract alignment with roadmap and SLAs.
  • Act as senior Cloud SME and trusted advisor to Technology, Product, and Business stakeholders.
  • Communicate Cloud posture, risks, and investment options to senior leadership and governance forums.
  • Lead, hire, mentor, and develop Cloud Engineers; build a learning culture and community of practice.
  • Provide enablement and training for engineering and development teams to accelerate safe Cloud adoption.

Requirements

  • **Essential**
  • - 10+ years in Cloud architecture/engineering/leadership roles; significant experience in enterprise Azure.
  • - Deep knowledge of Azure - networking, identity (Entra ID), governance, security, storage, compute, data, integrations.
  • - Hands‑on expertise with Terraform (modules, state management, pipelines) and CI/CD (e.g., GitHub Actions, Azure DevOps).
  • - Strong grasp of DevSecOps, policy-as-code, secrets management, vulnerability management, and compliance frameworks.
  • - Proven leadership of Cloud engineering teams and complex Cloud programmes.
  • - Demonstrable experience across IaaS, PaaS, SaaS, hybrid connectivity, and Cloud‑native patterns.
  • - Solid operational background - incident/problem/change, monitoring/observability, performance & capacity.
  • - Experience implementing FinOps practices and Cloud cost optimisation.
  • - Detailed understanding of Cloud Vendor best practice including Microsoft Cloud Adoption Framework and the Microsoft Well Architected Framework specifically.
  • - Excellent stakeholder engagement and executive communication skills.
  • **Desirable**
  • - Experience in regulated sectors (e.g., legal/professional services, financial services, healthcare).
  • - Azure certifications (e.g., AZ‑305, AZ‑500, AZ‑400, AZ‑104, AZ‑700).
  • - Experience in regulated sectors (e.g., legal/professional services, financial services, healthcare).
  • - Knowledge of containers & orchestration (AKS, Docker, Kubernetes).
  • - Familiarity with Zero Trust, Conditional Access, PIM, Defender for Cloud, Sentinel.
  • - Experience with data governance (encryption, key management, DLP, data classification) and data residency requirements.
  • - Working knowledge of ITIL practices and SRE/DevOps metrics.
Benefits
  • We embrace agile working and offer a blended approach to where and how we work.****We appreciate that people have different needs and preferences and we’re keen to be flexible, after all, we value what you do, not where you do it.****We have the following hubs across the UK: Birmingham, Bristol, Edinburgh, Leeds, Leicester, Lincoln, London, Milton Keynes, Nottingham, Sheffield, Stratford upon Avon and in the South East; Brighton, Chichester, Crawley, East Grinstead, Eastbourne, Lewes, Seaford, Storrington, Southampton & Tunbridge Wells.**** **Additional information******Want to find more about our amazing benefits?**-------------------------------------------------------------------Please be aware, for some vacancies, where we receive high numbers of applications we may need to bring the close date forward. **Due to the nature of the work undertaken, confirmation of employment will be subject to a variety of checks which will be carried out once an offer of employment is accepted. Details of the checks can be found here.******Equal opportunities******Ampa Group is a committed equal opportunities employer. We seek to attract, develop and retain talented people from a diverse range of backgrounds and cultures. We value and respect individuality and encourage a culture within our business where people can be themselves and be valued for their strengths and experiences. Everyone who either applies to or works for the firm is treated equally, regardless of their gender, age, ethnic origin, nationality, marital status, sexual orientation or religious beliefs.
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
Cloud architectureCloud engineeringAzureTerraformCI/CDDevSecOpsIaaSPaaSSaaSCloud cost optimisation
Soft Skills
leadershipstakeholder engagementexecutive communicationmentoringteam developmentcommunity buildingproblem-solvingstrategic thinkingcollaborationtraining
Certifications
AZ-305AZ-500AZ-400AZ-104AZ-700