We are seeking a highly experienced Platform Architect to lead the architecture, security, scalability, and reliability of our Azure-based SaaS platform. The platform includes Java-based microservices, ReactJS frontend, ML pipelines, and RAG (Retrieval-Augmented Generation) components.
This role will work closely with Java Tech Leads, Senior DevOps Engineers, Senior ML Engineers, Security teams, and Business stakeholders to define and implement a secure, scalable, and high-performing cloud-native architecture.
Security is a mission-critical priority in this role.
Key Responsibilities
1. Platform Architecture & Design
Define end-to-end architecture for Azure-based SaaS platform
Design secure, scalable microservices architecture (Java/Spring Boot preferred)
Define cloud-native architecture patterns (12-factor app, event-driven, API-first)
Design high-availability, multi-region deployment strategy
Establish platform standards for:
Observability
Logging
Monitoring
API gateway
Service mesh (if required)
2. Security Architecture (Critical Area)
Design and implement Zero Trust Architecture principles
Define secure authentication & authorization mechanisms (OAuth2, OIDC, Azure AD, RBAC, ABAC)
Lead identity and access management strategy
Ensure secure API design and protection (rate limiting, throttling, WAF, API management)
Define encryption standards (in transit & at rest)
Implement secrets management strategy (Azure Key Vault)
Conduct threat modeling and security architecture reviews
Ensure compliance with industry standards (ISO 27001, SOC2, GDPR, etc.)
Define DevSecOps practices and secure SDLC
Secure ML and RAG pipelines (data protection, prompt injection mitigation, model access control)
3. Azure Cloud Architecture
Design and oversee:
Azure Kubernetes Service (AKS)
Azure App Services
Azure API Management
Azure Storage & Databases (SQL/Cosmos/Blob)
Event Hub / Service Bus
Azure AI services (if applicable)
Define landing zones and governance model
Cost optimization strategy (FinOps awareness)
Multi-tenant SaaS architecture design
4. ML & RAG Platform Enablement
Architect infrastructure for:
ML model training and deployment
RAG pipelines (vector databases, embeddings, LLM integration)
Define data isolation and model security controls
Secure integration with external LLM providers (if applicable)
Ensure performance, scalability, and latency optimization
Define monitoring for ML inference & model drift
5. DevOps & Platform Engineering
Collaborate with DevOps on:
CI/CD pipeline architecture
Infrastructure as Code (Terraform/Bicep)
GitOps practices
Define containerization standards (Docker)
Establish Kubernetes best practices (security policies, namespaces, network policies)
Implement observability stack (Prometheus, Grafana, Azure Monitor, App Insights)
Define SRE practices (SLOs, SLIs, error budgets)
6. Microservices & API Strategy
Define microservices boundaries and domain-driven design alignment
Establish API versioning and lifecycle management standards
Define resiliency patterns (circuit breakers, retries, bulkheads)
Define caching strategies (Redis, CDN)
Ensure backward compatibility and extensibility
7. Governance & Stakeholder Collaboration
Work with business stakeholders to translate functional & non-functional requirements into architecture
Lead architecture review board discussions
Create architecture documentation and decision records (ADRs)
Mentor Java leads and senior engineers
Support pre-sales or compliance discussions when needed
Required Qualifications
12+ years in software engineering
5+ years in cloud-native architecture (Azure preferred)
5+ years designing microservices platforms
Strong expertise in Azure cloud services
Deep understanding of:
Kubernetes (AKS)
API Management
Identity & Access Management
Cloud security architecture
Experience designing secure SaaS multi-tenant platforms
Hands-on knowledge of DevSecOps
Experience working with ML/AI systems and RAG architectures
Strong understanding of distributed systems design
Discover some of the global benefits that empower our people to become the best version of themselves:
Finance:
Competitive salary package, share plan, company performance bonuses, value-based recognition awards, referral bonus;
Career Development
: Career coaching, global career opportunities, non-linear career paths, internal development programmes for management and technical leadership;
Learning Opportunities:
Complex projects, rotations, internal tech communities, training, certifications, coaching, online learning platforms subscriptions, pass-it-on sessions, workshops, conferences;
Work-Life Balance:
Hybrid work and flexible working hours, employee assistance programme;
Health:
Global internal wellbeing programme, access to wellbeing apps;
Community:
Global internal tech communities, hobby clubs and interest groups, inclusion and diversity programmes, events and celebrations.
At Endava, we’re committed to creating an open, inclusive, and respectful environment where everyone feels safe, valued, and empowered to be their best. We welcome applications from people of all backgrounds, experiences, and perspectives—because we know that inclusive teams help us deliver smarter, more innovative solutions for our customers. Hiring decisions are based on merit, skills, qualifications, and potential. If you need adjustments or support during the recruitment process, please let us know.
