Job offer
Security Engineer PAM & Vault 100% (f/m/d)
The Julius Baer Group is seeking a Security Engineer for Privileged Access Management (PAM) and Vault to protect the company's digital landscape by implementing and managing security solutions. The ideal candidate will have experience with PAM and Vault solutions, such as Delinea Secret Server or Hashicorp Vault, and a solid understanding of security principles and technologies.
Tasks
- Analyzing evolving business and security requirements, assessing their technical feasibility, risk implications, and impact on existing systems, enterprise architecture standards, and regulatory obligations
- Proactive involvement in the development of secure, scalable architectures, operating concepts, and standardized engineering processes in line with corporate IT strategies
- Maintain comprehensive, up-to-date technical documentation, including system designs, runbooks, configurations, and incident post-mortems to ensure transparency and operational continuity.
- Leading troubleshooting and root cause analysis for complex technical problems to ensure timely resolution and minimize service interruption
- Provide 2nd and 3rd level engineering support, including participation in an on-call rotation, coordination with cross-functional teams to efficiently resolve critical incidents
- Drive continuous service improvement by enhancing system reliability, security, performance, usability, and automation, with a clear focus on increasing operational efficiency and reducing manual effort.
Requirements
- Practical experience with privileged access and secret management solutions, preferably Delinea (formerly Thycotic) Secret Server or HashiCorp Vault, including implementation, administration, and integration with enterprise systems
- At least 2-3 years of experience in 2nd and 3rd level engineering or operations roles supporting enterprise IT security services, ideally in complex, highly regulated environments (e.g., financial services)
- Security fundamentals: Solid knowledge of core cybersecurity principles—including authentication, authorization, encryption, zero-trust models, and least-privilege access controls
- Practical understanding of key IT security areas; experience with one or more of the following is advantageous:
- Secure web gateway technologies (e.g., Zscaler)
- Application delivery controller (e.g., Citrix ADC/NetScaler)
- Public Key Infrastructure (PKI)
- Multi-factor authentication frameworks (MFA)
- Technical expertise:
- Exposure to Kubernetes and containerized environments, particularly in relation to secret injection and secure workload identity
- Education and certificates:
- Relevant academic background (e.g., bachelor's or master's degree in computer science, information security, or a related field) – or equivalent practical experience
- Industry certifications such as CISSP, CISM, or CEH are considered a strong asset.
- HashiCorp Certified Vault Associate (or higher) is desirable but not mandatory.
- Delinea Certified Technician (DCT) certification is desirable but not mandatory.
We offer
No information available.Job details
Training opportunities powered by skillaware.