About The Position
We’re building a world of health around every individual — shaping a more connected, convenient and compassionate health experience. At CVS Health®, you’ll be surrounded by passionate colleagues who care deeply, innovate with purpose, hold ourselves accountable and prioritize safety and quality in everything we do. Join us and be part of something bigger – helping to simplify health care one person, one family and one community at a time. Position Summary We are seeking a hands-on and highly skilled Senior Secrets Manager Engineer to join our Identity and Access Management (IAM) team. This role will focus on the design, deployment, and operational support of enterprise-grade secrets management platforms—primarily Akeyless and HashiCorp Vault—across multi-cloud environments. The ideal candidate will be a subject matter expert (SME) in secrets management, automation, and cloud-native security practices.
Requirements
- 5+ years of experience in security engineering with a focus on IAM and PAM.
- 3+ years of hands-on experience with Akeyless, HashiCorp Vault, or CyberArk Conjur in production environments
- 3+ years of experience with scripting in Python, Bash, or PowerShell.
- 3+ years of experience in integrating secrets management with Jenkins, GitHub Actions, or similar CI/CD tools.
Nice To Haves
- Experience with Kubernetes, container orchestration, and service mesh integrations.
- Deep understanding of cloud-native architectures and secure DevOps practices.
- Familiarity with API-based secret access, SDKs, and CLI tools
- Experience working in large-scale enterprise environments.
- Exposure to hybrid secrets management strategies involving multiple vaulting solutions (e.g., Azure Key Vault, AWS Secrets Manager)
- Knowledge of Just-in-Time access, certificate-based authentication (e.g., Venafi), and Zero Knowledge encryption models
- Familiarity with compliance frameworks and audit requirements for secrets management.
Responsibilities
- Serve as the SME for secrets management platforms such as Akeyless and HashiCorp Vault.
- Lead the integration of secrets management solutions with CI/CD pipelines, Kubernetes (AKS, GKE), and cloud platforms (Azure, AWS, GCP).
- Automate the onboarding and rotation of secrets for applications and machine identities.
- Collaborate with product managers, architects, and application teams to drive adoption and ensure secure implementation.
- Develop and maintain scripts and automation tools for secrets lifecycle management.
- Support the migration of non-person accounts from PAM tools to secrets management platforms.
- Monitor and remediate risks related to unmanaged credentials and privileged access.
- Contribute to the development of onboarding guides, SDK integrations, and operational runbooks
Benefits
- Affordable medical plan options, a 401(k) plan (including matching company contributions), and an employee stock purchase plan.
- No-cost programs for all colleagues including wellness screenings, tobacco cessation and weight management programs, confidential counseling and financial coaching.
- Benefit solutions that address the different needs and preferences of our colleagues including paid time off, flexible work schedules, family leave, dependent care resources, colleague assistance programs, tuition assistance, retiree medical access and many other benefits depending on eligibility.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
