Senior Secrets Management Engineer, Akeyless

CVS Health•West Chester Township, OH

About The Position

At CVS Health, we’re building a world of health around every consumer and surrounding ourselves with dedicated colleagues who are passionate about transforming health care. As the nation’s leading health solutions company, we reach millions of Americans through our local presence, digital channels and more than 300,000 purpose-driven colleagues – caring for people where, when and how they choose in a way that is uniquely more connected, more convenient and more compassionate. And we do it all with heart, each and every day. Position Summary We are seeking a hands-on and highly skilled Senior Secrets Manager Engineer to join our Identity and Access Management (IAM) team. This role will focus on the design, deployment, and operational support of enterprise-grade secrets management platforms—primarily Akeyless and HashiCorp Vault—across multi-cloud environments. The ideal candidate will be a subject matter expert (SME) in secrets management, automation, and cloud-native security practices.

Requirements

5+ years of experience in security engineering with a focus on IAM and PAM.
3+ years of hands-on experience with Akeyless, HashiCorp Vault, or CyberArk Conjur in production environments
3+ years of experience with scripting in Python, Bash, or PowerShell.
3+ years of experience in integrating secrets management with Jenkins, GitHub Actions, or similar CI/CD tools.

Nice To Haves

Experience with Kubernetes, container orchestration, and service mesh integrations.
Deep understanding of cloud-native architectures and secure DevOps practices.
Familiarity with API-based secret access, SDKs, and CLI tools
Experience working in large-scale enterprise environments.
Exposure to hybrid secrets management strategies involving multiple vaulting solutions (e.g., Azure Key Vault, AWS Secrets Manager)
Knowledge of Just-in-Time access, certificate-based authentication (e.g., Venafi), and Zero Knowledge encryption models
Familiarity with compliance frameworks and audit requirements for secrets management.

Responsibilities

Serve as the SME for secrets management platforms such as Akeyless and HashiCorp Vault.
Lead the integration of secrets management solutions with CI/CD pipelines, Kubernetes (AKS, GKE), and cloud platforms (Azure, AWS, GCP).
Automate the onboarding and rotation of secrets for applications and machine identities.
Collaborate with product managers, architects, and application teams to drive adoption and ensure secure implementation.
Develop and maintain scripts and automation tools for secrets lifecycle management.
Support the migration of non-person accounts from PAM tools to secrets management platforms.
Monitor and remediate risks related to unmanaged credentials and privileged access.
Contribute to the development of onboarding guides, SDK integrations, and operational runbooks

Benefits

Affordable medical plan options, a 401(k) plan (including matching company contributions), and an employee stock purchase plan.
No-cost programs for all colleagues including wellness screenings, tobacco cessation and weight management programs, confidential counseling and financial coaching.
Benefit solutions that address the different needs and preferences of our colleagues including paid time off, flexible work schedules, family leave, dependent care resources, colleague assistance programs, tuition assistance, retiree medical access and many other benefits depending on eligibility.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume