DevOps Architect-Azure and Git

9 - 12 Years 1 Opening Bangalore, Hyderabad, Kochi, Noida, Pune, Trivandrum

Role description

1. Objective

The objective of this project is to design and implement a secure, scalable, and maintainable DevOps environment supporting Python development and deployment, primarily for Streamlit applications, leveraging GitHub Enterprise, Azure, and containerized deployments This solution must comply with UK NCSC CAF (Enhanced profile) and NIS2 requirements, and include the definition of governance, operational processes, and knowledge transfer to enable internal teams to manage and extend the platform

2. Scope of Work

The vendor will design, implement, and document a complete DevOps solution for Python-based workloads, covering:

• Infrastructure Platform

• Migrate or deploy Streamlit environments to Azure, using Docker containers or other suitable container orchestration (e.g., Azure Container Apps or AKS).
• Establish at least three environment tiers: Development, Test/UAT, and Production.
• Define appropriate Azure resource topology, network configuration, access control (RBAC), and monitoring aligned to corporate and regulatory requirements.
• Provide guidance or implementation for backup, recovery, and observability, including integration with Azure Monitoring or recommended alternatives.

• DevOps Toolchain and CI/CD

• Implement GitHub Enterprise as the central DevOps platform:
• Code repositories and branching strategies.
• GitHub Actions for CI/CD pipelines (build, test, deploy).
• Secrets management and integration with Azure (e.g., Azure Key Vault).
• Define automated workflows for:
• Application build and containerization (Docker).
• Environment-specific deployments to Streamlit servers.
• Automated testing and quality checks (linting, unit tests, dependency scanning).
• Support infrastructure-as-code using tools such as Terraform, Bicep, or Azure Resource Manager templates to ensure repeatable and auditable provisioning.

• Python Environment and Package Management

• Standardize Python version and package management using Docker base images, requirements.txt/pyproject.toml, and dependency pinning.
• Define an internal package management process (e.g., using GitHub Packages or Azure Artifacts).
• Establish reproducible local development environments (via Dev Containers or similar).
• Document best practices for package security scanning, vulnerability management, and version upgrades.

• Security and Compliance

• Ensure solution design aligns with NCSC CAF (Enhanced profile) and NIS2 principles:
• Secure build and deployment pipelines (least privilege, code integrity, signing).
• Network and identity management (Azure AD integration, RBAC, conditional access).
• Data protection, monitoring, and incident response capabilities.
• Implement auditing, logging, and ing to ensure traceability and compliance with internal and regulatory expectations.

• Process and Governance Framework

• Define and document operational processes including:
• CI/CD operations, code promotion, and approval workflows.
• Environment lifecycle management (provisioning, scaling, decommissioning).
• Change and release management aligned with ITIL or modern DevOps equivalents.
• Incident, problem, and backup/recovery procedures.
• Define a governance model covering:
• Roles and responsibilities across IT, developers, and business users.
• Access management and onboarding/offboarding.
• Code review and quality assurance standards.
• Naming conventions, tagging, and documentation expectations.

• Monitoring, Backup, and Operations

• Implement monitoring for both infrastructure and applications (Azure Monitor, Application Insights, or alternative tools).
• Define and document a backup and disaster recovery strategy, aligned with existing Veeam (for on-prem) or Azure Backup (for cloud) capabilities.
• Recommend or implement log aggregation and retention practices.

• Knowledge Transfer and Training

• Deliver training sessions and handover documentation for IT and development staff covering:
• DevOps processes, GitHub workflows, and CI/CD operations.
• Container lifecycle management and troubleshooting.
• Python package management and dependency control.
• Infrastructure as code principles and maintenance.
• Provide runbooks, standard operating procedures (SOPs), and architecture documentation to enable internal ownership.

• Optional (if capacity allows)

• Recommend an ITSM integration strategy (Halo or alternative) for release/change tracking.
• Define an approach for automated testing and security scanning of Python code (e.g., pytest, Bandit, Dependabot).

3. Deliverables

Vendors should be expected to deliver:

• Architecture and Design Documentation

• Solution design, including Azure topology, CI/CD architecture, and security model.
• Process and governance framework.
• Backup, monitoring, and operational model.

• Implemented and Tested Environment

• Working multi-tier Azure-based environment for Streamlit deployments.
• Integrated CI/CD pipelines in GitHub Enterprise.
• Working containerization model with example Python/Streamlit apps deployed.

• Operational Documentation and Training

• Technical documentation, SOPs, and runbooks.
• Knowledge transfer sessions and training materials.

• Transition Plan

• Plan for internal ownership post-implementation.
• Optional short “hypercare” support phase for operational handover.

4. Success Criteria

The engagement will be considered successful when:

• Streamlit apps can be deployed automatically via GitHub Actions into segregated Azure environments.
• The environment is secure, auditable, and compliant with NIS2/NCSC CAF.
• IT and traders have documented and trained operational capability to maintain and evolve the platform.
• The DevOps framework is extensible to other Python-based workloads in the future.

Skills

Azure,CI/CD,GitHub Enterprises

About UST

UST is a global digital transformation solutions provider. For more than 20 years, UST has worked side by side with the world’s best companies to make a real impact through transformation. Powered by technology, inspired by people and led by purpose, UST partners with their clients from design to operation. With deep domain expertise and a future-proof philosophy, UST embeds innovation and agility into their clients’ organizations. With over 30,000 employees in 30 countries, UST builds for boundless impact—touching billions of lives in the process.