Senior Infrastructure & Platform Engineer at Apex Clean Energy — NeverHard

Job Description The Senior Infrastructure & Platform Engineer owns Apex's foundational enterprise platforms: cloud infrastructure, security tooling, network architecture, and the operational technology integrations that connect our corporate environment to wind, solar, and storage sites across North America. This is not a break-fix role. It is a platform ownership role with direct exposure to the highest-priority workstreams in the company and a mandate to build infrastructure that is resilient, documented, and ready to scale. This role sits within the Integrated Technology Solutions (ITS) department and reports to the ITS Director. You will work with cross-functional teams including Asset Management, Operations, SCADA, and data analysts. You will collaborate with managed service partners, security consultants, and infrastructure vendors — and you will be expected to lead, not just execute. Success in this role looks like: critical infrastructure that is resilient, documented, and understood; security posture that is continuously improved and verifiably measurable; and a platform foundation that other ITS capabilities — AI/ML, Data Governance, OT Security — can be built on with confidence. Our ideal candidate has done this before at a company navigating real complexity: cloud migration, major platform modernization, scaling inflection points. They bring deep technical judgment and the maturity to work in a collaborative, influence-based organization where how you work with people matters as much as what you build. Hours/Type: Full Time, Exempt Department: Integrated Technology Solutions Travel: 5% Primary Responsibilities Own and continuously improve Apex's core enterprise infrastructure, with particular depth in Azure, where our environment spans multiple subscriptions, resource groups, virtual networking, and integrated platform services across the organization. Responsibilities extend across the full stack: Microsoft Entra ID / Active Directory, Microsoft 365 services, and on-premises physical and virtual server and network environments at corporate and operational sites. Partner with ITS leadership and external security partners to continuously improve the organization's security posture, including identity hardening, network segmentation, and SIEM coverage and alert tuning. Own and mature Apex's infrastructure-as-code practice, building on an existing foundation of Terraform and Ansible. Apply IaC principles to automate provisioning, enforce configuration consistency, and reduce reliance on manual processes across cloud and hybrid environments — with the expectation that what is currently nascent becomes a disciplined, version-controlled standard under your ownership. Design, implement, and maintain identity governance controls — including privileged access management, conditional access policies, dynamic group logic, and lifecycle automation for joiners, movers, and leavers. Architect and support zero trust network access (ZTNA). Support operational technology (OT) connectivity and site infrastructure, coordinating with others to ensure appropriate segmentation and visibility between corporate IT and field environments. Develop and maintain infrastructure documentation, runbooks, architecture diagrams, and change records. Create the institutional knowledge that makes the team resilient, not dependent on any individual. Serve as a technical escalation point for ITS Operations Specialists; mentor junior team members and raise the technical baseline across the team. Communicate clearly and proactively with ITS leadership, stakeholders, and vendors — translating technical findings into business risk language and written briefings when needed. Contribute to ITS policy compliance by implementing technical controls that align with documented standards and frameworks. Identify and anticipate infrastructure risks before they become incidents; bring forward prioritized, actionable remediation recommendations rather than waiting to be asked.