Security Specialist Secrets Management (Vault)

Job description

The position of Security Specialist Secrets Management (Vault) is 100% filled. The duties include:

• Design and implementation of HashiCorp Vault infrastructures: planning, deployment, and management of HashiCorp Vault commitments
• Contribution to the development of secure, scalable architectures, operational concepts, and standardized engineering processes in accordance with the company's IT strategies
• Maintain comprehensive, up-to-date technical documentation, including system designs, runbooks, configurations, and incident post-mortems, to ensure transparency and operational continuity.
• Leading troubleshooting and root cause analysis for complex technical problems to ensure timely resolution and minimize service downtime
• Providing 2nd and 3rd level engineering support, including participation in an on-call rotation to efficiently resolve critical incidents
• Improving service quality by increasing system reliability, security, performance, observability, and automation, with a clear focus on increasing operational efficiency and reducing manual effort
• Availability for on-call services

Requirements

The requirements for this position are:

• Practical experience with secrets management solutions, preferably HashiCorp Vault, including implementation, administration, and integration into enterprise systems; knowledge of Definea (formerly Thycotic) Secret Server is an advantage
• Practical understanding of key IT security areas, including secure web gateway technologies (e.g., Zscaler), application delivery controllers (e.g., Citrix ADC/NetScaler), public key infrastructure (PKI), and multi-factor authentication frameworks
• At least 2-3 years of experience in 2nd and 3rd level engineering or operations roles supporting enterprise IT security services, ideally in highly regulated environments such as financial services
• Strong system administration skills on Linux and Windows platforms
• Proven experience with automation and infrastructure-as-code using Ansible, Terraform, Git, and scripting languages such as Python, Bash, PowerShell, and REST API integrations
• Knowledge of cloud platforms (AWS, Azure, or GCP), with a focus on secure identity and access management
• Exposure to Kubernetes and container environments, particularly with regard to secrets injection and secure workload identity
• Solid understanding of fundamental cybersecurity principles, including authentication, authorization, encryption, zero-trust, and least-privilege access controls
• Ability to make independent decisions, resolve incidents, and manage change requests with minimal supervision
• Strong analytical and conceptual thinking skills, with attention to detail and awareness of long-term architectural implications
• Comfortable for effective work in a globally distributed team environment

We offer

Unfortunately, no information about the offer is available.