Kestra Financial

Kestra is a growing leader in the financial services industry and has recently completed a transition of its flagship web application, Advisor Complete, into Azure. Now that we are running fully in Azure, we are looking for capable and engaged Senior Platform Engineer to assist our cloud infrastructure team in continuing to support and grow the platform. Additionally, Kestra is rapidly acquiring other firms in the financial services arena, at least multiple per quarter, further expanding the number of assets we need to either move to or manage in the cloud.

ESSENTIAL DUTIES AND RESPONSIBILITIES: To perform this job successfully, individual must be able to perform each essential duty satisfactorily:

• Design, develop, and deploy highly scalable and secure applications, data, and integration workloads in Microsoft Azure, aligning technical solutions with long-term business goals.
• Audit and clean up AAD role assignments & Azure RBAC assignments.(Critical for implementing least privilege principle)
• Deliver Business Continuity and Disaster Recovery strategies for critical enterprise systems, ensuring high availability and minimal disruption through multi-region architectures and cost-effective recovery plans.
• Build and maintain automated governance frameworks using policy-as-code and tagging standards to support compliance, cost optimization, and operational consistency across the cloud landscape.
• Drive cloud efficiency by leading initiatives around cost optimization, regulatory compliance, and platform hygiene—putting smart controls in place that enable innovation rather than restrict it.
• Act as a hands-on cloud advisor and mentor, sharing deep Azure expertise to guide engineering teams in shaping architecture, improving platform resilience, and evolving cloud-native practices.
• Collaborate closely with DevOps, software, and infrastructure teams to implement Infrastructure as Code (IaC) using Bicep, Terraform, and ARM templates—ensuring secure, repeatable, and scalable environment provisioning; assist in keeping core/shared infrastructure IaC up-to-date at all times, also collaborating SRE
• Automate key operational processes through scripting and runbooks, reducing manual effort, increasing deployment velocity, and improving day-to-day platform reliability.
• Continuously evaluate the cloud ecosystem to identify technical debt, performance bottlenecks, and improvement opportunities—introducing architectural enhancements to support growth, agility, and efficiency.
• Provide strategic input and trusted technical counsel to senior leadership on cloud adoption, modernization efforts, and the broader technology roadmap.
• Develop & maintain basic automation scripts/runbooks to streamline operational tasks and environment provisioning.

KNOWLEDGE, SKILLS, AND/OR ABILITIES: To perform this job successfully, the individual should have the following skills and abilities.

• Extensive understanding and experience with the following Azure functionality:
  • Identity and Access Management
    • Azure AD
    • Application Registrations/Enterprise Applications
    • RBAC
    • PIM
    • Azure Policy
  • Network
    • Azure Firewall
    • Virtual WAN/Hubs
    • Express Routes
    • Azure Front Door/App Gateway
    • Peering
    • Route Tables
    • Private DNS Zones
    • Network Watcher
    • Host Files
  • Cloud Data Storage
    • Databricks
    • ETL solutions
    • Storage Accounts/S3
    • Azure SQL/RDS
  • Compute
    • Elasticsearch
    • Virtual Machine Management
    • Backup
• Familiarity with the general concepts and basic administration of:
  • FTP Servers
  • Internet Information Server (IIS)
  • SQL Server 2017
  • Windows Server 2016 & 2019

SUPERVISORY RESPONSIBILITIES: None

EDUCATION AND/OR EXPERIENCE:

• 2+ years managing Azure tenants and resources
• 5+ years working in a Developer capacity OR 3+ years working in Systems Administrator capacity

CERTIFICATIONS, LICENSES, REGISTRATIONS:

• Exam AZ-900: Microsoft Azure Fundamentals
• Exam AZ-104: Microsoft Azure Administrator
• Exam AZ-700: Designing and Implementing Microsoft Azure Networking Solutions
• Exam AZ-305: Designing Microsoft Azure Infrastructure Solutions – Highly Desired
• AWS/GCP Certifications can be had in lieu of Microsoft Certifications

PHYSICAL DEMAND: The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

• Ability to sit at a computer for long periods of time in office environment well lit.
• Position is located in the Austin, TX office. Must be able to work in the office during scheduled work hours.

OTHER DUTIES: Please note this job description is not designed to cover or contain a complete comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.