Position Title: Senior Windows Platform Engineer
The Senior Windows Platform Engineer serves as the organization's technical authority for enterprise Windows platforms, combining operating system expertise with automation-first engineering principles. This role is responsible for designing, automating, and operating Windows infrastructure across hybrid cloud environments (Azure, AWS, on-premises VMware) while serving as an escalation point for critical Windows operations. The ideal candidate is a pragmatic technologist who partners with application teams, security, and business units to deliver standardized, compliant, and highly automated Windows platforms that accelerate pharma
innovation while maintaining rigorous GxP regulatory standards.
This position is pivotal to our organization's digital transformation journey. As pharma increasingly relies on cloud infrastructure, data platforms, AI/ML capabilities, and advanced analytics, the Windows platform becomes the foundation enabling innovation. This role ensures our scientists, researchers, and business partners have reliable, secure, and agile infrastructure that accelerates drug discovery and improves patient outcomes while maintaining the compliance rigor and quality standards our industry demands.
By leveraging our existing AAP investment and GitHub Actions integration, you'll drive automation maturity that reduces operational toil, accelerates delivery, and enables the organization to focus on high-value innovation rather than repetitive infrastructure tasks.
Key Responsibilities
Platform Engineering & Automation
Enhance and extend our enterprise Ansible Automation Platform (AAP) implementation, building sophisticated automation workflows for Windows provisioning, configuration management, and orchestration
Design and maintain CI/CD pipelines using GitHub Actions integrated with PowerShell scripts, Ansible playbooks and AAP for automated Windows image baking, testing, and deployment
Develop and optimize golden image pipelines for Windows Server (2016, 2019, 2022, 2025) across Azure, AWS, and VMware environments using Infrastructure as Code principles
Create reusable Ansible modules for Windows, PowerShell DSC configurations, and Python-based automation tools that enable self-service capabilities for application teams
Build integration workflows between GitHub Actions, AAP, and enterprise tooling via REST APIs (ServiceNow, monitoring platforms, CMDB, orchestration tools)
Drive Windows containerization initiatives, supporting application teams with Windows container and Docker on Windows strategies
Continuously improve automation framework performance, reliability, and maintainability based on operational feedback
Enterprise Windows Operations & Architecture
Serve as subject matter expert for Windows Server across all versions, editions and deployment models
Architect and manage Windows update (like WSUS/SCCM/Intune/Windows Update for Business) infrastructure for patch management, content lifecycle, and GxP compliance reporting
Own the Windows platform lifecycle: planning, hardening standards (CIS, STIG, Microsoft Security Baselines), patching strategies, and end-of-life migrations
Design and implement scalable solutions for Windows workloads across multi-cloud and hybrid environments
Establish and enforce Windows standards, best practices, and architectural patterns aligned with pharma GxP compliance requirements
Evaluate and integrate emerging Windows technologies (Azure Arc, Windows Admin Center, Azure Automanage) as business needs evolve
Ensure Windows platforms meet validation requirements for GxP-regulated systems
Manage Active Directory integration, Group Policy design, and domain services architecture in partnership with Identity teams
Stakeholder Partnership & Integration
Partner with application owners, SQL Server DBAs, .NET development teams, integration teams, and Oracle administrators to understand requirements and embed them into standardized platform offerings
Translate complex business and application requirements into technical Windows platform capabilities
Collaborate with Cloud Engineering, Security, Network, and Storage teams on cross-functional initiatives
Lead technical discovery sessions and provide consultative guidance on Windows platform capabilities
Participate in architecture review boards and provide Windows expertise for new initiatives and M&A integrations
Work with Quality Assurance and Validation teams to ensure Windows automation supports GxP compliance and validation activities
Support IIS web server configurations and .NET application hosting requirements
Technical Leadership & Escalation Support
Function as Tier 3/4 escalation point for Service Desk and IT Operations on all Windows-related incidents and problems
Lead root cause analysis for critical Windows platform issues and drive permanent remediation
Mentor junior engineers and operations staff on Windows fundamentals, automation techniques, and troubleshooting methodologies
