Senior Staff Cybersecurity Engineer - Secrets Management
Synopsys Inc · Morrisville, NC · 2 wk ago
Consulting$161k–$242k/yrFull-time
About the role
We are open to candidates from Morrisville (North Carolina), Hillsboro (OR) and Canonsburg (PA).
Responsibilities
- Managing, operating, and optimizing enterprise-grade identity security and secrets management solutions, with a strong emphasis on HashiCorp Vault and related ecosystems.
- Leading the secrets lifecycle for applications and infrastructure, including secure creation, storage, access, rotation, revocation, and auditability.
- Prioritizing architecture and design discussions for identity-based access controls across cloud, hybrid, and on-prem environments.
- Providing senior-level technical leadership and hands-on support, including troubleshooting complex identity, authentication, and authorization challenges.
- Establishing and enforcing standards, patterns, and best practices for identity security, secrets management, and privileged access.
- Supporting and enhancing zero trust and least-privilege access models across human and non-human identities (workloads, services, APIs).
- Documenting architectures, designs, operational procedures, and runbooks, and delivering clear technical guidance to stakeholders.
- Partnering with GRC, audit, and compliance teams to ensure identity and secrets controls align with regulatory and internal security requirements.
- Mentoring junior and mid-level engineers, raising the overall maturity and operational excellence of the identity security program.
Requirements
- Bachelor’s degree in Information Security, Computer Science, or a related field.
- Minimum of 5 years’ experience in cybersecurity, identity and access management or related field, with at least 2 years in a senior or lead role.
- Deep hands-on expertise with HashiCorp Vault, including architecture, operations, policies, authentication methods, and integrations.
- Strong experience with secrets management, privileged access, and non-human identity security in cloud, on-prem and hybrid environments.
- Experience working with cloud platforms (AWS, Azure, GCP) and containerized environments (Kubernetes).
- Proficiency in scripting or automation (Python, PowerShell, Bash) to support security workflows and integrations.
- Solid understanding of IAM concepts including authentication, authorization, federation, MFA, SSO, and least privilege.
- Security certifications such as CISSP, CISM, or vendor-specific certifications are a plus. (or willingness to obtain).
Qualifications
- Strategic, analytical thinker with a proactive approach to problem-solving.
- Excellent communicator, able to articulate complex security concepts to both technical and non-technical audiences.
- Collaborative, inclusive leader with a passion for mentorship and team development.
- Adaptable, detail-oriented, and committed to continuous learning in a rapidly evolving threat landscape.
- Highly ethical, trustworthy, and dedicated to protecting identities, strengthening development practices, and supporting organizational integrity.