Director, Secrets Management – Non-Interactive Access
Durham, North Carolina, United States of America
Full Time
2 hours ago
No Visa Sponsorship
Key skills
AWSAzureCloudKubernetesTerraformVaultServerlessIAMJWTCI/CDLeadershipCommunication
About this role
Role Overview
- Lead and develop engineering and product teams delivering enterprise secrets management.
- Own the enterprise platform, roadmap, delivery, resiliency.
- Establish clear operating rhythms (standups, planning, retrospectives) and an inclusive, learning culture.
- Enable auto‑vaulting pipelines; build scalable onboarding and discovery patterns.
- Ensure platform hardening, compliance, audit evidence, DR/IR readiness, and continuous risk reduction.
- Design secure multi‑tenant patterns (AppRole, Kubernetes auth, OIDC/JWT, AWS IAM, Azure MSI) with least privilege and short‑lived credentials.
- Enable dynamic/ephemeral secrets (Database, PKI, SSH, Cloud) and cryptographic services (Transit, Transform) with policy-as-code (Sentinel).
- Harden the platform (CIS benchmarks where applicable), implement automated configuration and upgrades using Infrastructure as Code (Terraform).
- Implement auto‑vaulting pipelines and secret discovery to onboard applications at scale with paved paths and reference implementations.
- Federate/cascade secrets from Vault to other vaults and cloud stores (Azure Key Vault, AWS Secrets Manager, and others) with lifecycle governance.
- Provide self‑service APIs/CLIs/agents (Vault Agent/Injector) and SDKs; integrate with CI/CD, containers, and serverless platforms.
- Partner with application, cloud, and data platform teams to remove hard-coded secrets and migrate legacy secret stores.
Requirements
- Bachelor’s degree in Computer Science, Information Security, Engineering, or related field (Master’s preferred).
- 3+ years direct people leadership experience, including hiring, coaching, performance management, and career development.
- Hands‑on engineering experience implementing and operating HashiCorp Vault Enterprise in production.
- Expertise with Vault core components
- Experience with Terraform/IaC, policy‑as‑code, and operational automation.
- Experience integrating secrets with Azure Key Vault, AWS Secrets Manager, or similar.
- Strong communication, stakeholder influence, and product delivery skills.
Tech Stack
- AWS
- Azure
- Cloud
- Kubernetes
- Terraform
- Vault
Benefits
- Health insurance
- 401(k) matching
- Flexible work hours
- Paid time off
- Professional development opportunities