{"id":74774,"date":"2026-04-15T17:58:04","date_gmt":"2026-04-15T17:58:04","guid":{"rendered":"https:\/\/www.devopsschool.com\/blog\/head-of-infrastructure-role-blueprint-responsibilities-skills-kpis-and-career-path\/"},"modified":"2026-04-15T17:58:04","modified_gmt":"2026-04-15T17:58:04","slug":"head-of-infrastructure-role-blueprint-responsibilities-skills-kpis-and-career-path","status":"publish","type":"post","link":"https:\/\/www.devopsschool.com\/blog\/head-of-infrastructure-role-blueprint-responsibilities-skills-kpis-and-career-path\/","title":{"rendered":"Head of Infrastructure: Role Blueprint, Responsibilities, Skills, KPIs, and Career Path"},"content":{"rendered":"\n

1) Role Summary<\/h2>\n\n\n\n

The Head of Infrastructure is the senior leader accountable for the reliability, scalability, security, and cost-effectiveness of the company\u2019s production and corporate infrastructure platforms. This role establishes the infrastructure strategy and operating model, leads infrastructure engineering and operations teams, and ensures the infrastructure enables product delivery at the required performance and availability levels.<\/p>\n\n\n\n

This role exists in software and IT organizations because infrastructure is a core product dependency: customer experience, developer productivity, and security posture are all constrained by infrastructure design and operational maturity. The Head of Infrastructure creates business value by improving uptime and incident outcomes, accelerating delivery through standardized platforms and automation, reducing unit costs (e.g., cost per customer\/transaction), enabling compliance readiness, and building resilient systems that support revenue growth.<\/p>\n\n\n\n

Role horizon: Current<\/strong> (with increasing emphasis on platform engineering, FinOps, and security-by-design).<\/p>\n\n\n\n

Typical interaction map includes: Product Engineering, SRE\/Operations, Security (AppSec\/SecOps\/GRC), Architecture, Data\/ML, IT\/Corporate Systems, Finance (FinOps), Procurement\/Vendor Management, Customer Support\/Success, and Executive Leadership.<\/p>\n\n\n\n

\n\n\n\n

2) Role Mission<\/h2>\n\n\n\n

Core mission:<\/strong>\nProvide a resilient, secure, scalable, and cost-efficient infrastructure foundation\u2014delivered through clear standards, automation, and operational excellence\u2014so that product teams can ship safely and customers experience reliable performance.<\/p>\n\n\n\n

Strategic importance:<\/strong>\nInfrastructure is the runtime and delivery backbone for software products. As the organization scales, unmanaged infrastructure complexity becomes a primary source of outages, security risk, delivery friction, and runaway cloud spend. The Head of Infrastructure is accountable for preventing infrastructure from becoming a growth limiter.<\/p>\n\n\n\n

Primary business outcomes expected:<\/strong>\n– Sustained high availability and performance of customer-facing services\n– Reduced incident frequency, severity, and time-to-recovery\n– Predictable capacity and resilient disaster recovery capability\n– Secure-by-default infrastructure and improved audit\/compliance readiness\n– Improved developer experience via self-service platform capabilities\n– Transparent infrastructure economics and reduced waste (FinOps maturity)\n– A healthy infrastructure organization with strong on-call practices and talent development<\/p>\n\n\n\n

\n\n\n\n

3) Core Responsibilities<\/h2>\n\n\n\n

Strategic responsibilities<\/h3>\n\n\n\n
    \n
  1. Infrastructure strategy and roadmap:<\/strong> Define a multi-year infrastructure and platform strategy aligned to product growth, reliability targets, security posture, and financial constraints; maintain a prioritized roadmap with measurable outcomes.<\/li>\n
  2. Target architecture and standards:<\/strong> Establish reference architectures and engineering standards for compute, networking, storage, observability, identity, secrets, and CI\/CD infrastructure.<\/li>\n
  3. Platform operating model:<\/strong> Determine which capabilities are centralized vs embedded (platform teams, SRE, ops), including service ownership, support boundaries, and escalation models.<\/li>\n
  4. Reliability and resilience strategy:<\/strong> Define availability targets and service tiering (e.g., Tier 0\/1\/2), including multi-region strategy, disaster recovery posture, and resilience patterns.<\/li>\n
  5. Cloud and vendor strategy:<\/strong> Select cloud approach (single vs multi-cloud), negotiate vendor contracts, oversee managed services adoption, and manage vendor performance.<\/li>\n
  6. Cost strategy (FinOps):<\/strong> Create cost allocation\/tagging standards, unit cost models, budgeting\/forecasting mechanisms, and optimization initiatives linked to product metrics.<\/li>\n
  7. Security and compliance alignment:<\/strong> Partner with Security\/GRC to ensure infrastructure meets policy and compliance needs (e.g., SOC2\/ISO 27001, HIPAA, PCI depending on context).<\/li>\n<\/ol>\n\n\n\n

    Operational responsibilities<\/h3>\n\n\n\n
      \n
    1. Service availability and operations:<\/strong> Accountable for 24\/7 production reliability and operational health of infrastructure platforms; ensure clear on-call rotations and escalation paths.<\/li>\n
    2. Incident management leadership:<\/strong> Ensure incident response processes exist (triage, comms, postmortems), with consistent execution and measurable improvements.<\/li>\n
    3. Change management:<\/strong> Implement safe change practices (progressive delivery, maintenance windows where necessary, approval policies for high-risk changes) and reduce change failure rate.<\/li>\n
    4. Capacity and performance management:<\/strong> Build capacity planning processes, load\/performance testing support, and proactive scaling triggers; eliminate bottlenecks before they impact customers.<\/li>\n
    5. Business continuity and disaster recovery:<\/strong> Own DR planning, testing schedules, runbooks, and recovery objectives; ensure predictable recoverability and evidence of testing.<\/li>\n<\/ol>\n\n\n\n

      Technical responsibilities<\/h3>\n\n\n\n
        \n
      1. Infrastructure-as-Code and automation:<\/strong> Drive IaC adoption and maturity (provisioning, configuration, policy-as-code) to improve speed, consistency, and auditability.<\/li>\n
      2. Kubernetes\/container platform leadership (where applicable):<\/strong> Ensure a secure, well-governed container ecosystem with clear cluster lifecycle management, upgrades, and multi-tenancy controls.<\/li>\n
      3. Observability platform ownership:<\/strong> Ensure robust monitoring, logging, tracing, and alerting; establish SLOs\/SLIs and actionable alert standards that reduce noise.<\/li>\n
      4. Identity, access, and secrets management:<\/strong> Ensure secure IAM patterns, least privilege access, centralized secrets management, and strong operational controls for privileged access.<\/li>\n
      5. Network and edge services:<\/strong> Oversee network architecture, DNS\/CDN, ingress, WAF, VPN\/zero-trust connectivity, and connectivity reliability for internal and external services.<\/li>\n<\/ol>\n\n\n\n

        Cross-functional or stakeholder responsibilities<\/h3>\n\n\n\n
          \n
        1. Developer experience enablement:<\/strong> Partner with engineering leaders to reduce friction (environment provisioning, CI reliability, standardized pipelines, golden paths, documentation).<\/li>\n
        2. Customer-impact communication:<\/strong> Ensure timely, accurate infrastructure communications for incidents and changes (status pages, customer comms via Support\/Success), especially for material outages.<\/li>\n
        3. Executive reporting and decision support:<\/strong> Provide infrastructure health reporting: reliability, risk, cost, capacity, and roadmap progress; communicate trade-offs and recommend decisions.<\/li>\n<\/ol>\n\n\n\n

          Governance, compliance, or quality responsibilities<\/h3>\n\n\n\n
            \n
          1. Policy and control implementation:<\/strong> Implement infrastructure controls (logging retention, backup standards, encryption, vulnerability management integration, patching SLAs).<\/li>\n
          2. Audit readiness and evidence:<\/strong> Ensure repeatable evidence collection for audits (access reviews, change logs, DR test results, asset inventory, vendor attestations).<\/li>\n
          3. Service catalog and ownership governance:<\/strong> Maintain clear ownership, service documentation standards, and lifecycle management for infrastructure components.<\/li>\n
          4. Data protection and privacy enablement (as applicable):<\/strong> Ensure infrastructure supports data residency, encryption, retention, and deletion requirements.<\/li>\n<\/ol>\n\n\n\n

            Leadership responsibilities<\/h3>\n\n\n\n
              \n
            1. Team leadership and talent development:<\/strong> Build and lead infrastructure org (managers, tech leads, SRE, network, cloud engineering); set expectations, career paths, coaching, and succession planning.<\/li>\n
            2. Budget and resource management:<\/strong> Own infrastructure budget (cloud spend, tooling, vendors, headcount), run portfolio trade-offs, and justify investments with ROI.<\/li>\n
            3. Culture and operational excellence:<\/strong> Establish a blameless, learning-focused culture with strong engineering discipline, documentation, and sustainable on-call health.<\/li>\n<\/ol>\n\n\n\n
              \n\n\n\n

              4) Day-to-Day Activities<\/h2>\n\n\n\n

              Daily activities<\/h3>\n\n\n\n
                \n
              • Review production health dashboards (availability, latency, saturation, error rates), major alerts, and customer-impact signals.<\/li>\n
              • Triage and unblock critical infrastructure issues impacting product teams (CI instability, capacity constraints, access issues, cluster degradation).<\/li>\n
              • Approve or delegate high-risk changes (e.g., network changes, IAM policy changes, major upgrades) according to change policy.<\/li>\n
              • Coordinate with Security on urgent vulnerabilities, zero-days, or policy enforcement actions.<\/li>\n
              • Engage with Engineering leaders on near-term delivery needs and platform bottlenecks.<\/li>\n<\/ul>\n\n\n\n

                Weekly activities<\/h3>\n\n\n\n
                  \n
                • Reliability review: incident summaries, SLO breaches, top alerts, and corrective action progress.<\/li>\n
                • Cost review: spend trends, anomaly detection, savings opportunities, reserved capacity\/commitments management.<\/li>\n
                • Platform roadmap grooming: reprioritize based on business needs, risk, and operational toil.<\/li>\n
                • Team leadership: 1:1s with managers\/leads, hiring pipeline review, performance coaching, on-call health check.<\/li>\n
                • Cross-functional sync: Architecture\/CTO staff meeting; Security sync; Support\/Success escalation review.<\/li>\n<\/ul>\n\n\n\n

