Platform Architect

Company Description

Technology is our how. And people are our why. For over two decades, we have been harnessing technology to drive meaningful change.
 
By combining world-class engineering, industry expertise and a people-centric mindset, we consult and partner with leading brands from various industries to create dynamic platforms and intelligent digital experiences that drive innovation and transform businesses.
 
From prototype to real-world impact - be part of a global shift by doing work that matters.

Job Description

We are seeking a highly experienced Platform Architect to lead the architecture, security, scalability, and reliability of our Azure-based SaaS platform. The platform includes Java-based microservices, ReactJS frontend, ML pipelines, and RAG (Retrieval-Augmented Generation) components.

This role will work closely with Java Tech Leads, Senior DevOps Engineers, Senior ML Engineers, Security teams, and Business stakeholders to define and implement a secure, scalable, and high-performing cloud-native architecture.

Security is a mission-critical priority in this role.

Key Responsibilities

1. Platform Architecture & Design

• Define end-to-end architecture for Azure-based SaaS platform
• Design secure, scalable microservices architecture (Java/Spring Boot preferred)
• Define cloud-native architecture patterns (12-factor app, event-driven, API-first)
• Design high-availability, multi-region deployment strategy
• Establish platform standards for:
  • Observability
  • Logging
  • Monitoring
  • API gateway
  • Service mesh (if required)

2. Security Architecture (Critical Area)

• Design and implement Zero Trust Architecture principles
• Define secure authentication & authorization mechanisms (OAuth2, OIDC, Azure AD, RBAC, ABAC)
• Lead identity and access management strategy
• Ensure secure API design and protection (rate limiting, throttling, WAF, API management)
• Define encryption standards (in transit & at rest)
• Implement secrets management strategy (Azure Key Vault)
• Conduct threat modeling and security architecture reviews
• Ensure compliance with industry standards (ISO 27001, SOC2, GDPR, etc.)
• Define DevSecOps practices and secure SDLC
• Secure ML and RAG pipelines (data protection, prompt injection mitigation, model access control)

3. Azure Cloud Architecture

• Design and oversee:
  • Azure Kubernetes Service (AKS)
  • Azure App Services
  • Azure API Management
  • Azure Storage & Databases (SQL/Cosmos/Blob)
  • Event Hub / Service Bus
  • Azure AI services (if applicable)
• Define landing zones and governance model
• Cost optimization strategy (FinOps awareness)
• Multi-tenant SaaS architecture design

4. ML & RAG Platform Enablement

• Architect infrastructure for:
  • ML model training and deployment
  • RAG pipelines (vector databases, embeddings, LLM integration)
• Define data isolation and model security controls
• Secure integration with external LLM providers (if applicable)
• Ensure performance, scalability, and latency optimization
• Define monitoring for ML inference & model drift

5. DevOps & Platform Engineering

• Collaborate with DevOps on:
  • CI/CD pipeline architecture
  • Infrastructure as Code (Terraform/Bicep)
  • GitOps practices
• Define containerization standards (Docker)
• Establish Kubernetes best practices (security policies, namespaces, network policies)
• Implement observability stack (Prometheus, Grafana, Azure Monitor, App Insights)
• Define SRE practices (SLOs, SLIs, error budgets)

6. Microservices & API Strategy

• Define microservices boundaries and domain-driven design alignment
• Establish API versioning and lifecycle management standards
• Define resiliency patterns (circuit breakers, retries, bulkheads)
• Define caching strategies (Redis, CDN)
• Ensure backward compatibility and extensibility

7. Governance & Stakeholder Collaboration

• Work with business stakeholders to translate functional & non-functional requirements into architecture
• Lead architecture review board discussions
• Create architecture documentation and decision records (ADRs)
• Mentor Java leads and senior engineers
• Support pre-sales or compliance discussions when needed

Qualifications

Required Qualifications

• 12+ years in software engineering
• 5+ years in cloud-native architecture (Azure preferred)
• 5+ years designing microservices platforms
• Strong expertise in Azure cloud services
• Deep understanding of:
  • Kubernetes (AKS)
  • API Management
  • Identity & Access Management
  • Cloud security architecture
• Experience designing secure SaaS multi-tenant platforms
• Hands-on knowledge of DevSecOps
• Experience working with ML/AI systems and RAG architectures

Strong understanding of distributed systems design

Additional Information

Discover some of the global benefits that empower our people to become the best version of themselves:

• Finance: Competitive salary package, share plan, company performance bonuses, value-based recognition awards, referral bonus;   
• Career Development: Career coaching, global career opportunities, non-linear career paths, internal development programmes for management and technical leadership;
• Learning Opportunities: Complex projects, rotations, internal tech communities, training, certifications, coaching, online learning platforms subscriptions, pass-it-on sessions, workshops, conferences;
• Work-Life Balance: Hybrid work and flexible working hours, employee assistance programme;
• Health: Global internal wellbeing programme, access to wellbeing apps;
• Community: Global internal tech communities, hobby clubs and interest groups, inclusion and diversity programmes, events and celebrations.

At Endava, we’re committed to creating an open, inclusive, and respectful environment where everyone feels safe, valued, and empowered to be their best. We welcome applications from people of all backgrounds, experiences, and perspectives—because we know that inclusive teams help us deliver smarter, more innovative solutions for our customers. Hiring decisions are based on merit, skills, qualifications, and potential. If you need adjustments or support during the recruitment process, please let us know.