Provide on-call support rotation for critical production Windows infrastructure, PowerShell automation techniques, and troubleshooting methodologies
Create and maintain technical documentation, runbooks, and knowledge base articles aligned with GxP documentation standards
Windows Platform Management
Assist with the maintenance of our CMDB
Maintain and evolve our Windows platform management environment
Audit participation and remediation
Collaborate and assist with other core tools to be integrated in the platform
Expected SkillsTechnical Expertise
7+ years of hands-on Windows server administration experience with deep expertise in Windows Server (2016, 2019, 2022, 2025)
Expert proficiency with PowerShell scripting (5.1 and 7+) including advanced functions, modules, error handling, and automation framework development
Expert level of proficiency with Ansible Automation Platform (AAP/Tower/Controller), including complex workflow development, role creation, dynamic inventories, and job templates
Advanced proven experience with GitHub Actions for CI/CD pipeline development and integration with Ansible automation workflows
Advanced scripting capabilities in Python and Bash for automation, API integration, and systems programming
Extensive Experience with Windows update management solutions (WSUS, SCCM, Intune, or Windows Update for Business)
Deep understanding of Windows internals: Registry, Services, WMI/CIM, Event Logs, Performance Counters, and security (Windows Firewall, AppLocker, Windows Defender)
Experience with cloud-native Windows deployments in AWS (EC2, Systems Manager, AMI building) and Azure (VMs, Azure Automation, custom images)
Hands-on experience with VMware vSphere Windows guest management and integration
Proficiency with Git/GitHub for version control, branch strategies, and Infrastructure as Code workflows
Experience consuming and developing REST APIs for system integration and automation
Understanding of CI/CD principles and GitOps methodologies
Platform & Integration Experience
Working knowledge of application requirements for SQL Server, Oracle databases on Windows, .NET applications, and enterprise integration patterns
Experience with Windows Server roles and features: IIS, DNS, DHCP, File Services, Remote Desktop Services
Understanding of PowerShell Desired State Configurations (DSC) principles and implementation
Familiarity with monitoring and observability tools (Prometheus, Grafana, Splunk, Datadog, SCOM, or similar)
Experience building and maintaining golden images with security hardening and compliance controls built-in
Soft Skills & Business Acumen
Excellent communication skills with ability to translate technical concepts for non-technical stakeholders
Proven track record of partnering with application teams and understanding business requirements
Strong analytical and troubleshooting skills with methodical problem-solving approach
Self-directed with ability to manage multiple priorities in a fast-paced pharmaceutical environment
Customer service mindset with experience in escalation management
Collaborative team player who can work effectively across organizational boundaries
Preferred Qualifications
Microsoft Certified: Windows Server Hybrid Administrator Associate or Microsoft Certified: Azure
Administrator Associate
Experience in regulated pharmaceutical/life sciences environments with GxP system validation
Container platform experience (Windows Containers, Docker on Windows, Azure Container Instances)
Infrastructure as Code tools: Terraform, Packer for Windows image building
Experience with HashiCorp Vault or secrets management platforms
Cloud certifications (Azure Solutions Architect, AWS Solutions Architect)
Agile/DevOps methodology exposure and experience working in sprint-based delivery models
Experience with security hardening and compliance automation (Security Compliance Toolkit, Group
Policy automation
Understanding of GAMP 5 principles and CSV (Computer System Validation) processes
GitHub Advanced Security or similar DevSecOps tooling experience
PowerShell Gallery contributions or open-source PowerShell module development
Experience with Windows Admin Center and Azure Arc for hybrid management
Knowledge of Azure Automation State Configuration or AWS Systems Manager State Manager
Background & ExperienceEducation: Bachelor's degree
Proficiency in English Language
Pharmaceutical experience preferred, or other regulated industry
Hybrid platform experience (Cloud (specifically AWS and Azure) and on-premises)
Pursue progress, discover extraordinary
Better is out there. Better medications, better outcomes, better science. But progress doesn’t happen without people – people from different backgrounds, in different locations, doing different roles, all united by one thing: a desire to make miracles happen. So, let’s be those people.
At Sanofi, we provide equal opportunities to all regardless of race, colour, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, ability or gender identity.
Watch our ALL IN video and check out our Diversity Equity and Inclusion actions at sanofi.com!