About Oak Titanium: Oak Titanium exists to bridge the cybersecurity divide, making world-class security expertise accessible, practical, and effective for Small and Medium-sized Enterprises (SMEs). We deliver enterprise-grade strategies tailored for the SME reality, blending AI-enhanced protection with critical human oversight (Human-in-the-Loop). Our mission is driven by authentic leadership delivering real results, ensuring our clients operate securely and confidently. We are passionate about empowering businesses to thrive through compliance, resilience, and growth. To achieve this ambitious goal, we strive to only hire the best talent available and believe in providing the best compensation package on the market to attract and retain innovators like you.
Job Summary: Join our growing security team at Oak Titanium as a skilled and innovative Secrets Management Engineer. In this critical role, you will be responsible for designing, implementing, and managing robust solutions for secrets management, privileged access management (PAM), and non-personal account (NPA) lifecycle control across our enterprise and for our clients. You will play a key part in safeguarding sensitive credentials and ensuring secure access for applications, services, and privileged users. A significant aspect of this role involves exploring and implementing cutting-edge solutions, including the potential applications of AI/ML, to enhance the security, efficiency, and intelligence of modern secrets management practices.
Key Responsibilities:
- Design, deploy, configure, and maintain enterprise-grade secrets management infrastructure, with a strong focus on tools like HashiCorp Vault and similar platforms.
- Develop and enforce policies for the full lifecycle of secrets (creation, rotation, auditing, revocation) for applications, services, and infrastructure.
- Establish and manage secure processes for Non-Personal Account (NPA) management, including service accounts, application identities, and API keys.
- Integrate secrets management solutions with Privileged Access Management (PAM) systems and workflows to ensure least privilege and secure credential handling.
- Automate secrets management processes, provisioning, and compliance checks using scripting languages (e.g., Python, Go, Bash) and Infrastructure as Code (IaC) tools.
- Explore, evaluate, and potentially implement AI/ML techniques to enhance secrets management through anomaly detection, predictive credential rotation, policy optimization, or risk analysis.
- Monitor the health, performance, and security posture of secrets management infrastructure, responding to alerts and incidents promptly.
- Collaborate closely with DevOps, Engineering, Security Operations, and Compliance teams to integrate secure secrets management practices into their workflows and applications.
- Develop and maintain comprehensive documentation for secrets management architecture, policies, and procedures.
- Stay current with emerging threats, vulnerabilities, best practices, and new technologies in secrets management, PAM, and AI security applications.
Required Qualifications:
- Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field, or equivalent practical experience.
- Proven hands-on experience (3+ years) in designing, implementing, and managing secrets management solutions in an enterprise environment.
- Deep technical expertise with HashiCorp Vault is essential. Experience with other enterprise solutions (e.g., CyberArk, Delinea, Akeyless) is a plus.
- Strong understanding of Privileged Access Management (PAM) principles, controls, and common solutions.
- Experience developing strategies and managing the lifecycle of Non-Personal Accounts (NPAs)/service accounts.
- Proficiency in scripting and automation (e.g., Python, Go, Bash).
- Familiarity with security concepts in cloud environments (AWS, Azure, GCP) and their native secrets management services.
- Solid understanding of authentication/authorization protocols (e.g., LDAP, SAML, OAuth, OIDC).
- Excellent problem-solving skills and the ability to troubleshoot complex technical issues.
- Strong communication and collaboration skills.
Preferred Qualifications:
- Experience researching or applying AI/ML models to cybersecurity problems, particularly in areas like anomaly detection or predictive security relevant to secrets management.
- HashiCorp Certified: Vault Associate or Operations Professional certification.
- Relevant security certifications (e.g., CISSP, CISM, CCSP).
- Experience with Infrastructure as Code tools (e.g., Terraform, Ansible).
- Knowledge of secrets management within containerized environments (Docker, Kubernetes).
- Experience integrating secrets management with CI/CD pipelines.
- Familiarity with compliance frameworks (e.g., SOC 2, ISO 27001, PCI DSS).
