{"id":2368,"date":"2025-06-18T05:07:29","date_gmt":"2025-06-18T05:07:29","guid":{"rendered":"https:\/\/estreetsecurity.com\/services\/?post_type=jobpost&#038;p=2368"},"modified":"2025-06-18T05:07:48","modified_gmt":"2025-06-18T05:07:48","slug":"lead-identity-engineer-secrets-management","status":"publish","type":"jobpost","link":"https:\/\/estreetsecurity.com\/services\/jobs\/lead-identity-engineer-secrets-management\/","title":{"rendered":"Lead Identity Engineer &#8211; Secrets Management"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\">Lead Identity Engineer &#8211; Secrets Management<\/h2>\n\n\n\n<p><strong>Posted:<\/strong> June 18, 2025 <strong>Job Type:<\/strong> Permanent <strong>Industry:<\/strong> Cybersecurity<\/p>\n\n\n\n<p><strong>eStreetSecurity<\/strong> is partnering with a leading financial services firm in their search for a highly skilled and experienced <strong>Lead Identity Engineer<\/strong> with profound expertise in <strong>HashiCorp Vault<\/strong> and comprehensive <strong>Identity &amp; Access Management (IAM)<\/strong> principles. This is a critical and strategic hire as the firm continues to build out their next-generation <strong>Secrets Management<\/strong> infrastructure. The successful candidate will serve as the Lead Engineer for a dedicated team of 5-10 professionals. The ideal candidate will bring a robust background supporting the design and implementation of highly resilient and secure secrets management solutions across diverse environments including cloud, on-premises, and hybrid setups, all within a stringent <strong>Zero Trust Architecture<\/strong> framework.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">Location &amp; Compensation:<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Location:<\/strong> Jersey City, NJ \/ Dallas, TX \/ Tampa, FL (This is a <strong>hybrid role<\/strong> requiring 3 days per week onsite at one of the specified locations.)<\/li>\n\n\n\n<li><strong>Compensation:<\/strong> Commensurate with experience and chosen location. Please note that the compensation range listed above (USD $130,000 &#8211; $160,000) is specifically applicable only to candidates for the role based in the <strong>Jersey City, NJ<\/strong> office.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">What You&#8217;ll Be Doing:<\/h3>\n\n\n\n<p>As the Lead Identity Engineer focusing on Secrets Management, you will be a pivotal technical leader, driving key initiatives to enhance the firm&#8217;s security posture. Your core responsibilities will include:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Secrets Management SME Leadership:<\/strong> Acting as the definitive <strong>Subject Matter Expert (SME)<\/strong> for all aspects of secrets management and <strong>HashiCorp Vault<\/strong>. This involves leading architectural discussions, design efforts, and implementation initiatives across the enterprise.<\/li>\n\n\n\n<li><strong>Secure System Design &amp; Maintenance:<\/strong> Designing, implementing, and maintaining secure and scalable secrets management systems. These solutions will be seamlessly integrated with existing enterprise IAM frameworks and CI\/CD pipelines to ensure end-to-end security.<\/li>\n\n\n\n<li><strong>Zero Trust Enforcement:<\/strong> Actively enforcing <strong>Zero Trust principles<\/strong> across the entire infrastructure and application layers, ensuring that all access is verified, least privilege is applied, and security is pervasive.<\/li>\n\n\n\n<li><strong>Automation with IaC:<\/strong> Automating infrastructure provisioning and <strong>Vault configurations<\/strong> extensively using <strong>Terraform<\/strong> and various scripting tools, promoting efficiency, consistency, and repeatability.<\/li>\n\n\n\n<li><strong>Cross-Functional Collaboration:<\/strong> Collaborating closely with diverse cross-functional teams, including <strong>DevOps, Security Operations, and Application Engineering<\/strong>, to embed secrets management best practices directly into their workflows and development lifecycles.<\/li>\n\n\n\n<li><strong>Monitoring &amp; Troubleshooting:<\/strong> Proactively monitoring and efficiently troubleshooting secrets infrastructure using a suite of powerful observability tools such as <strong>Splunk, Grafana, and Elasticsearch<\/strong>, ensuring high availability and rapid issue resolution.<\/li>\n\n\n\n<li><strong>Script Development &amp; Maintenance:<\/strong> Developing and maintaining robust shell scripts for automation tasks and enhancing operational efficiency specifically on <strong>Linux\/Unix<\/strong> systems.<\/li>\n\n\n\n<li><strong>Agile\/Kanban Participation:<\/strong> Actively participating in <strong>Agile\/Kanban workflows<\/strong>, contributing meaningfully to sprint planning, daily stand-ups, retrospectives, and fostering a culture of continuous improvement within the team.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">What&#8217;s Needed:<\/h3>\n\n\n\n<p>We&#8217;re seeking a highly skilled and experienced professional with:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>HashiCorp Vault Expertise:<\/strong> Demonstrated extensive hands-on experience as a <strong>HashiCorp Vault SME<\/strong> specifically within large-scale enterprise environments.<\/li>\n\n\n\n<li><strong>IAM &amp; Zero Trust Background:<\/strong> A strong background in <strong>Identity and Access Management (IAM)<\/strong>, comprehensive secrets lifecycle management, and practical experience with <strong>Zero Trust Architecture<\/strong> implementation.