                  Monthly or quarterly activities<\/h3>\n\n\n\n
                    \n
                  • Capacity planning cycle aligned to product roadmap and growth forecasts (traffic, tenants, regions).<\/li>\n
                  • Disaster recovery exercise planning and execution; review RTO\/RPO achievement and remediation backlog.<\/li>\n
                  • Vendor\/contract reviews: SLAs, spend, renewals, tooling consolidation, and negotiation strategy.<\/li>\n
                  • Policy\/compliance readiness review: access reviews, control gaps, audit evidence checks.<\/li>\n
                  • Organizational planning: headcount plan, skills gaps, L&D plan, and succession coverage.<\/li>\n<\/ul>\n\n\n\n

                    Recurring meetings or rituals<\/h3>\n\n\n\n
                      \n
                    • Weekly: Infrastructure leadership staff meeting (delivery, incidents, risk, cost).<\/li>\n
                    • Weekly\/biweekly: Change Advisory\/High-Risk Change review (context-specific; avoid bureaucracy where not needed).<\/li>\n
                    • Biweekly\/monthly: FinOps review with Finance and engineering cost owners.<\/li>\n
                    • Monthly: Reliability Council \/ SRE review with product engineering leadership.<\/li>\n
                    • Quarterly: Executive infrastructure review (KPIs, roadmap outcomes, risk register, budget forecast).<\/li>\n<\/ul>\n\n\n\n

                      Incident, escalation, or emergency work (when relevant)<\/h3>\n\n\n\n
                        \n
                      • Participate as Incident Commander or Executive Sponsor for SEV-1\/SEV-2 events.<\/li>\n
                      • Ensure stakeholder communications: exec briefings, status page updates, customer comms alignment.<\/li>\n
                      • Lead \u201cstop-the-line\u201d decisions when risk is high (e.g., rollback releases, disable features, freeze changes).<\/li>\n
                      • Sponsor and enforce corrective actions from postmortems, ensuring improvements are implemented and validated.<\/li>\n<\/ul>\n\n\n\n
                        \n\n\n\n

                        5) Key Deliverables<\/h2>\n\n\n\n
                          \n
                        • Infrastructure strategy deck<\/strong> (12\u201324 month horizon) with investment themes, risk posture, and measurable targets.<\/li>\n
                        • Infrastructure roadmap and backlog<\/strong> with prioritization rationale (risk, ROI, developer productivity, reliability).<\/li>\n
                        • Reference architectures and standards<\/strong> (cloud landing zone, networking, IAM, secrets, encryption, backup).<\/li>\n
                        • Service tiering model<\/strong> (Tier 0\/1\/2) with availability targets, DR expectations, and support model.<\/li>\n
                        • SLO\/SLI framework<\/strong> for critical platform services (CI, Kubernetes, service mesh, databases if owned, observability).<\/li>\n
                        • Incident management playbooks<\/strong> and postmortem templates<\/strong>; recurring incident trend reports.<\/li>\n
                        • Disaster recovery plan<\/strong> and DR runbooks<\/strong>; evidence of DR tests and improvement actions.<\/li>\n
                        • Infrastructure-as-Code repositories<\/strong> and policy-as-code artifacts; module catalogs and golden paths.<\/li>\n
                        • Cloud cost allocation model<\/strong> (tags\/labels), unit economics dashboards, and cost optimization plans.<\/li>\n
                        • Operational dashboards<\/strong> (availability, latency, error budgets, on-call load, MTTR, change failure rate).<\/li>\n
                        • Security controls implementation artifacts<\/strong> (access review process, privileged access workflows, secrets rotation plan).<\/li>\n
                        • Vendor evaluation and renewal packets<\/strong> (RFP criteria, total cost of ownership, risk assessments).<\/li>\n
                        • Team operating model documentation<\/strong> (RACI, escalation paths, on-call, service ownership, support hours).<\/li>\n
                        • Training artifacts<\/strong>: onboarding guides, runbooks, internal workshops on IaC, incident response, and platform usage.<\/li>\n<\/ul>\n\n\n\n
                          \n\n\n\n

                          6) Goals, Objectives, and Milestones<\/h2>\n\n\n\n

                          30-day goals<\/h3>\n\n\n\n
                            \n
                          • Establish clear understanding of current-state infrastructure: topology, reliability risks, cost drivers, security gaps, and team capacity.<\/li>\n
                          • Build relationship map with CTO\/VP Engineering, Security, Product Engineering leaders, Finance, Support\/Success.<\/li>\n
                          • Review incident history (last 6\u201312 months) and identify top systemic drivers (toil, architectural fragility, noisy alerts).<\/li>\n
                          • Validate on-call health and escalation model; address any immediate burnout or coverage gaps.<\/li>\n
                          • Inventory critical vendors\/tools, contracts, and renewal dates; identify high-risk dependencies.<\/li>\n<\/ul>\n\n\n\n

                            60-day goals<\/h3>\n\n\n\n
                              \n
                            • Publish a current-state assessment<\/strong> and risk register<\/strong> with ranked priorities and mitigation plans.<\/li>\n
                            • Define service tiering and baseline reliability targets for critical customer journeys.<\/li>\n
                            • Implement (or tighten) incident response standards: severity definitions, comms templates, postmortems with action tracking.<\/li>\n
                            • Establish FinOps basics: tagging policy, showback dashboards, top 5 cost optimization opportunities.<\/li>\n
                            • Align with Security on top infrastructure control gaps and remediation timeline (e.g., IAM cleanup, secrets, logging retention).<\/li>\n<\/ul>\n\n\n\n

                              90-day goals<\/h3>\n\n\n\n
                                \n
                              • Deliver a prioritized 2\u20133 quarter infrastructure roadmap<\/strong> with clear outcomes and owners.<\/li>\n
                              • Launch key platform initiatives (examples): standardized IaC modules; Kubernetes baseline hardening; observability upgrades; CI reliability improvements.<\/li>\n
                              • Implement or refine SLOs for core platform services and connect to alerting and error budget policies.<\/li>\n
                              • Formalize change risk management for high-impact systems (upgrade policy, rollout\/rollback standards).<\/li>\n
                              • Present budget forecast and investment case(s) to executive leadership.<\/li>\n<\/ul>\n\n\n\n

                                6-month milestones<\/h3>\n\n\n\n
                                  \n
                                • Measurable incident reduction (frequency\/severity) and improved MTTR through better detection, runbooks, and automation.<\/li>\n
                                • Demonstrable cost governance: cost allocation coverage, anomaly detection, and realized savings.<\/li>\n
                                • Documented and tested DR for Tier-0 services, with RTO\/RPO achieved or a clear plan to reach targets.<\/li>\n
                                • Platform self-service improvements: faster environment provisioning, reduced ticket volume, more paved roads.<\/li>\n
                                • Team maturity improvements: clear role definitions, leveling, hiring plan underway, improved on-call sustainability.<\/li>\n<\/ul>\n\n\n\n

                                  12-month objectives<\/h3>\n\n\n\n
                                    \n
                                  • Achieve agreed reliability targets (availability, latency, SLO attainment) for Tier-0\/Tier-1 services.<\/li>\n
                                  • Reduce change failure rate and increase deployment safety through progressive delivery patterns and automated checks.<\/li>\n
                                  • Strong compliance posture: repeatable evidence for relevant audits; security controls integrated into infrastructure workflows.<\/li>\n
                                  • Significant automation and toil reduction: decrease manual operational workload and improve developer satisfaction.<\/li>\n
                                  • Mature vendor portfolio and tooling: consolidation where appropriate, improved SLAs, optimized spend.<\/li>\n<\/ul>\n\n\n\n

                                    Long-term impact goals (12\u201336 months)<\/h3>\n\n\n\n
                                      \n
                                    • Infrastructure becomes a competitive advantage: rapid product experimentation, consistent performance at scale, and trusted security posture.<\/li>\n
                                    • A \u201cplatform as product\u201d approach: defined platform APIs, internal SLAs, user research with engineering teams, and measurable adoption.<\/li>\n
                                    • Predictable unit economics: cloud cost per customer\/transaction becomes stable or improving despite growth.<\/li>\n
                                    • High-performing infrastructure org with strong leadership bench and reduced key-person risk.<\/li>\n<\/ul>\n\n\n\n

                                      Role success definition<\/h3>\n\n\n\n

                                      Success is achieved when infrastructure reliability and security are consistently strong, engineering teams can ship with minimal friction, costs are transparent and actively managed, and the infrastructure organization operates sustainably with clear ownership and measurable outcomes.<\/p>\n\n\n\n

                                      What high performance looks like<\/h3>\n\n\n\n
                                        \n
                                      • Proactively identifies and mitigates systemic risks before incidents occur.<\/li>\n
                                      • Builds leverage via automation, standardization, and strong platform products.<\/li>\n
                                      • Communicates trade-offs clearly to executives; earns trust through predictable delivery and operational discipline.<\/li>\n
                                      • Develops leaders and creates resilient team structures rather than relying on heroics.<\/li>\n<\/ul>\n\n\n\n
                                        \n\n\n\n

                                        7) KPIs and Productivity Metrics<\/h2>\n\n\n\n

                                        The metrics below are intended to be practical, auditable, and aligned to business outcomes. Targets vary by company stage and service criticality; sample targets represent a mature SaaS environment.<\/p>\n\n\n\n

