Position Title: Windows Platform Engineer

• Location: Hyderabad
• Grade: L2-2
• Hiring Manager: Michael Stager

The Windows Platform Engineer serves as one of the organization's technical authority for enterprise Windows platforms, combining operating system expertise with automation-first engineering principles. This role is responsible for designing, automating, and operating Windows infrastructure across hybrid cloud environments (Azure, AWS, on-premises VMware) while serving as an escalation point for critical Windows operations. The ideal candidate is a pragmatic technologist who partners with application teams, security, and business units to deliver standardized, compliant, and highly automated Windows platforms that accelerate pharma

innovation while maintaining rigorous GxP regulatory standards.

This position is pivotal to our organization's digital transformation journey. As pharma increasingly relies on cloud infrastructure, data platforms, AI/ML capabilities, and advanced analytics, the Windows platform becomes the foundation enabling innovation. This role ensures our scientists, researchers, and business partners have reliable, secure, and agile infrastructure that accelerates drug discovery and improves patient outcomes while maintaining the compliance rigor and quality standards our industry demands.

By leveraging our existing AAP investment and GitHub Actions integration, you'll drive automation maturity that reduces operational toil, accelerates delivery, and enables the organization to focus on high-value innovation rather than repetitive infrastructure tasks.

Key Responsibilities

Platform Engineering & Automation

• Enhance and extend our enterprise Ansible Automation Platform (AAP) implementation, building sophisticated automation workflows for Windows provisioning, configuration management, and orchestration

• Design and maintain CI/CD pipelines using GitHub Actions integrated with PowerShell scripts, Ansible playbooks and AAP for automated Windows image baking, testing, and deployment

• Develop and optimize golden image pipelines Windows Server (2016, 2019, 2022, 2025) across Azure, AWS, and VMware environments using Infrastructure as Code principles

• Create reusable Ansible modules for Windows, PowerShell DSC configurations, and Python-based automation tools that enable self-service capabilities for application teams

• Build integration workflows between GitHub Actions, AAP, and enterprise tooling via REST APIs (ServiceNow, monitoring platforms, CMDB, orchestration tools)

• Drive Windows containerization initiatives, supporting application teams with Windows container and Docker on Windows strategies

• Continuously improve automation framework performance, reliability, and maintainability based on operational feedback

Enterprise Windows Operations & Architecture

• Serve as subject matter expert for Windows Server across all versions, editions and deployment models

• Architect and manage Windows update (like WSUS/SCCM/Intune/Windows Update for Business) infrastructure for patch management, content lifecycle, and GxP compliance reporting

• Own the Windows platform lifecycle: planning, hardening standards (CIS, STIG, Microsoft Security Baselines), patching strategies, and end-of-life migrations

• Design and implement scalable solutions for Windows workloads across multi-cloud and hybrid environments

• Establish and enforce Windows standards, best practices, and architectural patterns aligned with pharma GxP compliance requirements

• Evaluate and integrate emerging Windows technologies (Azure Arc, Windows Admin Center, Azure Automanage) as business needs evolve

• Ensure Windows platforms meet validation requirements for GxP-regulated systems

• Manage Active Directory integration, Group Policy design, and domain services architecture in partnership with Identity teams

Stakeholder Partnership & Integration

• Partner with application owners, SQL Server DBAs, .NET development teams, integration teams, and Oracle administrators to understand requirements and embed them into standardized platform offerings

• Translate complex business and application requirements into technical Windows platform capabilities

• Collaborate with Cloud Engineering, Security, Network, and Storage teams on cross-functional initiatives

• Lead technical discovery sessions and provide consultative guidance on Windows platform capabilities

• Participate in architecture review boards and provide Windows expertise for new initiatives and M&A integrations

• Work with Quality Assurance and Validation teams to ensure Windows automation supports GxP compliance and validation activities

• Support IIS web server configurations and .NET application hosting requirements

Technical Leadership & Escalation Support

• Function as Tier 3/4 escalation point for Service Desk and IT Operations on all Windows-related incidents and problems

• Lead root cause analysis for critical Windows platform issues and drive permanent remediation

• Provide on-call support rotation for critical production Windows infrastructure

