We are Lenovo. We do what we say. We own what we do. We WOW our customers.
Lenovo is a US$69 billion revenue global technology powerhouse, ranked #196 in the Fortune Global 500, and serving millions of customers every day in 180 markets. Focused on a bold vision to deliver Smarter Technology for All, Lenovo has built on its success as the world's largest PC company with a full-stack portfolio of AI-enabled, AI-ready, and AI-optimized devices (PCs, workstations, smartphones, tablets), infrastructure (server, storage, edge, high performance computing and software defined infrastructure), software, solutions, and services. Lenovo's continued investment in world-changing innovation is building a more equitable, trustworthy, and smarter future for everyone, everywhere. Lenovo is listed on the Hong Kong stock exchange under Lenovo Group Limited (HKSE: 992) (ADR: LNVGY).
This transformation together with Lenovo's world-changing innovation is building a more inclusive, trustworthy, and smarter future for everyone, everywhere. To find out more visit www.lenovo.com, and read about the latest news via our StoryHub.
Key Responsibilities
Operations Support
- Perform day-to-day support for Azure services (e.g., VMs, VNets, Load Balancers, App Service, AKS, Storage, Key Vault, Azure SQL/MI, Backup/ASR)
- Monitor platform health and alerts via Azure Monitor, Log Analytics, Application Insights, and Sentinel; triage incidents and escalate per runbooks.
- Execute standard changes (e.g., access requests, tagging, policy compliance fixes) and maintain documentation/runbooks.
Provisioning Automation
- Provision resources using ARM/Bicep or Terraform under guidance; maintain parameter files and environment configs.
- Contribute to CI/CD pipelines (Azure DevOps/GitHub Actions) for infrastructure and application deployment.
- Assist with image management and baseline configurations (e.g., hardened images, extensions, diagnostic profiles).
Governance, Security Compliance
- Apply RBAC, PIM (Just-in-Time), Azure Policy, management groups, subscriptions, and resource group standards.
- Enforce tagging, naming, backup/DR, and identity controls (via Entra ID).
- Support security tooling (Defender for Cloud, vulnerability remediation, baseline compliance) and participate in change management and audits.
- Help maintain artefacts for compliance (e.g., configuration baselines, access reviews, patching evidence, cost reports).
Networking Connectivity
- Support VNets, subnets, NSGs, Azure Firewall, Private Endpoints, and diagnostics.
- Assist with connectivity patterns (e.g., ExpressRoute/VPN, Private Link, service endpoints) in line with landing zone design.
Cost Performance
- Support cost allocation (tagging), reserved instance/savings plan recommendations, and right‑sizing.
- Participate in performance troubleshooting and basic capacity planning.
Collaboration Continuous Improvement
- Work with application teams, security, and operations to meet SLAs.
- Contribute to Knowledge Base (KB) articles, SOPs, and automation to reduce toil.
Required Qualifications Skills
- 3 years in cloud/infrastructure/operations
- Azure fundamentals: resource groups, VNets, subnets, NSGs, storage, VMs, IAM/RBAC, Key Vault, monitoring.
- Basic scripting: PowerShell and/or Python.
- Familiar with IaC (ARM/Bicep or Terraform) and Git-based workflows.
- Understanding of identity access concepts (Entra ID), security baselines, and least privilege.
- Strong troubleshooting skills; able to follow runbooks and document findings.
- Excellent communication and a service-oriented mindset.
- Terraform Associate (HashiCorp) – nice to have.
- Exposure to landing zones/CAF, subscription management, Azure Policy at scale.
- Familiarity with log analytics KQL, Sentinel, Defender for Cloud.
- Awareness of public sector IT governance (e.g., change windows, segregation of duties, audit traceability, access reviews).
- Experience with Containers/AKS, App Gateway/WAF, Private Link, ASR, and Backup.
- Understanding of cost management (tags, budgets, showback/chargeback).
Preferred Certifications
- Microsoft Certified: Azure Fundamentals (AZ‑900)
- Azure Administrator (AZ‑104) or Azure Security Engineer (SC‑200/SC‑300).
We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, religion, sexual orientation, gender identity, national origin, status as a veteran, and basis of disability or any federal, state, or local protected class.