                                        \n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n
                                        Metric name<\/th>\nWhat it measures<\/th>\nWhy it matters<\/th>\nExample target \/ benchmark<\/th>\nFrequency<\/th>\n<\/tr>\n<\/thead>\n
                                        Tier-0 availability<\/td>\nUptime of most critical customer-facing services<\/td>\nDirect revenue and trust driver<\/td>\n99.9%\u201399.99% monthly<\/td>\nWeekly\/monthly<\/td>\n<\/tr>\n
                                        SLO attainment (platform services)<\/td>\n% of time SLOs met for CI, clusters, observability, etc.<\/td>\nIndicates platform reliability and user trust<\/td>\n\u2265 95% of SLOs met monthly<\/td>\nMonthly<\/td>\n<\/tr>\n
                                        Error budget burn rate<\/td>\nRate of SLO budget consumption<\/td>\nForces reliability vs velocity trade-offs<\/td>\n< 1.0 burn rate sustained<\/td>\nWeekly<\/td>\n<\/tr>\n
                                        MTTR (SEV-1\/2)<\/td>\nMean time to restore service<\/td>\nMeasures operational effectiveness<\/td>\nSEV-1: < 60\u201390 mins (context-specific)<\/td>\nMonthly<\/td>\n<\/tr>\n
                                        MTTD<\/td>\nMean time to detect incidents<\/td>\nObservability and alerting quality<\/td>\n< 5\u201310 mins for Tier-0<\/td>\nMonthly<\/td>\n<\/tr>\n
                                        Incident recurrence rate<\/td>\n% of incidents repeating within a time window<\/td>\nMeasures root cause elimination<\/td>\n< 10% recurring within 90 days<\/td>\nMonthly<\/td>\n<\/tr>\n
                                        Change failure rate<\/td>\n% of changes causing incidents\/rollback<\/td>\nDeployment safety and maturity<\/td>\n< 10% (elite teams lower)<\/td>\nMonthly<\/td>\n<\/tr>\n
                                        Infrastructure deployment frequency<\/td>\nFrequency of infra changes safely deployed<\/td>\nIndicates automation and agility<\/td>\nMultiple times\/week for IaC<\/td>\nWeekly<\/td>\n<\/tr>\n
                                        On-call load (pages\/person\/week)<\/td>\nAlert volume and toil<\/td>\nPredicts burnout and quality<\/td>\nTarget: sustainable baseline; reduce noisy alerts by 30\u201350%<\/td>\nWeekly<\/td>\n<\/tr>\n
                                        Alert quality (actionable %)<\/td>\n% of alerts that require action<\/td>\nReduces noise and improves response<\/td>\n> 70\u201380% actionable<\/td>\nMonthly<\/td>\n<\/tr>\n
                                        Capacity headroom<\/td>\nAvailable capacity vs peak (CPU\/mem\/IO\/DB connections)<\/td>\nPrevents performance incidents<\/td>\nMaintain 20\u201340% headroom (varies)<\/td>\nWeekly<\/td>\n<\/tr>\n
                                        DR test pass rate<\/td>\nSuccessful completion of DR exercises<\/td>\nValidates recoverability<\/td>\n100% scheduled tests executed; gaps tracked<\/td>\nQuarterly<\/td>\n<\/tr>\n
                                        RTO\/RPO attainment<\/td>\nAchieved recovery time\/point objectives<\/td>\nBusiness continuity<\/td>\nTier-0 meets targets; Tier-1 plan in progress<\/td>\nQuarterly<\/td>\n<\/tr>\n
                                        Patch\/vulnerability SLA compliance<\/td>\nTimely remediation of critical vulnerabilities<\/td>\nReduces security risk<\/td>\nCritical fixes within 7\u201314 days (context-specific)<\/td>\nWeekly\/monthly<\/td>\n<\/tr>\n
                                        IAM policy exceptions<\/td>\nCount\/age of privilege exceptions<\/td>\nLeast privilege maturity<\/td>\nExceptions time-bound; aging < 30\u201360 days<\/td>\nMonthly<\/td>\n<\/tr>\n
                                        Logging coverage<\/td>\n% of Tier-0 services with required logs retained<\/td>\nCompliance and detection<\/td>\n> 95% coverage<\/td>\nMonthly<\/td>\n<\/tr>\n
                                        Cloud cost variance to forecast<\/td>\nAccuracy of cost forecasting<\/td>\nFinancial control<\/td>\nWithin \u00b15\u201310% monthly<\/td>\nMonthly<\/td>\n<\/tr>\n
                                        Unit cost (per customer\/transaction)<\/td>\nCost efficiency trend<\/td>\nScales profitably<\/td>\nStable or decreasing with growth<\/td>\nMonthly\/quarterly<\/td>\n<\/tr>\n
                                        Savings realized<\/td>\nVerified savings from optimization<\/td>\nShows impact of FinOps<\/td>\n5\u201315% annualized savings (depends on baseline)<\/td>\nQuarterly<\/td>\n<\/tr>\n
                                        Platform adoption rate<\/td>\n% of teams using standard modules\/golden paths<\/td>\nStandardization leverage<\/td>\n> 70% adoption for target paths<\/td>\nQuarterly<\/td>\n<\/tr>\n
                                        Developer satisfaction (platform NPS)<\/td>\nInternal customer satisfaction<\/td>\nCorrelates with delivery velocity<\/td>\nPositive trend; target > +20 NPS (example)<\/td>\nQuarterly<\/td>\n<\/tr>\n
                                        Roadmap predictability<\/td>\nDelivered vs planned outcomes<\/td>\nExecution health<\/td>\n70\u201385% on-time delivery of committed outcomes<\/td>\nQuarterly<\/td>\n<\/tr>\n
                                        Team retention \/ engagement<\/td>\nStability and culture health<\/td>\nSustains operational excellence<\/td>\nHealthy retention; engagement improving<\/td>\nQuarterly<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n
                                        \n\n\n\n

                                        8) Technical Skills Required<\/h2>\n\n\n\n

                                        Must-have technical skills<\/h3>\n\n\n\n
                                          \n
                                        1. Cloud infrastructure architecture (AWS\/Azure\/GCP)<\/strong>\n – Description: Designing secure, scalable cloud environments with appropriate managed services.\n – Use: Landing zones, account\/subscription structure, networking, compute, storage, IAM patterns.\n – Importance: Critical<\/strong>.<\/li>\n
                                        2. Infrastructure reliability engineering<\/strong>\n – Description: Applying SRE principles (SLOs, error budgets, toil reduction, incident\/postmortems).\n – Use: Reliability targets, operational maturity, on-call practices, observability.\n – Importance: Critical<\/strong>.<\/li>\n
                                        3. Infrastructure-as-Code (IaC)<\/strong> (e.g., Terraform\/CloudFormation\/Bicep)\n – Description: Declarative provisioning, versioning, automated reviews, and controlled rollout.\n – Use: Standard modules, repeatable environments, auditability.\n – Importance: Critical<\/strong>.<\/li>\n
                                        4. Networking fundamentals and cloud networking<\/strong>\n – Description: VPC\/VNet design, routing, DNS, load balancing, private connectivity, segmentation.\n – Use: Secure connectivity, performance, hybrid connectivity if needed.\n – Importance: Critical<\/strong>.<\/li>\n
                                        5. Security fundamentals for infrastructure<\/strong>\n – Description: IAM\/least privilege, secrets management, encryption, key management, logging, threat modeling basics.\n – Use: Secure-by-default platform design; risk mitigation.\n – Importance: Critical<\/strong>.<\/li>\n
                                        6. Observability design<\/strong>\n – Description: Metrics\/logs\/traces, alerting strategy, dashboards, SLO reporting.\n – Use: Operational health, faster detection and diagnosis, capacity\/perf management.\n – Importance: Critical<\/strong>.<\/li>\n
                                        7. Linux and systems fundamentals<\/strong>\n – Description: OS-level troubleshooting, performance tuning concepts, automation readiness.\n – Use: Root cause investigations, platform design review, operations leadership.\n – Importance: Important<\/strong>.<\/li>\n
                                        8. Operational processes (ITIL-inspired, pragmatic)<\/strong>\n – Description: Incident\/problem\/change management, runbooks, ownership models.\n – Use: Consistent operations at scale without excessive bureaucracy.\n – Importance: Important<\/strong>.<\/li>\n<\/ol>\n\n\n\n

                                          Good-to-have technical skills<\/h3>\n\n\n\n
                                            \n
                                          1. Kubernetes and container platforms<\/strong>\n – Use: Platform standardization, multi-tenancy, cluster lifecycle, workload governance.\n – Importance: Important<\/strong> (Critical in K8s-heavy companies).<\/li>\n
                                          2. CI\/CD platform engineering<\/strong>\n – Use: Pipeline reliability, build systems, artifact management, release safety controls.\n – Importance: Important<\/strong>.<\/li>\n
                                          3. Database reliability and scaling concepts<\/strong>\n – Use: Partnering with data teams; designing HA\/backup; capacity and performance planning.\n – Importance: Optional<\/strong> (depends on ownership boundaries).<\/li>\n
                                          4. Edge services (CDN\/WAF\/DDoS)<\/strong>\n – Use: Protecting and accelerating customer traffic, reducing attack surface.\n – Importance: Important<\/strong> for internet-facing SaaS.<\/li>\n
                                          5. Configuration management & automation<\/strong> (Ansible, etc.)\n – Use: Standardization, patching automation, fleet management (where applicable).\n – Importance: Optional<\/strong> (context-specific).<\/li>\n
                                          6. Windows\/enterprise endpoint and corporate IT systems<\/strong>\n – Use: If infrastructure org also owns corporate systems\/identity.\n – Importance: Optional<\/strong> (context-specific).<\/li>\n<\/ol>\n\n\n\n

                                            Advanced or expert-level technical skills<\/h3>\n\n\n\n
                                              \n
                                            1. Architecture for multi-region resilience<\/strong>\n – Use: DR design, active-active\/active-passive strategies, data replication trade-offs.\n – Importance: Important<\/strong> (Critical for high-availability products).<\/li>\n
                                            2. Performance engineering and capacity modeling<\/strong>\n – Use: Predicting resource needs; managing scaling policies; preventing saturation incidents.\n – Importance: Important<\/strong>.<\/li>\n
                                            3. Security architecture & zero trust patterns<\/strong>\n – Use: Privileged access management, network segmentation, policy-as-code, secure service identity.\n – Importance: Important<\/strong>.<\/li>\n
                                            4. FinOps and cloud economics<\/strong>\n – Use: Commitment planning, allocation models, unit cost KPIs, optimization governance.\n – Importance: Important<\/strong>.<\/li>\n
                                            5. Large-scale incident leadership<\/strong>\n – Use: Coordinating complex outages with many teams; running comms and decision-making.\n – Importance: Critical<\/strong> at scale.<\/li>\n<\/ol>\n\n\n\n

                                              Emerging future skills for this role (2\u20135 years)<\/h3>\n\n\n\n
                                                \n
                                              1. Policy-as-code and automated compliance<\/strong>\n – Use: Continuous control monitoring, drift detection, automated evidence capture.\n – Importance: Important<\/strong>.<\/li>\n
                                              2. Internal developer platforms (IDPs) and \u201cplatform as product\u201d<\/strong>\n – Use: Golden paths, self-service, developer portals, standardized runtime templates.\n – Importance: Important<\/strong>.<\/li>\n
                                              3. AI-assisted operations (AIOps)<\/strong>\n – Use: Alert correlation, anomaly detection, incident summarization, faster diagnosis.\n – Importance: Optional<\/strong> today; trending Important<\/strong>.<\/li>\n
                                              4. Confidential computing and advanced data protection<\/strong>\n – Use: High-sensitivity workloads and stronger isolation guarantees.\n – Importance: Optional<\/strong> (context-specific).<\/li>\n
                                              5. Sustainability-aware infrastructure optimization<\/strong>\n – Use: Efficiency initiatives that consider energy\/carbon signals (where required).\n – Importance: Optional<\/strong>.<\/li>\n<\/ol>\n\n\n\n
                                                \n\n\n\n