• Create and maintain technical documentation, runbooks, and knowledge base articles aligned with GxP documentation standards

Windows Platform Management

• Assist with the maintenance of our CMDB

• Maintain and evolve our Windows platform management environment

• Audit participation and remediation

• Collaborate and assist with other core tools to be integrated in the platform

Expected Skills

Technical Expertise

• 5+ years of hands-on Windows server administration experience with deep expertise in Windows Server (2016, 2019, 2022, 2025)

• Proficient with PowerShell scripting (5.1 and 7+) including advanced functions, modules, error handling, and automation framework development

• Proficient with Ansible Automation Platform (AAP/Tower/Controller), including complex workflow development, role creation, dynamic inventories, and job templates

• Experience with GitHub Actions for CI/CD pipeline development and integration with Ansible automation workflows

• Scripting capabilities in Python and Bash for automation, API integration, and systems programming

• Experience with Windows update management solutions (WSUS, SCCM, Intune, or Windows Update for Business)

• Understanding of Windows internals: Registry, Services, WMI/CIM, Event Logs, Performance Counters, and security (Windows Firewall, AppLocker, Windows Defender)

• Experience with cloud-native Windows deployments in AWS (EC2, Systems Manager, AMI building) and Azure (VMs, Azure Automation, custom images)

• Hands-on experience with VMware vSphere Windows guest management and integration

• Proficiency with Git/GitHub for version control, branch strategies, and Infrastructure as Code workflows

• Experience consuming and developing REST APIs for system integration and automation

• Understanding of CI/CD principles and GitOps methodologies

• undefined

  Platform & Integration Experience

  Working knowledge of application requirements for SQL Server, Oracle databases on Windows, .NET applications, and enterprise integration patterns

  Experience with Windows Server roles and features: IIS, DNS, DHCP, File Services, Remote Desktop Services

  Understanding of PowerShell Desired State Configurations (DSC) principles and implementation

  Familiarity with monitoring and observability tools (Prometheus, Grafana, Splunk, Datadog, SCOM, or similar)

  Experience building and maintaining golden images with security hardening and compliance controls built-in

  undefined

  Soft Skills & Business Acumen

  Excellent communication skills with ability to translate technical concepts for non-technical stakeholders

  Analytical and troubleshooting skills with methodical problem-solving approach

  Self-directed with ability to manage multiple priorities in a fast-paced pharmaceutical environment

  Customer service mindset

  Collaborative team player who can work effectively across organizational boundaries

  undefined

  Preferred Qualifications

  Microsoft Certified: Windows Server Hybrid Administrator Associate or Microsoft Certified: Azure

  Administrator Associate

  Experience in regulated pharmaceutical/life sciences environments with GxP system validation

  Container platform experience (Windows Containers, Docker on Windows, Azure Container Instances)

  Infrastructure as Code tools: Terraform, Packer for Windows image building

  Experience with HashiCorp Vault or secrets management platforms

  Cloud certifications (Azure Solutions Architect, AWS Solutions Architect)

  Agile/DevOps methodology exposure and experience working in sprint-based delivery models

  Experience with security hardening and compliance automation (Security Compliance Toolkit, Group

  Policy automation)

  Understanding of GAMP 5 principles and CSV (Computer System Validation) processes

  GitHub Advanced Security or similar DevSecOps tooling experience

  PowerShell Gallery contributions or open-source PowerShell module development

  Experience with Windows Admin Center and Azure Arc for hybrid management

  Knowledge of Azure Automation State Configuration or AWS Systems Manager State Manager

Background & Experience

• Education: Bachelor's degree

• Proficiency in English Language

• Pharmaceutical experience or other regulated industry

• Hybrid platform experience (Cloud (specifically AWS and Azure) and on-premises)

Pursue progress, discover extraordinary

Better is out there. Better medications, better outcomes, better science. But progress doesn’t happen without people – people from different backgrounds, in different locations, doing different roles, all united by one thing: a desire to make miracles happen. So, let’s be those people.

At Sanofi, we provide equal opportunities to all regardless of race, colour, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, ability or gender identity.

Watch our ALL IN video and check out our Diversity Equity and Inclusion actions at sanofi.com!