[What the role is]
To design, build, secure, and operate the Enterprise Data & AI platform, ensuring it is reliable, cost-efficient, and compliant with enterprise governance standards. This role owns both the technical platform layer (clusters, jobs, CI/CD, monitoring) and the security layer (encryption, IAM, audit).[What you will be working on]
Platform Operations
Configure and maintain Enterprise Data and AI platform (e.g. Databricks workspaces, clusters, SQL warehouses, endpoints and workflows).
Automate provisioning and deployments using Terraform, Databricks CLI, or APIs.
Design and govern CI/CD frameworks used by Data Engineers for ETL/ML deployments, ensuring secure, compliant, and automated delivery workflows.
Monitor platform usage, cost trends, and optimize performance of workloads.
Maintain platform reliability and meet defined uptime and service-level objectives.
Security Engineering
Implement and maintain security controls for the enterprise data platform, including encryption, secrets management, and secure access patterns.
Define and enforce role-based and attribute-based access policies across data assets and cloud compute resources.
Configure secret scopes and secure service principal access.
Monitor platform audit and activity logs to detect policy violations, anomalous access, and compliance risks.
Ensure platform operations align with NP’s security, compliance, and regulatory requirements (e.g., IM8, NIST, GDPR. PDPA where applicable).
Collaboration
Work closely with Data Engineers, Governance Leads, and Analysts to ensure data pipelines, workflows, and products adhere to security and platform standards.
Work closely with CI/CD team to integrate monitoring and alerting into observability stack.
Advise leadership on platform performance and security posture and risks, optimisation opportunities, as well as compliance gaps.
[What we are looking for]
3–5 years in cloud platform engineering or security engineering.
Proven experience managing and securing large-scale data or ML platforms.
Prior work in regulated industries (finance, healthcare, government) is a plus.
Skills & Certifications
Certifications:
Degree or Diploma in Computer Science, Computer Engineering, Information Technology or equivalent.
Cloud security certs: Azure Security Engineer Associate / AWS Security Specialty / GCP Security Engineer.
Infrastructure-as-code: Terraform or equivalent.
Databricks Certified Administrator or Databricks Security Engineer is a plus
Technical Skills:
Cloud IAM, KMS, VPC/VNet, firewall/security groups.
Encryption standards (AES, envelope encryption).
CI/CD (Azure DevOps, GitHub Actions, Jenkins).
Databricks platform administration (clusters, jobs, SQL warehouses, UC integration).
Other Skills:
Strong knowledge of monitoring/observability stacks (e.g. Azure Monitor).
Incident response and audit log analysis.
Experience in GCC/GCC2.0 is a plus.
Attributes
Reliability-focused and security-first mindset with attention to detail.
Strong collaborator with engineering, governance, and leadership.
Proactive in risk identification and mitigation.
Balanced approach: performance and cost optimization while ensuring compliance.