Dahl ConsultingRemote
Security Engineer – Kubernetes, SPIFFE / SPIRE
United States
Full-time
2 hours ago
$75 - $97 USD
H1B Sponsor Likely
Key skills
KubernetesEnvoyJWTIdentity ManagementIstioLinkerd
About this role
Dahl Consulting is a leading organization in the retail and e-commerce industry, seeking a Security Engineer to implement secure identity frameworks and workload authentication across distributed systems. The role involves designing, deploying, and maintaining SPIFFE/SPIRE-based identity solutions to enhance security in a dynamic, large-scale environment.
Responsibilities:
- Deploy and manage SPIRE Server and SPIRE Agent in production environments
- Design and implement secure workload identity solutions using SPIFFE IDs and trust domains
- Build or customize workload and node attestors to meet organizational needs
- Implement SVID issuance and rotation for X.509 and JWT formats
- Integrate SPIRE with Kubernetes clusters, service meshes (e.g., Istio, Linkerd), and Envoy-based workloads
- Collaborate with cross-functional teams to ensure seamless identity management across distributed systems
Requirements:
- Proven hands-on experience deploying and managing SPIRE Server and SPIRE Agent
- Strong understanding of SPIFFE IDs, trust domains, and workload identity concepts
- Experience designing and implementing SVID issuance and rotation (X.509/JWT)
- Ability to build or customize workload and node attestors
- Practical experience integrating SPIRE with Kubernetes, service meshes (Istio, Linkerd), and Envoy-based workloads
- Background in large-scale distributed systems or cloud-native environments
- Familiarity with container security and zero-trust architectures
- Experience with scripting or automation tools for identity management
- Knowledge of TLS, PKI, and cryptographic principles