                                                9) Soft Skills and Behavioral Capabilities<\/h2>\n\n\n\n
                                                  \n
                                                1. Executive communication and narrative building<\/strong>\n – Why it matters: Infrastructure requires investment and trade-offs; leaders must understand risk, cost, and timelines.\n – Shows up as: Clear status updates, crisp incident briefings, roadmap proposals with ROI.\n – Strong performance: Can explain technical risk in business terms; sets expectations without alarmism.<\/li>\n
                                                2. Prioritization under constraints<\/strong>\n – Why it matters: Infrastructure backlogs are always larger than capacity; misprioritization creates outages or waste.\n – Shows up as: Balancing feature delivery enablement with reliability\/security work.\n – Strong performance: Uses frameworks (risk\/ROI\/SLOs) and can say \u201cno\u201d with rationale.<\/li>\n
                                                3. Systems thinking<\/strong>\n – Why it matters: Failures often involve multiple interacting components (people\/process\/tech).\n – Shows up as: Root cause prevention, dependency mapping, eliminating systemic toil.\n – Strong performance: Fixes classes of problems, not one-off symptoms.<\/li>\n
                                                4. Calm leadership in high-severity incidents<\/strong>\n – Why it matters: Outages create urgency and noise; poor leadership increases downtime.\n – Shows up as: Incident command, decision clarity, communications discipline.\n – Strong performance: Maintains structure, protects teams from chaos, drives fast restoration.<\/li>\n
                                                5. Stakeholder management and influence<\/strong>\n – Why it matters: Infrastructure teams rarely \u201cown\u201d all dependent services; outcomes depend on influence.\n – Shows up as: Aligning engineering teams on standards, adoption, and shared ownership.\n – Strong performance: Builds trust, negotiates boundaries, resolves conflicts pragmatically.<\/li>\n
                                                6. Talent development and coaching<\/strong>\n – Why it matters: Reliability is a team sport; strong leaders build strong leaders.\n – Shows up as: Clear expectations, mentoring managers, leveling and progression.\n – Strong performance: Improves team capability over time; reduces key-person risk.<\/li>\n
                                                7. Operational discipline and follow-through<\/strong>\n – Why it matters: Postmortems and roadmaps fail without execution rigor.\n – Shows up as: Action tracking, validating fixes, ensuring runbooks stay current.\n – Strong performance: Measurable reductions in recurring incidents and toil.<\/li>\n
                                                8. Product mindset for platforms<\/strong>\n – Why it matters: Internal platforms succeed when treated as products with users and adoption.\n – Shows up as: Roadmaps tied to developer outcomes; documentation; feedback loops.\n – Strong performance: Platform adoption rises and engineering satisfaction improves.<\/li>\n
                                                9. Financial acumen<\/strong>\n – Why it matters: Cloud and tooling spend can materially impact gross margin and runway.\n – Shows up as: Forecasting, unit cost metrics, vendor negotiations, ROI cases.\n – Strong performance: Reduces waste while preserving reliability and velocity.<\/li>\n
                                                10. Integrity and risk stewardship<\/strong>\n – Why it matters: Infrastructure leaders handle privileged access, sensitive incidents, and audit commitments.\n – Shows up as: Transparent reporting, adherence to controls, responsible decision-making.\n – Strong performance: No hidden risks; credible and trusted by Security and executives.<\/li>\n<\/ol>\n\n\n\n
                                                  \n\n\n\n

                                                  10) Tools, Platforms, and Software<\/h2>\n\n\n\n
                                                  \n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n
                                                  Category<\/th>\nTool \/ platform \/ software<\/th>\nPrimary use<\/th>\nCommon \/ Optional \/ Context-specific<\/th>\n<\/tr>\n<\/thead>\n
                                                  Cloud platforms<\/td>\nAWS<\/td>\nCore compute\/storage\/networking managed services<\/td>\nCommon<\/td>\n<\/tr>\n
                                                  Cloud platforms<\/td>\nMicrosoft Azure<\/td>\nAlternative core cloud platform<\/td>\nCommon<\/td>\n<\/tr>\n
                                                  Cloud platforms<\/td>\nGoogle Cloud Platform (GCP)<\/td>\nAlternative core cloud platform<\/td>\nCommon<\/td>\n<\/tr>\n
                                                  Container \/ orchestration<\/td>\nKubernetes (EKS\/AKS\/GKE)<\/td>\nContainer orchestration platform<\/td>\nCommon<\/td>\n<\/tr>\n
                                                  Container \/ orchestration<\/td>\nHelm \/ Kustomize<\/td>\nKubernetes packaging and configuration<\/td>\nCommon<\/td>\n<\/tr>\n
                                                  Container \/ orchestration<\/td>\nDocker<\/td>\nContainer build\/runtime basics<\/td>\nCommon<\/td>\n<\/tr>\n
                                                  IaC \/ provisioning<\/td>\nTerraform<\/td>\nInfrastructure provisioning and modules<\/td>\nCommon<\/td>\n<\/tr>\n
                                                  IaC \/ provisioning<\/td>\nCloudFormation \/ CDK \/ Bicep<\/td>\nCloud-native IaC alternatives<\/td>\nContext-specific<\/td>\n<\/tr>\n
                                                  Config management<\/td>\nAnsible<\/td>\nConfiguration automation for servers<\/td>\nOptional<\/td>\n<\/tr>\n
                                                  CI\/CD<\/td>\nGitHub Actions<\/td>\nCI workflows and automation<\/td>\nCommon<\/td>\n<\/tr>\n
                                                  CI\/CD<\/td>\nGitLab CI<\/td>\nCI\/CD pipelines and runners<\/td>\nCommon<\/td>\n<\/tr>\n
                                                  CI\/CD<\/td>\nJenkins<\/td>\nCI orchestration (legacy\/common)<\/td>\nContext-specific<\/td>\n<\/tr>\n
                                                  Source control<\/td>\nGitHub \/ GitLab<\/td>\nVersion control and reviews<\/td>\nCommon<\/td>\n<\/tr>\n
                                                  Observability<\/td>\nDatadog<\/td>\nMetrics, traces, logs, dashboards<\/td>\nCommon<\/td>\n<\/tr>\n
                                                  Observability<\/td>\nPrometheus + Grafana<\/td>\nMetrics collection and visualization<\/td>\nCommon<\/td>\n<\/tr>\n
                                                  Observability<\/td>\nELK\/Elastic Stack<\/td>\nLogging and search<\/td>\nContext-specific<\/td>\n<\/tr>\n
                                                  Observability<\/td>\nSplunk<\/td>\nCentralized logging\/security analytics<\/td>\nContext-specific<\/td>\n<\/tr>\n
                                                  Alerting \/ on-call<\/td>\nPagerDuty<\/td>\nOn-call schedules, escalation, incident response<\/td>\nCommon<\/td>\n<\/tr>\n
                                                  Alerting \/ on-call<\/td>\nOpsgenie<\/td>\nAlternative on-call\/alerting<\/td>\nOptional<\/td>\n<\/tr>\n
                                                  Incident collaboration<\/td>\nSlack \/ Microsoft Teams<\/td>\nIncident coordination and comms<\/td>\nCommon<\/td>\n<\/tr>\n
                                                  ITSM<\/td>\nServiceNow<\/td>\nIncident\/change\/problem workflows, CMDB<\/td>\nContext-specific (common in enterprise)<\/td>\n<\/tr>\n
                                                  ITSM<\/td>\nJira Service Management<\/td>\nITSM-lite ticketing and workflows<\/td>\nCommon<\/td>\n<\/tr>\n
                                                  Project management<\/td>\nJira<\/td>\nPlanning, delivery tracking<\/td>\nCommon<\/td>\n<\/tr>\n
                                                  Documentation<\/td>\nConfluence \/ Notion<\/td>\nRunbooks, standards, internal docs<\/td>\nCommon<\/td>\n<\/tr>\n
                                                  Security (IAM\/SSO)<\/td>\nOkta \/ Entra ID<\/td>\nSSO, identity governance<\/td>\nCommon<\/td>\n<\/tr>\n
                                                  Security (secrets)<\/td>\nHashiCorp Vault<\/td>\nSecrets management<\/td>\nCommon<\/td>\n<\/tr>\n
                                                  Security (cloud native)<\/td>\nAWS KMS \/ Azure Key Vault \/ GCP KMS<\/td>\nKeys, secrets, encryption primitives<\/td>\nCommon<\/td>\n<\/tr>\n
                                                  Security (policy-as-code)<\/td>\nOpen Policy Agent (OPA) \/ Gatekeeper<\/td>\nPolicy enforcement for K8s and more<\/td>\nOptional<\/td>\n<\/tr>\n
                                                  Security posture<\/td>\nWiz \/ Prisma Cloud<\/td>\nCloud security posture management<\/td>\nContext-specific<\/td>\n<\/tr>\n
                                                  Networking\/edge<\/td>\nCloudflare<\/td>\nCDN, WAF, DDoS protection<\/td>\nCommon<\/td>\n<\/tr>\n
                                                  Networking\/edge<\/td>\nAWS CloudFront \/ Azure Front Door<\/td>\nCDN\/edge routing<\/td>\nCommon<\/td>\n<\/tr>\n
                                                  Cost management<\/td>\nCloudHealth \/ Apptio Cloudability<\/td>\nFinOps dashboards and governance<\/td>\nContext-specific<\/td>\n<\/tr>\n
                                                  Cost management<\/td>\nNative cloud cost tools<\/td>\nCost allocation, budgets, recommendations<\/td>\nCommon<\/td>\n<\/tr>\n
                                                  Automation\/scripting<\/td>\nPython<\/td>\nAutomation, tooling, integrations<\/td>\nCommon<\/td>\n<\/tr>\n
                                                  Automation\/scripting<\/td>\nBash<\/td>\nScripting and ops automation<\/td>\nCommon<\/td>\n<\/tr>\n
                                                  Artifact management<\/td>\nArtifactory \/ Nexus<\/td>\nArtifact storage, dependency proxy<\/td>\nContext-specific<\/td>\n<\/tr>\n
                                                  Compliance evidence<\/td>\nDrata \/ Vanta<\/td>\nAutomated audit evidence collection<\/td>\nContext-specific<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n
                                                  \n\n\n\n

