Secrets Management Security Analyst (Security Analyst III)

About The Position

Requirements

• BA/BS degree in Information Technology, Computer Science or related field of study and a minimum of 3 years of experience in a support and operations or design and engineering role; or any combination of education and experience, which would provide an equivalent background.

Nice To Haves

• Hands-on experience with Secrets management platforms (e.g., HashiCorp Vault, AWS Secrets Manager, Azure Key Vault) highly preferred.
• Identity and access management (IAM, Active Directory/Entra ID) experience highly preferred.
• Understanding of authentication and authorization mechanisms, encryption and key management concepts and secure application development practices highly preferred.
• Experience with scripting or automation (Python, PowerShell, Bash)
• Familiarity with cloud environments (AWS and/or Azure) highly preferred.
• Experience with Dynamic secrets, certificate management, and PKI, Kubernetes and container security (secrets in EKS/AKS) and Infrastructure-as-Code (Terraform, ARM, Bicep, CloudFormation) highly preferred.
• Knowledge of DevSecOps and CI/CD tools (GitHub Actions, Azure DevOps, Jenkins) and Security monitoring platforms (SIEM tools like Sentinel, Splunk) highly preferred.
• Certifications such as HashiCorp Vault Associate, AWS or Azure security certifications and/or Security+ or equivalent highly preferred.
• Strong analytical and problem-solving abilities preferred.
• Demonstrated attention to detail and risk awareness experience preferred.
• Effective communication and collaboration skills preferred
• Ability to translate security requirements into practical solutions preferred.
• Continuous learning mindset in a rapidly evolving security landscape preferred.

Responsibilities

• Manages and maintains enterprise secrets management platforms (e.g., HashiCorp Vault, Azure Key Vault, AWS Secrets Manager).
• Provisions, rotates, and revokes secrets including API keys, tokens, certificates, and credentials.
• Monitors secret usage and ensure compliance with security policies.
• Integrates secrets management solutions into applications, CI/CD pipelines, and infrastructure workflows.
• Partners with Engineering and DevOps teams to eliminate hard-coded credentials.
• Implements automated secrets lifecycle management processes.
• Enforces least-privilege access to secrets using RBAC, policies, and identity federation (AD/Entra ID, IAM).
• Designs and maintains secure authentication methods (AppRole, IAM auth, managed identities, etc.).
• Supports onboarding of applications and users into secrets management platforms.
• Monitors logs and alerts for abnormal secrets access or misuse.
• Investigates and responds to incidents involving credential exposure or unauthorized access.
• Conducts periodic audits and access reviews.
• Ensures adherence to internal security standards and frameworks (e.g., NIST, CIS, SOC 2).
• Supports audit readiness and evidence collection related to secrets usage and controls.
• Conducts risk assessments related to identity, credential, and secrets management.
• Develops scripts or automation for secrets provisioning, rotation, and reporting.
• Optimizes secrets workflows to improve scalability and reliability.
• Contributes to DevSecOps practices by embedding secrets management into pipelines and IaC frameworks.
• Works with InfoSec, cloud, and platform teams to define best practices.
• Provides guidance and training to developers and engineers on secure secrets usage.
• Creates documentation, runbooks, and onboarding materials.
• Participates and completes tasks associated with the implementations for systems and network security technologies.
• Executes testing plans; coordinates and prepares reporting of data security events and incidents.
• Provides system and network architecture support.
• Provides technical support to business and technology associates.
• Provides trouble resolution on complex issues.
• Performs system and network upgrade tasks.
• Designs and analyzes vendor services and information security requirements; maintains relationship with key vendors.
• Participates and completes lights-on initiatives to consolidate equipment and/or implement business relocations.
• Performs complex configuration changes to meet business and information security requirements.
• Performs capacity analysis; recommends and implements capacity increases.

Benefits

• merit increases
• paid holidays
• Paid Time Off
• incentive bonus programs
• medical
• dental
• vision
• short and long term disability benefits
• 401(k) +match
• stock purchase plan
• life insurance
• wellness programs
• financial education resources