Secrets Management Engineer/ Stamford, CT , 6+ Mon

Secrets Management Engineer
Duration: 6 months and likely extensions thereafter
Location: Any US - Tri-State area preferred OR working hours EST
Description:

• The Secrets Management Engineer will be responsible for becoming intimately familiar with the capability of various Secrets Management technologies leveraged by Client, including secret discovery, storage, and remediation mechanisms.
• The engineer will lead engagements with owners of relevant technologies, drive conversations, and comprehensively document findings and opinions on how the technologies can solve an assortment of use cases.
• The engineer will also have a keen eye for the identification of use cases, diagnosing their risk surface, and informing the conversation around prioritization.
• In addition to demonstrating a firm grasp of Secrets Management at both a conceptual and detailed level, the engineer will be able to self-manage and communicate effectively with AVPs and VPs on the leadership team, synthesizing their findings and providing comprehensive recommendations.

Minimum Qualifications

• 5+ years engineering experience in IAM or adjacent infosec domains, such as endpoint engineering or encryption
• 3+ years at a management or VP-equivalent level in an organization
• Specific software development or scripting experience in a cloud or on-prem environment
• Hands-on experience or extensive familiarity with at least 2 of the following technologies
• Delinea Secret Server (or equivalent - e.g. CyberArk)
• HashiCorp Vault
• Cloud-Native secrets management services
• BigID
• Tanium Reveal
• Microsoft Purview
• Fortify
• Conceptual understanding of various secret types and the circumstances in which they are used
• Experience working in a cloud (PaaS) environment
• Knowledge of foundational IAM concepts - Authentication, Authorization, RBAC, etc
• Deep understanding of Secrets Management capabilities (discovery, storage, etc.)
• Hands-on experience with DevOps and CI/CD tooling, such as BitBucket and Jenkins
• Exceptional written and verbal communication skills
• bility to perform risk analysis, leveraging existing frameworks and models
• Familiarity with CyberSec regulatory frameworks, such as SOX, PCI, FFIEC, CIS, and NIST
• Experience working in Agile methodology, leveraging Jira and Jira Align

Desired Qualifications

• Industry or technology specific certifications (AWS, Hashi, DevOps, etc.)
• Direct experience contributing to the buildout of a Secrets Management program
• Prior experience in a governance, risk, and compliance role
• Experience interfacing with senior leaders in a financial services organization
• Program management experience