                                                  11) Typical Tech Stack \/ Environment<\/h2>\n\n\n\n

                                                  Infrastructure environment<\/h3>\n\n\n\n
                                                    \n
                                                  • Predominantly cloud-hosted (AWS\/Azure\/GCP), often multi-account\/subscription with a landing zone design.<\/li>\n
                                                  • Mix of managed services (databases, queues, caches) and containerized workloads on Kubernetes.<\/li>\n
                                                  • Mature organizations may operate multi-region architectures, with tiered recoverability and explicit DR patterns.<\/li>\n
                                                  • Connectivity includes private networking, VPN\/zero-trust access, and secure connectivity for internal systems.<\/li>\n<\/ul>\n\n\n\n

                                                    Application environment<\/h3>\n\n\n\n
                                                      \n
                                                    • Microservices and APIs (common), with some monolith components in many real companies.<\/li>\n
                                                    • Service-to-service traffic managed through ingress controllers, API gateways, and sometimes a service mesh.<\/li>\n
                                                    • Deployment patterns include rolling deployments, canaries, blue\/green, feature flags (ownership may be shared).<\/li>\n<\/ul>\n\n\n\n

                                                      Data environment<\/h3>\n\n\n\n
                                                        \n
                                                      • Data stores may include managed relational databases, managed NoSQL, object storage, and streaming systems.<\/li>\n
                                                      • The Head of Infrastructure often partners with Data Engineering rather than owning all data systems, but infrastructure must support data reliability, backups, and access controls.<\/li>\n<\/ul>\n\n\n\n

                                                        Security environment<\/h3>\n\n\n\n
                                                          \n
                                                        • SSO integrated with IAM; least privilege and role-based access patterns.<\/li>\n
                                                        • Centralized secrets management; encryption in transit and at rest.<\/li>\n
                                                        • Vulnerability scanning integrated into CI and runtime environments; logging and monitoring aligned to security detection needs.<\/li>\n<\/ul>\n\n\n\n

                                                          Delivery model<\/h3>\n\n\n\n
                                                            \n
                                                          • Platform and infrastructure delivered as products: self-service modules, templates, golden paths, and internal documentation.<\/li>\n
                                                          • \u201cYou build it, you run it\u201d is common, but platform teams provide paved roads and operational guardrails.<\/li>\n
                                                          • Ownership model typically includes shared responsibility for reliability: product teams own services; infrastructure\/SRE owns platform layers and incident leadership support.<\/li>\n<\/ul>\n\n\n\n

                                                            Agile or SDLC context<\/h3>\n\n\n\n
                                                              \n
                                                            • Quarterly planning with rolling prioritization; infrastructure work must be visible and justified with business outcomes.<\/li>\n
                                                            • Infrastructure changes treated as code: PR reviews, automated tests, staged rollouts.<\/li>\n
                                                            • Operational readiness reviews for high-risk changes (context-specific).<\/li>\n<\/ul>\n\n\n\n

                                                              Scale or complexity context<\/h3>\n\n\n\n
                                                                \n
                                                              • Complexity increases with: customer growth, global footprint, compliance requirements, and a growing microservices ecosystem.<\/li>\n
                                                              • The role is designed for a mid-size to enterprise SaaS or IT organization where uptime and security are material.<\/li>\n<\/ul>\n\n\n\n

                                                                Team topology<\/h3>\n\n\n\n
                                                                  \n
                                                                • Typical org components under this role (varies by company):<\/li>\n
                                                                • Cloud Platform \/ Platform Engineering<\/li>\n
                                                                • SRE \/ Production Engineering (sometimes a peer org)<\/li>\n
                                                                • Network\/Edge Engineering<\/li>\n
                                                                • Observability Engineering<\/li>\n
                                                                • Infrastructure Security Engineering (sometimes in Security org)<\/li>\n
                                                                • Corporate Infrastructure \/ IAM Operations (context-specific)<\/li>\n
                                                                • FinOps (often dotted line to Finance)<\/li>\n<\/ul>\n\n\n\n
                                                                  \n\n\n\n

                                                                  12) Stakeholders and Collaboration Map<\/h2>\n\n\n\n

                                                                  Internal stakeholders<\/h3>\n\n\n\n
                                                                    \n
                                                                  • CTO \/ VP Engineering (typical manager):<\/strong> Align on strategy, budgets, platform roadmap, reliability posture, and risk.<\/li>\n
                                                                  • Engineering Directors\/Managers (Product Engineering):<\/strong> Platform adoption, operational responsibilities, incident coordination, delivery enablement.<\/li>\n
                                                                  • Security leadership (CISO \/ Head of Security, AppSec, SecOps, GRC):<\/strong> Controls, risk management, vulnerability response, audit readiness, incident response.<\/li>\n
                                                                  • Enterprise Architecture (if present):<\/strong> Alignment on standards, target state, and technology choices.<\/li>\n
                                                                  • Finance \/ FP&A:<\/strong> Budgeting, forecasting, unit economics, commitment planning (Reserved Instances\/Savings Plans).<\/li>\n
                                                                  • Procurement \/ Vendor Management:<\/strong> Tool selection, negotiations, renewals, risk assessments.<\/li>\n
                                                                  • Customer Support \/ Customer Success:<\/strong> Incident communications, customer impact analysis, post-incident follow-ups.<\/li>\n
                                                                  • IT \/ Corporate Systems:<\/strong> Identity, endpoints, SaaS app management (if scope overlaps).<\/li>\n
                                                                  • Legal \/ Privacy (context-specific):<\/strong> Data residency, vendor contracts, breach readiness.<\/li>\n<\/ul>\n\n\n\n

                                                                    External stakeholders (as applicable)<\/h3>\n\n\n\n
                                                                      \n
                                                                    • Cloud providers and critical vendors:<\/strong> Support escalations, roadmap influence, incident coordination, architectural guidance.<\/li>\n
                                                                    • Audit firms \/ compliance assessors:<\/strong> Evidence review, control testing, remediation follow-up.<\/li>\n
                                                                    • Key customers (enterprise):<\/strong> Reliability reviews, security questionnaires, major incident communications (typically via Success\/Support).<\/li>\n<\/ul>\n\n\n\n

                                                                      Peer roles<\/h3>\n\n\n\n
                                                                        \n
                                                                      • Head of SRE (if separate), Head of Security, Head of Engineering Productivity\/Developer Experience, Head of Data Platform, Head of IT, Head of Architecture.<\/li>\n<\/ul>\n\n\n\n

                                                                        Upstream dependencies<\/h3>\n\n\n\n
                                                                          \n
                                                                        • Product roadmap and growth forecasts (traffic, regions, SLAs).<\/li>\n
                                                                        • Security policies and risk appetite statements.<\/li>\n
                                                                        • Financial constraints and margin targets.<\/li>\n
                                                                        • Customer contractual uptime\/SLA commitments.<\/li>\n<\/ul>\n\n\n\n

                                                                          Downstream consumers<\/h3>\n\n\n\n
                                                                            \n
                                                                          • Product engineering teams deploying services.<\/li>\n
                                                                          • Data engineering and analytics consumers.<\/li>\n
                                                                          • Security operations relying on logs\/telemetry.<\/li>\n
                                                                          • Support\/Success requiring status visibility and incident comms.<\/li>\n
                                                                          • Executives needing risk\/cost transparency.<\/li>\n<\/ul>\n\n\n\n

                                                                            Nature of collaboration<\/h3>\n\n\n\n
                                                                              \n
                                                                            • Predominantly partnership-driven with formal governance only where necessary (e.g., high-risk changes, audit controls).<\/li>\n
                                                                            • Successful collaboration relies on clear service boundaries, published standards, and pragmatic adoption paths.<\/li>\n<\/ul>\n\n\n\n

                                                                              Typical decision-making authority and escalation points<\/h3>\n\n\n\n
                                                                                \n
                                                                              • Infrastructure design standards: Head of Infrastructure proposes\/owns; Architecture\/CTO align on exceptions.<\/li>\n
                                                                              • Incidents: Incident Commander authority during active events; Head of Infrastructure accountable for process maturity and escalations.<\/li>\n
                                                                              • Budget and vendor decisions: Head of Infrastructure recommends; CTO\/Finance approve above thresholds.<\/li>\n
                                                                              • Security control decisions: joint ownership with Security; escalations to CTO\/CISO for risk acceptance.<\/li>\n<\/ul>\n\n\n\n
                                                                                \n\n\n\n

                                                                                13) Decision Rights and Scope of Authority<\/h2>\n\n\n\n

                                                                                Decisions this role can typically make independently<\/h3>\n\n\n\n
                                                                                  \n
                                                                                • Infrastructure team operating processes (on-call structure, runbook standards, postmortem formats).<\/li>\n
                                                                                • Tool configuration and standardization within existing approved portfolio.<\/li>\n
                                                                                • Prioritization of infrastructure backlog within an agreed roadmap and OKRs.<\/li>\n
                                                                                • Approval of routine infrastructure changes within risk policy.<\/li>\n
                                                                                • Hiring decisions for approved headcount within the infrastructure org (often with HR\/CTO alignment).<\/li>\n<\/ul>\n\n\n\n

                                                                                  Decisions requiring team approval (or architecture review)<\/h3>\n\n\n\n
                                                                                    \n
                                                                                  • Introduction of major new platform components (e.g., new service mesh, new observability stack).<\/li>\n
                                                                                  • Breaking changes to shared infrastructure APIs or golden paths.<\/li>\n
                                                                                  • Standard module interfaces and versioning policies.<\/li>\n
                                                                                  • Decommissioning widely used services and migration timelines.<\/li>\n<\/ul>\n\n\n\n

                                                                                    Decisions requiring manager\/executive approval (CTO\/VP Eng, Finance, CISO as applicable)<\/h3>\n\n\n\n
                                                                                      \n
                                                                                    • Annual budget and significant unplanned spend increases.<\/li>\n
                                                                                    • Vendor selection\/renewals above approval thresholds; multi-year commitments.<\/li>\n
                                                                                    • Major architectural shifts (e.g., single-to-multi-region, cloud provider changes, large re-platforming).<\/li>\n
                                                                                    • Risk acceptance decisions that materially affect compliance, customer SLAs, or security posture.<\/li>\n
                                                                                    • Major org changes (team splits\/merges, reassigning ownership across orgs).<\/li>\n<\/ul>\n\n\n\n

