Security Analyst III ( InfoSec Vault Engineer )
Must haves (Required): 5 plus years of Azure-HashiCorp Vault, familiarity with SRE
The InfoSec Vault Engineer is a pivotal role focused on engineering and advancing the organization's secrets management through HashiCorp Vault adoption and integration. This position aids in the design, implementation, and management of Vault-based security capabilities, while embedding Site Reliability Engineering (SRE) frameworks within InfoSec.
Essential/Key Responsibilities:
- Lead engineering and DevOps efforts for the global secrets management program, specializing in HashiCorp Vault and related data protection technologies, specifically Azure and AWS cloud environments.
- Drive automation, orchestration, and cross-team collaboration to enhance operational efficiency and security posture.
- Design, build, and maintain secure infrastructure components, including API security, encryption, PKI, vulnerability scanning, authentication, and access control systems.
- Provide hands-on administration and support for security infrastructure, monitoring tools, and associated processes.
- Collaborate with security and development teams using Agile methodologies to prioritize initiatives, manage risks, and communicate progress to leadership.
- Author, review, and maintain technical documentation such as runbooks, standards, and procedures to support a mature security environment.
- Act as a subject-matter expert and mentor for InfoSec engineers and stakeholders, fostering knowledge sharing and best practices.
- Engineer integrations between HashiCorp Vault and Site Reliability Engineering (SRE) frameworks, supporting resilience and continuous operation models.
Required Skills/Knowledge
- Hands-on experience with designing and building a Hashicorp Vault platform.
- Specifically, integrating Hashicorp Vault Enterprise into the Azure Cloud Workspace to integrate with Azure Key Vault.
- Works closely with Information Security program manager, scrum master, and architects to convey technical impacts to development/engineering timeline and risks.
- Previous work experience in cloud environments, specifically Azure, but AWS experience is beneficial.
- Work independently in identifying opportunities to improve engineering or other performance for Information Security/Technology & other functions across Synchrony.
- Ensure BAU technology stability by overseeing change management, incident response, and disaster recovery processes to maintain operational continuity.
- Proven ability to diagnose and resolve complex security issues efficiently.
- Experience with change management and incident management frameworks.
- Skilled in managing hybrid and multi-cloud environments across IaaS, PaaS, and SaaS platforms.
- Proficient in scripting languages such as Python and Bash for automation and custom security tool development.
- Strong capability in documenting processes, reporting incidents, and collaborating effectively with both technical and non-technical stakeholders.
- Experience creating automation scripts and Ansible playbooks, with a solid understanding of DevOps principles to support CI/CD pipelines.
- Hands-on expertise with Terraform for infrastructure as code and automation.
- Demonstrated success in coordinating and supporting complex enterprise projects, including deployment, enhancement, integration, and upgrade of endpoint security solutions.
- Familiarity with Site Reliability Engineering (SRE) principles, particularly in observability and automation practices.
Desired Skills/Knowledge:
- Working experience with Infrastructure as Code (IaC) tools; specifically, Hashicorp Terraform; knowledge on configuration platforms such as Ansible Tower is also desired.
- Good Understanding on other Encryption tools and Cloud services like AWS KMS, Azure Key Vault, AWS Secrets Manager etc.,
- Working experience with API development, DevSecOps focused CI/CD pipelines, encryption methodologies, Jenkins, secrets management, tokenization.
- Ability to work under pressure and sustain productivity with multiple simultaneous projects across cross-functional engineering and operational information security teams.
- Creativity and individual thinking, the ability to work both independently & with teams
- Cyber Security experience, especially around designing, building, managing solutions
- SRE framework experience (observability, error budgeting, SLOs, proactive problem identification, improved collaboration, chaos engineering).
- Solution engineering principles and design architecture modeling, a plus.
- Experience in modern coding languages such as Python.
- Knowledge of IS security principles and best practices Knowledge and experience with Secure coding practices/ System Integration/ Network Administration/ TCP/IP protocols/ Intrusion Detection/Prevention/ Security Incident handling/ Security Information and Event Management (SIEM)
- Experience with Agile, Scaled Agile (SAFe), Scrum.
- Good teamwork, oral and written communication.
- Good understanding of security principles and best-in-class designs.
- Familiarity with problem and incident management, change management, notifications, and basic operational understanding of running and maintaining infrastructure.
- Strong and efficient problem-solving and analytical skills, but open to the idea of learning new things.
- Understanding of information security practices and policies, including risks and threats.
- Understanding of various public cloud deployment/platform/service models from a development, infrastructure, and information security aspect.
- Positive attitude, a drive for learning, and an ability to thrive in an ever evolving and growth-centric environment is imperative.
- Displays passion and responsibility to the customer.