Senior Vault and Secrets Management Analyst
Digital / Ecommerce
Full Time
About the role We’re looking for a Senior Vault & Secrets Management Analyst with deep expertise in enterprise vaulting, Privileged Access Management (PAM), and secrets management technologies such as HashiCorp Vault, CyberArk, and Azure Key Vault.
In this role, you will strengthen our enterprise security posture, lead assessments, identify risks, and drive remediation across mission‑critical vaulting platforms. You’ll collaborate with cloud, infrastructure, DevOps, IAM, and security teams to implement best practices and modernize how we protect privileged credentials and machine identities.
Key skills:
Preferred Qualifications
Certifications:
In this role, you will strengthen our enterprise security posture, lead assessments, identify risks, and drive remediation across mission‑critical vaulting platforms. You’ll collaborate with cloud, infrastructure, DevOps, IAM, and security teams to implement best practices and modernize how we protect privileged credentials and machine identities.
Key skills:
- HashiCorp Vault
- CyberArk
- Azure Key Vault
- Secrets Management
- Privileged Access Management (PAM)
- Encryption & Key Management
- Security Hardening
- Cloud Security
- Zero Trust
- Identity Security
- Risk Assessment
- Remediation Planning
- Stakeholder Management
- Up to 20% yearly salary bonus - based on both individual and business performance
- Sick leave Compensation
- 1 extra week of annual leave above your legal entitlement of 4 weeks of annual leave of paid leave to support our well-being and family life
- Pension insurance contribution
- Cafeteria benefit system & Multisport card
- Training and Development Plan, supported by certified training and learning platforms like Udemy, Udemy Pro and LinkedIn
- Referral Bonus
- Flexible work time
- Assess enterprise vaulting platforms including HashiCorp Vault, Azure Key Vault, and CyberArk.
- Review configurations, authentication methods, authorization models, secrets lifecycle processes, encryption settings, and privileged access controls.
- Identify security gaps such as misconfigurations, excessive permissions, insecure integrations, and weak credential practices.
- Define remediation plans, hardening recommendations, and prioritized mitigation strategies.
- Partner with cloud, infrastructure, IAM, DevOps, application, and cybersecurity teams to implement improvements.
- Lead initiatives to enhance enterprise secrets management maturity and privileged access governance.
- Secrets rotation
- Credential vaulting
- Machine identity protection
- Certificate management
- API key and token protection
- Privileged session management
- Evaluate integrations with applications, CI/CD pipelines, Kubernetes, cloud platforms, and automation tools.
- Develop governance standards, operational procedures, and security baselines.
- Support audit and compliance activities related to PAM and secrets management.
- Produce technical documentation, architecture recommendations, risk assessments, and executive summaries.
- Mentor junior analysts and act as a subject matter expert for vaulting and PAM technologies
- Bachelor’s degree in Cybersecurity, Information Security, Computer Science, or equivalent experience.
- 8+ years in cybersecurity, IAM, PAM, or infrastructure security.
- HashiCorp Vault
- CyberArk
- Azure Key Vault
- Secrets management
- Privileged Access Management (PAM)
- Encryption & key management
- Identity & access management
- Zero Trust architecture
- Cloud security best practices
- Experience conducting security assessments and remediation programs for vaulting solutions.
- Experience securing privileged credentials, service accounts, certificates, tokens, and API secrets.
- Knowledge of authentication/authorization protocols (OAuth, OIDC, SAML, LDAP, Kerberos).
- Experience with cloud and hybrid environments.
- Strong stakeholder management and communication skills.
Preferred Qualifications
Certifications:
- HashiCorp Vault Associate
- CyberArk Defender / Sentry
- Azure Security certifications
- CISSP, CISM