<\/li>\n\n\n\n<li><strong>Linux\/Unix &amp; Scripting Proficiency:<\/strong> Proven proficiency in <strong>Linux\/Unix administration<\/strong> and strong command of <strong>shell scripting<\/strong> for automation and system management.<\/li>\n\n\n\n<li><strong>Terraform &amp; IaC:<\/strong> Solid experience with <strong>Terraform<\/strong> and a deep understanding of infrastructure as code (IaC) practices.<\/li>\n\n\n\n<li><strong>Cloud &amp; On-Prem Familiarity:<\/strong> Familiarity with major cloud platforms (<strong>AWS, GCP, Azure<\/strong>) and extensive experience supporting systems in traditional on-premises environments.<\/li>\n\n\n\n<li><strong>Networking Fundamentals:<\/strong> Working knowledge of essential networking fundamentals, including secure communication protocols (e.g., TLS, SSH).<\/li>\n\n\n\n<li><strong>Monitoring &amp; Logging Tools:<\/strong> Practical experience with key monitoring and logging tools such as <strong>Splunk, Grafana, and Elasticsearch<\/strong>.<\/li>\n\n\n\n<li><strong>Agile\/Kanban Experience:<\/strong> Comfort and experience working effectively within <strong>Agile\/Kanban<\/strong> development methodologies.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">Preferred Qualifications:<\/h3>\n\n\n\n<p>While not strictly required, candidates possessing the following will be highly regarded:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>HashiCorp Vault Certification(s):<\/strong> Holding <strong>HashiCorp Vault certification(s)<\/strong> or demonstrating equivalent practical experience.<\/li>\n\n\n\n<li><strong>Kubernetes Integration:<\/strong> Experience integrating <strong>Vault with Kubernetes<\/strong> and other cloud-native services.<\/li>\n\n\n\n<li><strong>DevSecOps Exposure:<\/strong> Exposure to secure software development practices and strong familiarity with <strong>DevSecOps<\/strong> principles and tools.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p>This is a unique and impactful opportunity to join a high-performing team at the forefront of financial cybersecurity. Your specialized expertise in secrets management and IAM will directly influence the security posture of a global enterprise, protecting critical assets and data. Interested applicants should submit a concise resume with full name and contact information to be considered.<\/p>\n\n\n\n<p><strong>Candidates must be fully authorized to work in the United States and be located within commuting distance of Jersey City, NJ, Dallas, TX, or Tampa, FL.<\/strong> Unfortunately, visa sponsorship is not available at this time.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Lead Identity Engineer &#8211; Secrets Management Posted: June 18, 2025 Job Type: Permanent Industry: Cybersecurity eStreetSecurity is partnering with a leading financial services firm in their search for a highly skilled and experienced Lead Identity Engineer with profound expertise in HashiCorp Vault and comprehensive Identity &amp; Access Management (IAM) principles. This is a critical and [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"menu_order":0,"template":"","jobpost_category":[426,231],"jobpost_job_type":[348],"jobpost_location":[634,606,607],"jobpost_tag":[254,640,272,250,251,253,649,288,650,247,248,643,582,252,641,241,548,331,332,330,632,645,648,635,487,644,642,647,646,636,292,639,505,633,246,638,637],"class_list":["post-2368","jobpost","type-jobpost","status-publish","hentry","jobpost_category-it","jobpost_category-security","jobpost_job_type-hybrid","jobpost_location-dallas-tx","jobpost_location-jersey-city-nj","jobpost_location-tampa-fl","jobpost_tag-agile","jobpost_tag-application-engineering","jobpost_tag-automation","jobpost_tag-aws","jobpost_tag-azure","jobpost_tag-cloud-platforms","jobpost_tag-cloud-native","jobpost_tag-cybersecurity","jobpost_tag-dallas-tx","jobpost_tag-devops","jobpost_tag-devsecops","jobpost_tag-elasticsearch","jobpost_tag-financial-services","jobpost_tag-gcp","jobpost_tag-grafana","jobpost_tag-hashicorp-vault","jobpost_tag-hybrid-cloud","jobpost_tag-iam","jobpost_tag-identity-and-access-management","jobpost_tag-infrastructure-as-code","jobpost_tag-jersey-city-nj","jobpost_tag-kanban","jobpost_tag-kubernetes","jobpost_tag-lead-identity-engineer","jobpost_tag-linux","jobpost_tag-logging","jobpost_tag-monitoring","jobpost_tag-networking-protocols","jobpost_tag-on-premises","jobpost_tag-secrets-management","jobpost_tag-security-operations","jobpost_tag-shell-scripting","jobpost_tag-splunk","jobpost_tag-tampa-fl","jobpost_tag-terraform","jobpost_tag-unix","jobpost_tag-zero-trust-architecture"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/estreetsecurity.com\/services\/wp-json\/wp\/v2\/jobpost\/2368","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/estreetsecurity.com\/services\/wp-json\/wp\/v2\/jobpost"}],"about":[{"href":"https:\/\/estreetsecurity.com\/services\/wp-json\/wp\/v2\/types\/jobpost"}],"author":[{"embeddable":true,"href":"https:\/\/estreetsecurity.com\/services\/wp-json\/wp\/v2\/users\/1"}],"wp:attachment":[{"href":"https:\/\/estreetsecurity.com\/services\/wp-json\/wp\/v2\/media?parent=2368"}],"wp:term":[{"taxonomy":"jobpost_category","embeddable":true,"href":"https:\/\/estreetsecurity.com\/services\/wp-json\/wp\/v2\/jobpost_category?post=2368"},{"taxonomy":"jobpost_job_type","embeddable":true,"href":"https:\/\/estreetsecurity.com\/services\/wp-json\/wp\/v2\/jobpost_job_type?post=2368"},{"taxonomy":"jobpost_location","embeddable":true,"href":"https:\/\/estreetsecurity.com\/services\/wp-json\/wp\/v2\/jobpost_location?post=2368"},{"taxonomy":"jobpost_tag","embeddable":true,"href":"https:\/\/estreetsecurity.com\/services\/wp-json\/wp\/v2\/jobpost_tag?post=2368"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}