                                                                                      Budget authority (typical)<\/h3>\n\n\n\n
                                                                                        \n
                                                                                      • Owns cloud infrastructure and tooling budgets with accountability for forecasting and variance management.<\/li>\n
                                                                                      • Can approve discretionary spend up to a defined threshold (varies by company).<\/li>\n
                                                                                      • Partners with Finance for commitment purchases and capitalization policy (where applicable).<\/li>\n<\/ul>\n\n\n\n

                                                                                        Architecture authority<\/h3>\n\n\n\n
                                                                                          \n
                                                                                        • Owns infrastructure reference architectures and required controls.<\/li>\n
                                                                                        • Can enforce baseline standards; exceptions managed via a documented exception process with time-bound remediation.<\/li>\n<\/ul>\n\n\n\n

                                                                                          Vendor authority<\/h3>\n\n\n\n
                                                                                            \n
                                                                                          • Leads evaluations, proofs-of-concept, total cost of ownership analysis, and vendor scorecards.<\/li>\n
                                                                                          • Owns ongoing vendor performance management and escalation.<\/li>\n<\/ul>\n\n\n\n

                                                                                            Delivery authority<\/h3>\n\n\n\n
                                                                                              \n
                                                                                            • Accountable for delivering infrastructure roadmap outcomes; may gate high-risk launches via operational readiness criteria.<\/li>\n<\/ul>\n\n\n\n

                                                                                              Hiring and organizational authority<\/h3>\n\n\n\n
                                                                                                \n
                                                                                              • Designs team structure, roles, leveling expectations, and hiring profiles.<\/li>\n
                                                                                              • Accountable for on-call sustainability and staffing to meet uptime objectives.<\/li>\n<\/ul>\n\n\n\n
                                                                                                \n\n\n\n

                                                                                                14) Required Experience and Qualifications<\/h2>\n\n\n\n

                                                                                                Typical years of experience<\/h3>\n\n\n\n
                                                                                                  \n
                                                                                                • 12\u201318+ years<\/strong> in infrastructure engineering, SRE, platform engineering, or operations in software\/IT organizations.<\/li>\n
                                                                                                • 5\u201310+ years<\/strong> in people leadership (managing managers strongly preferred for \u201cHead\u201d scope).<\/li>\n<\/ul>\n\n\n\n

                                                                                                  Education expectations<\/h3>\n\n\n\n
                                                                                                    \n
                                                                                                  • Bachelor\u2019s degree in Computer Science, Engineering, or related field is common. <\/li>\n
                                                                                                  • Equivalent practical experience is often acceptable in software infrastructure leadership.<\/li>\n<\/ul>\n\n\n\n

                                                                                                    Certifications (relevant but not mandatory)<\/h3>\n\n\n\n

                                                                                                    Labeling: Optional unless specified by company policy<\/strong>.\n– Common\/Optional:<\/strong> AWS Solutions Architect Professional, Azure Solutions Architect Expert, GCP Professional Cloud Architect\n– Optional:<\/strong> Kubernetes certifications (CKA\/CKAD\/CKS) for K8s-heavy environments\n– Optional:<\/strong> ITIL Foundation (useful in ITSM-heavy enterprises)\n– Context-specific:<\/strong> Security certifications (CISSP) if infrastructure leadership also covers significant security scope<\/p>\n\n\n\n

                                                                                                    Prior role backgrounds commonly seen<\/h3>\n\n\n\n
                                                                                                      \n
                                                                                                    • Infrastructure Engineering Manager \/ Director<\/li>\n
                                                                                                    • SRE Manager \/ Director (or Production Engineering leader)<\/li>\n
                                                                                                    • Platform Engineering leader<\/li>\n
                                                                                                    • Senior Cloud Architect with leadership progression<\/li>\n
                                                                                                    • Network\/Systems Engineering leader (modern cloud context)<\/li>\n
                                                                                                    • DevOps leader in organizations where \u201cDevOps\u201d functionally covers platform and operations<\/li>\n<\/ul>\n\n\n\n

                                                                                                      Domain knowledge expectations<\/h3>\n\n\n\n
                                                                                                        \n
                                                                                                      • SaaS reliability and production operations practices<\/li>\n
                                                                                                      • Cloud security and shared responsibility models<\/li>\n
                                                                                                      • Compliance-adjacent knowledge sufficient to partner with GRC (controls, evidence, audit cadence)<\/li>\n
                                                                                                      • Vendor and cost management in cloud environments<\/li>\n<\/ul>\n\n\n\n

                                                                                                        Leadership experience expectations<\/h3>\n\n\n\n
                                                                                                          \n
                                                                                                        • Leading multi-team organizations with mixed disciplines (cloud, SRE, network, observability, tooling).<\/li>\n
                                                                                                        • Operating in 24\/7 environments with mature incident response.<\/li>\n
                                                                                                        • Demonstrated ability to influence peer engineering leaders and create adoption of standards.<\/li>\n
                                                                                                        • Experience managing budgets, forecasts, and vendor relationships.<\/li>\n<\/ul>\n\n\n\n
                                                                                                          \n\n\n\n

                                                                                                          15) Career Path and Progression<\/h2>\n\n\n\n

                                                                                                          Common feeder roles into Head of Infrastructure<\/h3>\n\n\n\n
                                                                                                            \n
                                                                                                          • Director of Infrastructure \/ Director of Platform Engineering<\/li>\n
                                                                                                          • Head\/Director of SRE or Production Engineering<\/li>\n
                                                                                                          • Senior Engineering Manager (Infrastructure\/Platform)<\/li>\n
                                                                                                          • Principal\/Lead Cloud Architect with strong people leadership trajectory (less common but possible)<\/li>\n<\/ul>\n\n\n\n

                                                                                                            Next likely roles after this role<\/h3>\n\n\n\n
                                                                                                              \n
                                                                                                            • VP Infrastructure \/ VP Platform Engineering<\/strong> (larger orgs)<\/li>\n
                                                                                                            • VP Engineering<\/strong> (broader scope including product engineering)<\/li>\n
                                                                                                            • CTO<\/strong> (especially in infrastructure-heavy or B2B enterprise contexts)<\/li>\n
                                                                                                            • Chief Reliability Officer \/ Head of Technology Operations<\/strong> (rare, larger orgs)<\/li>\n<\/ul>\n\n\n\n

                                                                                                              Adjacent career paths<\/h3>\n\n\n\n
                                                                                                                \n
                                                                                                              • Security leadership:<\/strong> Head of Cloud Security \/ Infrastructure Security (if strong security orientation)<\/li>\n
                                                                                                              • Enterprise Architecture leadership:<\/strong> Chief Architect \/ Head of Architecture (if architecture-heavy and governance-focused)<\/li>\n
                                                                                                              • Operations leadership:<\/strong> Head of SRE \/ Head of Operations (if incident and service management dominant)<\/li>\n
                                                                                                              • Engineering Productivity\/Developer Experience leadership:<\/strong> if platform is strongly developer-facing<\/li>\n<\/ul>\n\n\n\n

                                                                                                                Skills needed for promotion<\/h3>\n\n\n\n
                                                                                                                  \n
                                                                                                                • Proven track record delivering multi-quarter platform outcomes tied to business metrics.<\/li>\n
                                                                                                                • Strong executive presence and ability to manage cross-org strategy.<\/li>\n
                                                                                                                • Mature budget ownership and vendor portfolio optimization.<\/li>\n
                                                                                                                • Ability to build a leadership bench (managers of managers), not just a strong IC core.<\/li>\n
                                                                                                                • Demonstrated reliability improvements at scale (SLOs, DR readiness, reduced MTTR) and sustained cost control.<\/li>\n<\/ul>\n\n\n\n

                                                                                                                  How this role evolves over time<\/h3>\n\n\n\n
                                                                                                                    \n
                                                                                                                  • Early phase: heavy stabilization, incident reduction, standardization, and foundational platform builds.<\/li>\n
                                                                                                                  • Mid phase: platform as product, self-service expansion, SLO and cost governance maturity.<\/li>\n
                                                                                                                  • Mature phase: strategic differentiation, multi-region expansion, compliance automation, and continuous optimization with strong internal SLAs.<\/li>\n<\/ul>\n\n\n\n
                                                                                                                    \n\n\n\n

                                                                                                                    16) Risks, Challenges, and Failure Modes<\/h2>\n\n\n\n

                                                                                                                    Common role challenges<\/h3>\n\n\n\n
                                                                                                                      \n
                                                                                                                    • Competing priorities:<\/strong> Product delivery pressure vs reliability\/security investments.<\/li>\n
                                                                                                                    • Inherited complexity:<\/strong> Legacy infrastructure, inconsistent standards, and fragmented tooling.<\/li>\n
                                                                                                                    • Ambiguous ownership:<\/strong> Unclear lines between product teams, SRE, and infrastructure leading to gaps.<\/li>\n
                                                                                                                    • Scale inflection points:<\/strong> Rapid growth causing capacity, cost, and operational maturity gaps.<\/li>\n
                                                                                                                    • Cultural resistance:<\/strong> Teams avoiding standardization due to perceived loss of autonomy.<\/li>\n<\/ul>\n\n\n\n

                                                                                                                      Bottlenecks<\/h3>\n\n\n\n
                                                                                                                        \n
                                                                                                                      • Manual access provisioning and poor IAM hygiene leading to slow delivery and audit risk.<\/li>\n
                                                                                                                      • Noisy alerting and immature observability causing slow detection and high on-call load.<\/li>\n
                                                                                                                      • Lack of standardized IaC modules causing drift and inconsistent environments.<\/li>\n
                                                                                                                      • Unowned dependencies (shared clusters, shared accounts, unmanaged vendor services).<\/li>\n<\/ul>\n\n\n\n

                                                                                                                        Anti-patterns<\/h3>\n\n\n\n
                                                                                                                          \n
                                                                                                                        • Hero culture:<\/strong> Reliance on a few experts to keep production alive.<\/li>\n
                                                                                                                        • Big-bang migrations:<\/strong> High-risk replatforming without incremental milestones or rollback.<\/li>\n
                                                                                                                        • Tool sprawl:<\/strong> Too many overlapping observability\/CI\/security tools increasing cost and complexity.<\/li>\n
                                                                                                                        • Ticket-driven platform:<\/strong> Platform team becomes a bottleneck instead of enabling self-service.<\/li>\n
                                                                                                                        • Over-governance:<\/strong> Heavy change processes that slow delivery without improving safety.<\/li>\n<\/ul>\n\n\n\n

