Head of Cloud Architecture

About the role

Working directly with the CTO, you'll own and evolve our global Azure estate, a mature, multi-region, highly resilient and secure environment, with the autonomy to set its direction and drive it forward. This is both a hands-on architecture role and a leadership one: you'll be expected to build and lead a global team over time, establishing the standards, practices and technical direction they work to. The estate is established and production-critical, but ownership of where it goes next is yours: continuously modernising it, raising the resilience and security bar, and ensuring it keeps pace with the business rather than standing still. It's a high-autonomy, high-visibility role for someone who can operate at CTO level, set technical direction with conviction, and grow a team behind it. As Pinewood.AI continues its international growth, this role will be central to ensuring our Automotive Intelligence Platform remains secure, scalable, resilient, and capable of supporting customers around the world. You'll combine strategic thinking with deep technical expertise, shaping the future of our cloud infrastructure while remaining close to the technology that powers it. Key Responsibilities Partner directly with the CTO to own the Azure technical strategy, reference architecture and roadmap, translating business goals into a coherent, evolving multi-region design. Build and lead a global infrastructure team, hiring, mentoring and setting the technical standards, ways of working and quality bar they operate to. Own and evolve the foundations of the estate: landing zones, management group/subscription topology, naming and tagging standards, and the governance baseline the wider organisation builds on. Architect for global resilience, including multi-region topologies, availability zones, geo-redundancy, failover and defined RTO/RPO targets, and prove it through testing rather than assumption. Own secure, performant global networking: virtual networks, subnets, NSGs, peering, hub-and-spoke, VPN/ExpressRoute, Azure Firewall, Front Door/Traffic Manager, private endpoints and DNS. Maintain and advance the security model end to end: identity (Entra ID), RBAC, Key Vault, encryption, Microsoft Defender for Cloud and Zero Trust principles. Own compliance across multiple jurisdictions, including data residency and sovereignty, mapping controls to relevant frameworks (e.g. ISO 27001, SOC 2, GDPR, regional equivalents) and evidencing them for audit. Govern at scale with Azure Policy, authoring definitions and initiatives, applying them across scopes, and managing remediation. Maintain and improve Infrastructure as Code in Bicep: reusable modules, parameterised deployments, and integration into CI/CD pipelines with what-if, policy and security gates. Own compute architecture across Virtual Machines (sizing, availability zones/sets, scale sets) and App Services (web apps, deployment slots), with clear scaling and capacity strategies. Own data platforms across SQL Server on VMs (IaaS) and PaaS (Azure SQL Database, Managed Instance), including HA/DR, geo-replication and migration. Mature telemetry and observability (Azure Monitor, Log Analytics, Application Insights) and the operational practices, alerting, automation, runbooks, cost management, that keep the estate healthy. Produce and maintain clear architecture documentation, conceptual, network topology, data-flow and deployment diagrams, tailored to engineering, security/compliance and executive audiences, and keep them current as the estate evolves. Drive constant technical progression: continuously evaluate new Azure capabilities and emerging practices, including AI-assisted IaC and agentic operations, and modernise the platform rather than letting it stand still. Requirements Demonstrable experience architecting and operating production Azure environments at scale, including ownership of a mature, business-critical estate. Deep, hands-on expertise across the responsibilities above. This remains a building role as well as a leadership one. Experience building, leading or mentoring technical teams, ideally distributed across regions. Proven multi-region, highly available and disaster-resilient design experience. Strong Bicep / Infrastructure as Code skills and CI/CD pipeline integration (Azure DevOps or GitHub Actions). Solid grounding in cloud security and multi-jurisdiction compliance and governance. Strong architecture diagramming and visual communication skills, ideally including diagrams-as-code (e.g. Mermaid, PlantUML, D2) and standard notation/frameworks such as the C4 model and the official Azure architecture icon set. A considered view on AI-assisted infrastructure (e.g. AI-generated IaC, agentic operations) and the guardrails, policy, gates, review, that make it safe in a regulated environment. Excellent communication and stakeholder-management skills, comfortable operating at CTO level. Self-directed and comfortable owning direction with a high degree of autonom

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at Pinewood.AI? Share your experience