Track Lead - Azure DevOps, Terraform
India
Apply now
Job Description
Track Lead - Azure DevOps, Terraform
Gautam Buddha Nagar, Uttar Pradesh

Job Summary

seeking a skilled Infrastructure as Code (IaC) Engineer with deep expertise in Azure Bicep and strong proficiency in Terraform to design, develop, and maintain cloud infrastructure at enterprise scale. As our organization standardizes on Azure-native tooling, Bicep is our primary IaC language for new deployments, while Terraform remains essential for managing existing infrastructure and multi-provider scenarios. You will work closely with the GenAI Centre of Excellence (CoE), platform engineering, and application teams to deliver secure, repeatable, and auditable infrastructure automation.

Key Responsibilities

Azure Bicep Development (Primary) • Serve as a subject matter expert on Azure Bicep, driving adoption as the primary IaC language for all new Azure deployments • Design and build enterprise Bicep module libraries with well-defined parameters, outputs, user-defined types, and comprehensive documentation • Implement Bicep template specs and module registries (Azure Container Registry) for centralized module versioning and distribution across teams • Author Bicep parameter files (.bicepparam) for environment-specific configurations with type safety and validation • Develop subscription-scope and management-group-scope deployments for Azure Policy, RBAC, and resource group provisioning • Build deployment stacks to manage lifecycle of resources, prevent accidental deletion, and enforce deny settings • Perform ARM template decompilation (az bicep decompile) to migrate legacy JSON templates to Bicep • Implement what-if deployments (az deployment group what-if) and preflight validation before production rollouts • Leverage Bicep extensibility features including user-defined types, functions, and import statements for modular design • Create reusable patterns for common Azure topologies: hub-spoke networking, landing zones, and spoke deployments • Integrate Bicep linter rules and custom linter configurations to enforce coding standards across teams • Build CI/CD pipelines for Bicep using GitHub Actions / Azure DevOps with automated validate, what-if, and deploy stages • Develop Bicep-based Azure Verified Modules (AVM) patterns for organizational standards • Apply conditional deployments, loops, and batch sizing for complex multi-resource provisioning Terraform Development & Operations (Secondary) • Maintain and enhance existing Terraform modules following DRY principles and enterprise standards • Implement multi-environment deployments (dev, test, UAT, prod) using workspaces, backend configs, and .tfvars files • Manage Terraform state securely using Azure Storage backends with state locking and encryption • Develop and enforce naming conventions, tagging strategies, and variable management patterns • Build CI/CD pipelines (GitHub Actions / Azure DevOps) for automated plan, validate, and apply workflows • Conduct code reviews for Terraform pull requests ensuring quality, security, and compliance • Support migration efforts from Terraform to Bicep where strategically appropriate • Leverage Terraform for multi-cloud or hybrid scenarios where Azure-native Bicep is not applicable Cloud Infrastructure & Architecture • Provision and manage Azure resources including: o 🖥️ Compute: Virtual Machines, VM Scale Sets, App Services, Container Apps, AKS o 🌐 Networking: VNets, Subnets, NSGs, Application Gateways, Private Endpoints, DNS o 🗄️ Storage: Storage Accounts, Blob, File Shares, Data Lake o 🗃️ Databases: Azure SQL, Cosmos DB, PostgreSQL Flexible Server o 🔗 Integration: Logic Apps, API Management, Service Bus, Event Grid o 📊 Monitoring: Application Insights, Log Analytics, Azure Monitor, Dashboards, Workbooks o 🔐 Security: Key Vault, Managed Identity, RBAC, Azure Policy, Defender for Cloud • Design infrastructure that aligns with the Azure Well-Architected Framework (reliability, security, cost optimization, operational excellence, performance efficiency) Governance, Security & Compliance • Implement Azure Policy as Code for guardrails and compliance enforcement • Apply least-privilege RBAC role assignments using managed identities • Ensure secrets management via Azure Key Vault with zero hardcoded credentials • Support audit and compliance requirements through infrastructure documentation and drift detection • Integrate security scanning (tfsec, checkov, trivy) into CI/CD pipelines Collaboration & Documentation • Maintain comprehensive module docum

Skill Requirements

 IaC Tools Azure Bicep (primary), Terraform (v1.5+), ARM Templates Cloud Platform Microsoft Azure (multi-subscription, hub-spoke topologies) CI/CD GitHub Actions, Azure DevOps Pipelines, YAML-based workflows Version Control Git, GitHub (branching strategies, PR workflows, code reviews) Scripting PowerShell, Bash, Python Security Azure Policy, RBAC, Key Vault, Managed Identity, Private Endpoints Networking VNets, Subnets, NSGs, DNS, Load Balancers, Application Gateways Monitoring Azure Monitor, Application Insights, Log Analytics, KQL Containers Docker, AKS (Kubernetes fundamentals) Testing Bicep linter, Bicep what-if, PSRule for Azure, Terraform validate, tflint, tfsec, checkov

Other Requirements

 Azure Bicep │ Bicep Registry (ACR) │ Template Specs │ Deployment Stacks Terraform │ ARM Templates │ GitHub Actions │ Azure DevOps PowerShell │ Azure CLI │ Bash │ Python │ Git │ Docker │ Kubernetes (AKS) Azure Monitor │ Application Insights │ Log Analytics │ KQL Azure Policy │ Key Vault │ Managed Identity │ Microsoft Entra ID PSRule for Azure │ Bicep Linter │ tflint │ tfsec │ checkov │ trivy VS Code │ Bicep Extension │ Terraform Extension │ pre-commit hooks
Apply now
Information at a Glance

Why HCLTech?

At HCLTech, you'll supercharge your potential. You'll find your career. And you'll find your spark. All at a place that knows that helping its customers stay on top starts by putting its people first.

HCLTech is a global technology company, home to more than 226,300 people across 60 countries, delivering industry-leading capabilities centered around digital, engineering, cloud and AI, powered by a broad portfolio of technology services and products. We work with clients across all major verticals, providing industry solutions for Financial Services, Manufacturing, Life Sciences and Healthcare, Technology and Services, Telecom and Media, Retail and CPG, and Public Services. Consolidated revenues as of 12 months ending December 2025 totaled $14.5 billion.
23 Benefits At HCLTech, we believe in empowering our employees with comprehensive benefits that support their professional growth and enhance their well-being. When you sign up for a career with us, you gain access to: https://rmkcdn.successfactors.com/147eb21f/a701dca9-f32d-4fc9-9447-6.svg Industry-benchmarked compensation https://rmkcdn.successfactors.com/147eb21f/b0c54381-ddcc-4a33-9b35-9.svg Best-in-class healthcare benefits https://rmkcdn.successfactors.com/147eb21f/b73027be-7aae-4d36-a090-4.svg Personal time off https://rmkcdn.successfactors.com/147eb21f/d5b4fdfd-2e99-4e26-9878-9.svg Maternity and paternity benefits https://rmkcdn.successfactors.com/147eb21f/3d42b0fc-4652-435a-9ece-c.svg Access to skills / higher education programs/resources https://rmkcdn.successfactors.com/147eb21f/aeddeaf2-9e25-4584-ad11-d.svg Discounts on products and services via Benefit Box https://rmkcdn.successfactors.com/147eb21f/a9609a3b-2700-4b3c-9d90-a.svg Participate in CSR programs and live life with a purpose https://rmkcdn.successfactors.com/147eb21f/c6e33851-710f-4634-bd69-f.svg Opportunities to grow and advance your career Note: The benefits listed above vary depending on the nature of your employment and the country where you work. Some benefits may be available in some countries but not in all.