Security Specialist Secrets Management (Vault) 100% (f/m/d)

Your challenge

• Design and implementation of HashiCorp Vault infrastructure: planning, deployment, and management of HashiCorp Vault commitments
• Contribution to the development of secure, scalable architectures, operational concepts, and standardized engineering processes in line with corporate IT strategies
• Maintain comprehensive, up-to-date technical documentation, including system designs, runbooks, configurations, and incident post-mortems, to ensure transparency and operational continuity.
• Leading troubleshooting and root cause analysis for complex technical problems to ensure timely resolution and minimize service downtime
• Providing 2nd and 3rd level engineering support, including participation in an on-call rotation, coordination with cross-functional teams to efficiently resolve critical incidents
• Drive continuous service improvement by enhancing system reliability, security posture, performance, observability, and automation, with a clear focus on increasing operational efficiency and reducing manual effort.
• Availability for on-call duty

Your profile

• Practical experience with secrets management solutions, preferably HashiCorp Vault, including implementation, administration, and integration into enterprise systems; familiarity with Definea (formerly Thycotic) Secret Server is advantageous
• Practical understanding of key IT security domains, including secure web gateway technologies (e.g., Zscaler), application delivery controllers (e.g., Citrix ADC/NetScaler), public key infrastructure (PKI), and multi-factor authentication (MFA) frameworks
• At least 2-3 years of experience in 2nd and 3rd level engineering or operations roles supporting enterprise IT security services, ideally in highly regulated environments such as financial services
• Strong system administration skills on Linux and Windows platforms
• Experience with automation and infrastructure-as-code using Ansible, Terraform, Git, and scripting languages such as Python, Bash, PowerShell, and REST API integrations
• Working knowledge of cloud platforms (AWS, Azure, or GCP), with a focus on secure identity and access management
• Exposure to Kubernetes and containerized environments, particularly with regard to secrets injection and secure workload identity
• Solid understanding of core cybersecurity principles, including authentication, authorization, encryption, zero-trust, and least-privilege access controls
• Ability to make independent decisions, resolve incidents, and manage change requests with minimal supervision
• Strong analytical and conceptual thinking skills, with attention to detail and awareness of long-term architectural implications
• Working effectively in a globally distributed team environment

We offer