Distinguished Engineer, Platform Security Engineering- Secrets Management

As a Distinguished Engineer, you will collaborate with our Sr Staff, Staff, and Sr. Engineers to innovate and construct new systems, enhance existing ones, and Client fresh opportunities to apply your specialized knowledge in Secrets Management to resolve critical issues. You will spearhead the strategy and execution of a technical roadmap that accelerates product delivery and unlocks new engineering capabilities. Your leadership will be crucial in the design, implementation, and maintenance of a robust Secrets Management platform, ensuring the protection of sensitive data throughout the organization. Position Responsibilities Lead the development and execution of Secrets Management tools, platforms, and strategies across the enterprise Ensure the quality, usability, and performance of the Secrets Management solutions including ensuring high availability, disaster recovery, and auditable logging Influence and educate leadership on the importance of secure Secrets Management practices Share best practices and improve processes for Secrets management within and across teams Manage the Secret lifecycle efficiently, including static, dynamic secrets, and rotation Stay updated on emerging trends in cryptography and apply this knowledge to enhance data protection strategies Provide technical guidance and mentorship, fostering a culture of innovation and continuous improvement Collaborate with cross-functional teams to integrate Secrets Management solutions seamlessly with organizational goals Build resilient and scalable Secrets Management architectures, driving innovation and cost efficiency Qualifications Strong understanding of security principles and secrets management (e.g., HashiCorp Vault, Azure Key Vault, AWS Secrets Manager, GCP Secret Manager, Doppler, CyberArk, Akeyless) Demonstrated experience in designing and implementing resilient, scalable, and efficient secrets management solutions Strong software engineering skills (experience with Go preferred) Experience with PostgreSQL including its native replication mechanisms Strong problem-solving abilities with a proactive approach to security risk mitigation Strong expertise with site reliability engineering practices and operational excellence - Implementing and utilizing infrastructure observability and monitoring tools (Grafana, Prometheus, OpenTelemetry, eBPF) Building and evolving CI/CD tools and pipelines (Bazel, Terraform, Argo CD/Workflows/Rollouts) Excellent communication skills for conveying technical concepts to diverse stakeholder Strong expertise with Docker and Kubernetes Knowledge of industry standards and regulations related to Secrets Management, Cryptography, Tokenization, PKI and digital certificates Ability to lead and execute projects from conception to deployment Familiar with HSMs and key management practices Familiar with Secret Detection capabilities and tools such as Trufflehog Familiar with Identity & Access Management & HashiCorp Boundary Desirable certifications: CISA, CISSP, CISM Experience 10 years in security engineering with a focus on Secrets Management, cryptography, PKI and Certificate Management, and security engineering 8 years in security, encryption, architecture, and design 6 years with open-source frameworks related to security 4 years with cloud services and their security aspects, preferably with experience in AWS, GCP, Azure. Education Bachelor's degree in computer science, Information Systems, or equivalent with a focus on security and cryptography