                                                                                                                          Common reasons for underperformance<\/h3>\n\n\n\n
                                                                                                                            \n
                                                                                                                          • Treating infrastructure as a back-office function rather than a product enabler.<\/li>\n
                                                                                                                          • Inability to articulate ROI or risk trade-offs to executives, leading to underinvestment.<\/li>\n
                                                                                                                          • Weak incident leadership and lack of follow-through on corrective actions.<\/li>\n
                                                                                                                          • Poor stakeholder management resulting in low adoption of standards.<\/li>\n
                                                                                                                          • Neglecting team health (burnout, attrition) and failing to build leadership depth.<\/li>\n<\/ul>\n\n\n\n

                                                                                                                            Business risks if this role is ineffective<\/h3>\n\n\n\n
                                                                                                                              \n
                                                                                                                            • Increased outages, SLA breaches, customer churn, and reputational damage.<\/li>\n
                                                                                                                            • Material security incidents due to poor IAM, secrets handling, and weak detection.<\/li>\n
                                                                                                                            • Cloud spend grows faster than revenue, compressing margins or shortening runway.<\/li>\n
                                                                                                                            • Inability to pass customer security reviews or audits, slowing enterprise sales.<\/li>\n
                                                                                                                            • Slow product delivery due to unreliable CI\/platform friction and operational chaos.<\/li>\n<\/ul>\n\n\n\n
                                                                                                                              \n\n\n\n

                                                                                                                              17) Role Variants<\/h2>\n\n\n\n

                                                                                                                              By company size<\/h3>\n\n\n\n
                                                                                                                                \n
                                                                                                                              • Startup (Series A\u2013B):<\/strong> <\/li>\n
                                                                                                                              • Scope often includes hands-on architecture and direct contribution; team may be small (2\u20138). <\/li>\n
                                                                                                                              • Focus: stabilize production, establish IaC, baseline monitoring, pragmatic security controls, cost visibility.<\/li>\n
                                                                                                                              • Mid-size (Series C\u2013D \/ scaling SaaS):<\/strong> <\/li>\n
                                                                                                                              • Leads multiple teams; formalizes SRE, DR, and platform self-service. <\/li>\n
                                                                                                                              • Focus: scale reliability practices, multi-region planning, reduce toil, build developer platform.<\/li>\n
                                                                                                                              • Enterprise:<\/strong> <\/li>\n
                                                                                                                              • Manages managers and interfaces with enterprise architecture, GRC, procurement, and formal ITSM. <\/li>\n
                                                                                                                              • Focus: compliance automation, vendor governance, standardized enterprise platforms, complex stakeholder landscape.<\/li>\n<\/ul>\n\n\n\n

                                                                                                                                By industry<\/h3>\n\n\n\n
                                                                                                                                  \n
                                                                                                                                • B2B SaaS (general):<\/strong> Strong emphasis on uptime, customer trust, and enterprise security reviews. <\/li>\n
                                                                                                                                • Fintech\/Payments:<\/strong> Higher bar for resiliency, auditability, and security controls; tighter change governance. <\/li>\n
                                                                                                                                • Healthcare:<\/strong> Strong compliance and privacy controls; DR and access governance are critical. <\/li>\n
                                                                                                                                • Consumer internet:<\/strong> Performance, scale, and cost efficiency at high traffic volumes; edge optimization and incident rigor.<\/li>\n<\/ul>\n\n\n\n

                                                                                                                                  By geography<\/h3>\n\n\n\n
                                                                                                                                    \n
                                                                                                                                  • Single-region customer base:<\/strong> DR may be simpler; focus on stability and cost. <\/li>\n
                                                                                                                                  • Global footprint:<\/strong> Multi-region strategy, latency management, data residency, and follow-the-sun incident response become more important. <\/li>\n
                                                                                                                                  • Region-specific regulations:<\/strong> Data residency and encryption standards may drive architecture and vendor selection.<\/li>\n<\/ul>\n\n\n\n

                                                                                                                                    Product-led vs service-led company<\/h3>\n\n\n\n
                                                                                                                                      \n
                                                                                                                                    • Product-led:<\/strong> Infrastructure optimized for rapid iteration, self-service, and standardized runtime paths. <\/li>\n
                                                                                                                                    • Service-led \/ IT services:<\/strong> May emphasize client-specific environments, stricter project management, and SLAs; more variation management and isolation patterns.<\/li>\n<\/ul>\n\n\n\n

                                                                                                                                      Startup vs enterprise operating model<\/h3>\n\n\n\n
                                                                                                                                        \n
                                                                                                                                      • Startup:<\/strong> Faster decisions, fewer controls, more direct ownership. <\/li>\n
                                                                                                                                      • Enterprise:<\/strong> More governance and compliance, greater vendor and process complexity, larger-scale cost optimization.<\/li>\n<\/ul>\n\n\n\n

                                                                                                                                        Regulated vs non-regulated environment<\/h3>\n\n\n\n
                                                                                                                                          \n
                                                                                                                                        • Regulated:<\/strong> Formal control mapping, evidence retention, access reviews, change records, DR testing cadence. <\/li>\n
                                                                                                                                        • Non-regulated:<\/strong> More flexibility, but enterprise customers may still demand SOC2-like practices.<\/li>\n<\/ul>\n\n\n\n
                                                                                                                                          \n\n\n\n

                                                                                                                                          18) AI \/ Automation Impact on the Role<\/h2>\n\n\n\n

                                                                                                                                          Tasks that can be automated (increasingly)<\/h3>\n\n\n\n
                                                                                                                                            \n
                                                                                                                                          • Alert correlation and noise reduction:<\/strong> AIOps can cluster events, suppress duplicates, and suggest likely root causes.<\/li>\n
                                                                                                                                          • Incident summarization:<\/strong> Automated timelines, impact analysis drafts, and customer-facing status updates (with human review).<\/li>\n
                                                                                                                                          • Infrastructure drift detection and remediation:<\/strong> Continuous validation of IaC vs runtime with automated rollback\/repair patterns.<\/li>\n
                                                                                                                                          • Cost anomaly detection and optimization recommendations:<\/strong> Automated detection of spend spikes, idle resources, and commitment planning suggestions.<\/li>\n
                                                                                                                                          • Automated compliance checks:<\/strong> Policy-as-code enforcement and continuous control monitoring for encryption, logging, IAM constraints.<\/li>\n
                                                                                                                                          • Runbook automation:<\/strong> Self-healing actions triggered by known failure patterns (restart loops, failovers, scaling actions).<\/li>\n<\/ul>\n\n\n\n

                                                                                                                                            Tasks that remain human-critical<\/h3>\n\n\n\n
                                                                                                                                              \n
                                                                                                                                            • Strategy and trade-off decisions:<\/strong> Reliability vs cost vs delivery speed; selecting architectural direction and sequencing investments.<\/li>\n
                                                                                                                                            • Risk acceptance and governance:<\/strong> Determining when exceptions are justified and communicating impacts.<\/li>\n
                                                                                                                                            • Cross-functional influence and culture:<\/strong> Driving adoption, changing behaviors, and managing stakeholder expectations.<\/li>\n
                                                                                                                                            • High-stakes incident leadership:<\/strong> Humans remain accountable for decision-making under uncertainty and ensuring safe actions.<\/li>\n
                                                                                                                                            • Vendor and contract negotiation:<\/strong> Context, leverage, and relationship management remain critical.<\/li>\n<\/ul>\n\n\n\n

                                                                                                                                              How AI changes the role over the next 2\u20135 years<\/h3>\n\n\n\n
                                                                                                                                                \n
                                                                                                                                              • The Head of Infrastructure will be expected to adopt automation-first operations<\/strong>, reducing manual toil and raising the baseline for reliability.<\/li>\n
                                                                                                                                              • Increased emphasis on internal platform product management<\/strong>, as AI accelerates development and increases demand for fast, safe environments.<\/li>\n
                                                                                                                                              • More sophisticated capacity and performance forecasting<\/strong> using predictive analytics tied to product usage signals.<\/li>\n
                                                                                                                                              • Expanded responsibility for governance of AI-enabled operational actions<\/strong>, including guardrails and approval flows for automated changes.<\/li>\n<\/ul>\n\n\n\n

                                                                                                                                                New expectations caused by AI, automation, or platform shifts<\/h3>\n\n\n\n
                                                                                                                                                  \n
                                                                                                                                                • Establish policies for AI tooling in operations: data handling, audit logs, approval thresholds, and safe automation patterns.<\/li>\n
                                                                                                                                                • Build \u201cpaved roads\u201d that include AI-enabled workflows without creating uncontrolled change vectors.<\/li>\n
                                                                                                                                                • Demonstrate measurable reductions in toil and improved incident outcomes attributable to automation investments.<\/li>\n<\/ul>\n\n\n\n
                                                                                                                                                  \n\n\n\n

                                                                                                                                                  19) Hiring Evaluation Criteria<\/h2>\n\n\n\n

                                                                                                                                                  What to assess in interviews<\/h3>\n\n\n\n
                                                                                                                                                    \n
                                                                                                                                                  1. Infrastructure strategy and architecture judgment<\/strong>\n – Can the candidate define a target state that matches business needs?\n – Do they understand trade-offs: managed services vs self-managed, multi-region complexity, vendor lock-in, reliability vs cost?<\/li>\n
                                                                                                                                                  2. Reliability leadership<\/strong>\n – Depth in incident management, postmortems, SLOs, and operational maturity.\n – Evidence of reducing MTTR and recurring incidents through systemic fixes.<\/li>\n
                                                                                                                                                  3. Cloud and security competence<\/strong>\n – IAM and least privilege, secrets handling, encryption, logging, network segmentation.\n – Ability to partner with Security and meet compliance expectations pragmatically.<\/li>\n
                                                                                                                                                  4. Operating model and platform mindset<\/strong>\n – Experience building platform teams and self-service capabilities.\n – Clear thinking on ownership boundaries and reducing ticket-driven bottlenecks.<\/li>\n
                                                                                                                                                  5. FinOps and cost governance<\/strong>\n – Ability to build cost visibility, allocation, and optimization processes tied to unit economics.<\/li>\n
                                                                                                                                                  6. Leadership and org building<\/strong>\n – Managing managers, team health, hiring, coaching, and building a sustainable on-call model.<\/li>\n
                                                                                                                                                  7. Stakeholder influence<\/strong>\n – Proven ability to drive adoption across engineering orgs and align executives on investments.<\/li>\n<\/ol>\n\n\n\n

