Back to jobs
Sr. Staff Cloud Infrastructure Engineer, Managed Services (W2 Contract)
Mountain View, CA
We are CARIAD, an automotive software development team with the Volkswagen Group. Our mission is to make the automotive experience safer, more sustainable, more comfortable, more digital, and more fun. To achieve that we are building the leading tech stack for the automotive industry and creating a unified software platform for over 10 million new vehicles per year. We’re looking for talented, digital minds like you to help us create code that moves the world. Together with you, we’ll build outstanding digital experiences and products for all Volkswagen Group brands that will transform mobility. Join us as we shape the future of the car and everyone around it.
Title: Sr. Cloud Infrastructure Engineer, Managed Services (W2 Contract)
Role Summary:
The Sr Staff Cloud Infrastructure Engineer (Contract) will play a critical role in architecting and deploying CARIAD’s Managed IT Services Platform—a secure, scalable, multi-tenant environment built on Microsoft Azure. Key responsibilities include establishing centralized administration using Azure Lighthouse and integrating SailPoint IdentityNow to automate identity and access management.
This role is responsible for defining the platform’s technical foundation and delivering secure infrastructure using Infrastructure as Code (IaC) with Terraform and ARM templates. The engineer will ensure all solutions meet Volkswagen Group’s cloud security and compliance standards.
Blending deep hands-on engineering expertise and innovation with automation and architectural leadership, this position will drive the development of a reusable, governed, and operationally efficient cloud services platform that supports long-term scalability and onboarding for global customers.
Workplace Flexibility:
This is a contract W2 position with a hybrid office schedule.
Preferred Locations are Mountain View, CA, or Bellevue, WA
Requires availability of off-hours work during critical deployments
Key Responsibilities:
Cloud Platform Architecture & Deployment
- Lead the end-to-end design, architecture, and delivery of a secure, scalable, multi-tenant Azure platform for Volkswagen Group.
- Drive adoption of Azure Lighthouse as the enterprise standard for centralized control and tenant isolation.
- Define and implement the integration of SailPoint IdentityNow (or equivalent) for IAM provisioning and lifecycle governance at global scale.
- Establish reusable landing zones, enterprise reference architectures, and global patterns to accelerate onboarding across brands.
- Influence and align senior stakeholders across engineering, InfoSec, and operations, ensuring strategic and technical alignment.
- Continuously evolve architecture by evaluating and implementing Azure innovations and industry-leading security trends.
Infrastructure as Code (IaC) & Automation
- Own the development of enterprise-scale Terraform modules and ARM templates that serve as reusable building blocks across engineering teams.
- Govern integration of IaC into CI/CD pipelines, ensuring full lifecycle automation and compliance at scale.
- Define and enforce global standards for tagging, naming, and configuration management across tenants.
- Drive automation of shared services, network configurations, and RBAC with a focus on security and operational efficiency.
- Champion the use of security validation tools (e.g., tfsec, Checkov) in all deployment pipelines, ensuring consistent adoption across teams.
Security & Compliance
- Set and enforce enterprise-wide Azure RBAC, PIM, and Zero Trust standards across tenants.
- Lead implementation of secure access models (JIT, NSGs, Key Vault) for highly regulated and global environments.
- Define and automate security baselines using Defender for Cloud, Sentinel, and enterprise governance frameworks.
- Partner with Volkswagen Group InfoSec, audit, and compliance teams to drive alignment, pass audits, and establish repeatable governance processes.
Platform Operations & Integration
- Own the design and governance of tenant provisioning workflows, onboarding processes, and platform integration patterns.
- Lead enterprise-level monitoring strategies, setting standards for logs, metrics, and alerts across multiple environments.
- Act as the escalation point for infrastructure troubleshooting, ensuring rapid resolution of complex issues.
- Maintain global documentation, playbooks, and support guides to ensure knowledge-sharing and operational consistency.
Change & Incident Management
- Define and enforce enterprise change management frameworks aligned with ITSM best practices.
- Own technical leadership of RCA processes for critical issues, driving long-term fixes and reliability improvements.
- Represent cloud operations in CAB meetings and cross-organization escalation paths, ensuring lessons learned translate into process improvements.
Required Skills & Qualifications:
- Bachelor’s degree in Computer Science, IT, or equivalent hands-on experience
- 10+ years in cloud infrastructure or platform engineering
- 6+ years in Microsoft Azure, with experience in multi-tenant or enterprise-scale deployments
- Scripting experience: Powershell
- Strong hands-on expertise in:
- Azure Lighthouse, Terraform, ARM Templates
- CI/CD pipeline integration (GitHub Actions, Azure DevOps, etc.)
- SailPoint IdentityNow or equivalent IAM platforms
- Azure security (RBAC, PIM, Policies, Key Vault, Zero Trust)
- Familiar with infrastructure security testing (e.g., tfsec, Checkov).
- Experience in regulated industries (automotive, OEMs, or similar) a plus
- Strong communication skills and ability to work independently as a contractor
- Certifications (preferred):
- Microsoft Certified: Azure Administrator Associate
- HashiCorp Certified: Terraform Associate
- AZ-500: Microsoft Azure Security Technologies
- ITIL Foundation Certification
Compensation:
Hourly range is dependent on factors such as geographical differentials, credentials or certifications, industry-based experience, qualification and training. In the city of Mountain View, CA, the hourly range for this contract position is $88 - $114/hr.
CARIAD is an Equal Opportunity Employer. We welcome and encourage applicants from all backgrounds, and do not discriminate based on race, sex, age, disability, sexual orientation, national origin, religion, color, gender identity/expression, marital status, veteran status, or any other characteristics protected by applicable laws.
Create a Job Alert
Interested in building your career at Cariad, Inc.? Get future opportunities sent straight to your email.
Apply for this job
*
indicates a required field