                                                                                                                                                    Practical exercises or case studies (recommended)<\/h3>\n\n\n\n
                                                                                                                                                      \n
                                                                                                                                                    1. Infrastructure maturity assessment case<\/strong>\n – Provide a short \u201ccompany brief\u201d (traffic growth, incident history, cloud spend trend, compliance needs).\n – Candidate produces a 90-day plan: top risks, quick wins, roadmap themes, KPIs, and operating model changes.<\/li>\n
                                                                                                                                                    2. Incident leadership simulation<\/strong>\n – Walk through a SEV-1 scenario: partial outage, unclear root cause, multiple teams involved.\n – Evaluate command structure, comms discipline, decision-making, and follow-up actions.<\/li>\n
                                                                                                                                                    3. Cost and reliability trade-off exercise<\/strong>\n – Present a cost spike and reliability risk; candidate proposes optimizations without degrading SLOs (or explains trade-offs).<\/li>\n
                                                                                                                                                    4. Architecture review<\/strong>\n – Candidate reviews a reference diagram (K8s + managed DB + CDN) and identifies failure points, security gaps, and DR improvements.<\/li>\n<\/ol>\n\n\n\n

                                                                                                                                                      Strong candidate signals<\/h3>\n\n\n\n
                                                                                                                                                        \n
                                                                                                                                                      • Clear examples of reliability improvements with measurable outcomes (MTTR reduction, fewer SEV-1s, improved SLO attainment).<\/li>\n
                                                                                                                                                      • Evidence of building self-service infrastructure capabilities and increasing platform adoption.<\/li>\n
                                                                                                                                                      • Mature, pragmatic security posture and strong partnership with Security\/GRC.<\/li>\n
                                                                                                                                                      • Demonstrated cost optimization tied to allocation and unit metrics (not just one-off savings).<\/li>\n
                                                                                                                                                      • Calm, structured incident leadership with strong communication patterns.<\/li>\n
                                                                                                                                                      • Strong org-building skills: hiring, leveling, developing managers, on-call sustainability.<\/li>\n<\/ul>\n\n\n\n

                                                                                                                                                        Weak candidate signals<\/h3>\n\n\n\n
                                                                                                                                                          \n
                                                                                                                                                        • Over-indexing on tools rather than outcomes; lacks a measurement framework.<\/li>\n
                                                                                                                                                        • Limited incident leadership experience; cannot articulate postmortem-driven improvement loops.<\/li>\n
                                                                                                                                                        • Treats security\/compliance as external constraints rather than integrated design requirements.<\/li>\n
                                                                                                                                                        • Cannot discuss cloud cost drivers or budgeting with confidence.<\/li>\n
                                                                                                                                                        • Excessive reliance on heroics or \u201cbest people fix it\u201d culture.<\/li>\n<\/ul>\n\n\n\n

                                                                                                                                                          Red flags<\/h3>\n\n\n\n
                                                                                                                                                            \n
                                                                                                                                                          • Blame-oriented incident culture; unwillingness to run blameless postmortems.<\/li>\n
                                                                                                                                                          • Dismissive attitude toward documentation, runbooks, or operational discipline.<\/li>\n
                                                                                                                                                          • Makes large architectural bets without migration strategy, milestones, and rollback plans.<\/li>\n
                                                                                                                                                          • Poor ethics around access controls or audit expectations (\u201cwe can just bypass it\u201d).<\/li>\n
                                                                                                                                                          • Chronic underinvestment in team health (unsustainable on-call as the norm).<\/li>\n<\/ul>\n\n\n\n

                                                                                                                                                            Scorecard dimensions (recommended)<\/h3>\n\n\n\n

                                                                                                                                                            Use a consistent 1\u20135 scale (1 = insufficient, 3 = meets, 5 = exceptional).<\/p>\n\n\n\n

                                                                                                                                                            \n\n\n\n\n\n\n\n\n\n\n\n\n
                                                                                                                                                            Dimension<\/th>\nWhat \u201cmeets\u201d looks like<\/th>\nWhat \u201cexceptional\u201d looks like<\/th>\n<\/tr>\n<\/thead>\n
                                                                                                                                                            Infrastructure strategy<\/td>\nCoherent roadmap aligned to growth<\/td>\nClear target state + sequencing + ROI\/risk narrative<\/td>\n<\/tr>\n
                                                                                                                                                            Reliability\/SRE<\/td>\nUnderstands SLOs and incident practice<\/td>\nProven track record transforming reliability outcomes<\/td>\n<\/tr>\n
                                                                                                                                                            Cloud architecture<\/td>\nSolid cloud fundamentals<\/td>\nDeep judgment on managed services, multi-region, scaling<\/td>\n<\/tr>\n
                                                                                                                                                            Security & compliance<\/td>\nPartners well; applies baseline controls<\/td>\nBuilds secure-by-default platforms and automates controls<\/td>\n<\/tr>\n
                                                                                                                                                            FinOps<\/td>\nCan allocate and optimize costs<\/td>\nTies cost to unit economics; drives sustained efficiency<\/td>\n<\/tr>\n
                                                                                                                                                            Platform engineering<\/td>\nEnables teams with standards<\/td>\nPlatform-as-product mindset; high adoption outcomes<\/td>\n<\/tr>\n
                                                                                                                                                            Leadership & org building<\/td>\nManages teams effectively<\/td>\nBuilds leaders, succession, sustainable on-call culture<\/td>\n<\/tr>\n
                                                                                                                                                            Communication<\/td>\nClear and structured updates<\/td>\nExecutive-ready narratives; strong influence across org<\/td>\n<\/tr>\n
                                                                                                                                                            Execution<\/td>\nDelivers planned outcomes<\/td>\nPredictable delivery, strong operational follow-through<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n
                                                                                                                                                            \n\n\n\n

                                                                                                                                                            20) Final Role Scorecard Summary<\/h2>\n\n\n\n
                                                                                                                                                            \n\n\n\n\n\n\n\n\n\n\n\n\n\n
                                                                                                                                                            Item<\/th>\nExecutive summary<\/th>\n<\/tr>\n<\/thead>\n
                                                                                                                                                            Role title<\/td>\nHead of Infrastructure<\/td>\n<\/tr>\n
                                                                                                                                                            Role purpose<\/td>\nLead infrastructure strategy, engineering, and operations to ensure secure, scalable, reliable, and cost-effective platforms that enable product delivery and protect customer experience.<\/td>\n<\/tr>\n
                                                                                                                                                            Top 10 responsibilities<\/td>\n1) Infrastructure strategy\/roadmap 2) Reference architectures\/standards 3) Reliability\/SLO program 4) Incident management maturity 5) IaC and automation 6) Observability platform ownership 7) DR and business continuity 8) Cloud cost governance\/FinOps 9) Security controls implementation with Security 10) Org leadership, hiring, and on-call sustainability<\/td>\n<\/tr>\n
                                                                                                                                                            Top 10 technical skills<\/td>\n1) Cloud architecture 2) SRE\/reliability engineering 3) IaC (Terraform etc.) 4) Observability design 5) Cloud networking 6) IAM\/secrets\/encryption fundamentals 7) Incident management systems 8) Kubernetes\/container platforms (common) 9) FinOps\/cloud economics 10) Multi-region resilience patterns<\/td>\n<\/tr>\n
                                                                                                                                                            Top 10 soft skills<\/td>\n1) Executive communication 2) Prioritization 3) Systems thinking 4) Calm incident leadership 5) Influence without authority 6) Talent development 7) Operational discipline 8) Platform product mindset 9) Financial acumen 10) Integrity and risk stewardship<\/td>\n<\/tr>\n
                                                                                                                                                            Top tools\/platforms<\/td>\nCloud (AWS\/Azure\/GCP), Kubernetes, Terraform, Datadog\/Prometheus\/Grafana, PagerDuty, GitHub\/GitLab, Jira, Confluence\/Notion, Vault\/KMS\/Key Vault, Cloudflare\/CDN\/WAF, ServiceNow\/Jira Service Management (context-specific)<\/td>\n<\/tr>\n
                                                                                                                                                            Top KPIs<\/td>\nTier-0 availability, MTTR\/MTTD, SLO attainment & error budget burn, change failure rate, incident recurrence rate, on-call load & actionable alert %, DR test pass rate & RTO\/RPO attainment, cloud cost variance to forecast, unit cost trend, platform adoption & developer satisfaction<\/td>\n<\/tr>\n
                                                                                                                                                            Main deliverables<\/td>\nInfrastructure strategy and roadmap; reference architectures; SLO framework; incident playbooks and postmortem program; DR plans and test evidence; IaC modules and golden paths; observability dashboards; cost allocation and unit economics reporting; security control implementation artifacts; vendor evaluation\/renewal packets; operating model and RACI documentation<\/td>\n<\/tr>\n
                                                                                                                                                            Main goals<\/td>\nStabilize production reliability; reduce incident recurrence and MTTR; mature DR; build self-service platform capabilities; implement strong cost governance; strengthen security posture and audit readiness; build a healthy infrastructure org with sustainable operations<\/td>\n<\/tr>\n
                                                                                                                                                            Career progression options<\/td>\nVP Platform\/Infrastructure; VP Engineering; CTO (context-dependent); Head of SRE\/Technology Operations; Head of Cloud Security\/Infrastructure Security (adjacent path)<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n","protected":false},"excerpt":{"rendered":"

                                                                                                                                                            The Head of Infrastructure is the senior leader accountable for the reliability, scalability, security, and cost-effectiveness of the company\u2019s production and corporate infrastructure platforms. This role establishes the infrastructure strategy and operating model, leads infrastructure engineering and operations teams, and ensures the infrastructure enables product delivery at the required performance and availability levels.<\/p>\n","protected":false},"author":61,"featured_media":0,"comment_status":"open","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"_joinchat":[],"footnotes":""},"categories":[24486,24483],"tags":[],"class_list":["post-74774","post","type-post","status-publish","format-standard","hentry","category-engineering-leadership","category-leadership"],"_links":{"self":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts\/74774","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/users\/61"}],"replies":[{"embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/comments?post=74774"}],"version-history":[{"count":0,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts\/74774\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/media?parent=74774"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/categories?post=74774"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/tags?post=74774"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}