Lead Engineer – HashiCorp Vault at HCLTech

Lead Engineer – HashiCorp Vault

Location : Baltimore, MD / Remote in USA

Full-Time Hire

Job Summary:

This role requires a subject matter expert with a deep understanding of both Vault and PAM solutions, and an ability to leverage CyberArk for securing privileged accounts, secrets management, and identity management. You will work closely with cross-functional teams to integrate, deploy, and optimize security architectures that protect critical systems, applications, and data.

Key Responsibilities:

• Lead the implementation of HashiCorp Vault solutions for secrets management, identity and access management, and data protection across the enterprise.
• Collaborate with security, DevOps, and cloud teams to ensure seamless integration of Vault and CyberArk solutions with existing IT infrastructure and applications.
• Assess and optimize the configuration, performance, and security of CyberArk components, including the Vault
• Implement and support strong encryption, audit logging, and key management solutions, ensuring compliance with industry standards and organizational policies.
• Design and implement robust security policies, access controls, and encryption strategies within Vault and CyberArk environments.
• Perform regular audits, security reviews, and risk assessments to ensure compliance with internal and external regulations (e.g., GDPR, HIPAA, SOX).
• Troubleshoot and resolve complex security incidents related to Vault and CyberArk, ensuring high availability and minimal downtime.
• Document and create security guidelines, best practices, and standard operating procedures for Vault and PAM implementations.
• Stay current with industry trends, emerging threats, and best practices in the fields of secrets management, privileged access, and identity governance.

Required Qualifications:

• 10+ years of relevant experience in security architecture, with a focus on Vault, CyberArk, and PAM solutions.
• Extensive experience in the deployment, configuration, and management of HashiCorp Vault for secrets management, identity management, and encryption.
• Deep expertise in CyberArk solutions, including Central Credential Provider (CCP), Privileged Session Management (PSM), Vault, and Password Vaulting.
• Strong proficiency with Linux and Windows environments and scripting languages (e.g., Python, PowerShell, Bash).
• Solid knowledge of identity and access management (IAM) solutions, including Active Directory, LDAP, and cloud-based IAM services.
• Experience with DevOps tools and frameworks (e.g., Terraform, Ansible) to automate security deployments.
• Excellent communication, documentation, and presentation skills for engaging with both technical and non-technical stakeholders.

Certifications:

HashiCorp Certified: Vault Associate or Vault Engineer

CyberArk Certified Sentry or CyberArk Certified Delivery Engineer

CISSP (Certified Information Systems Security Professional)

Good to Have:

Certified Information Security Manager (CISM)

Certified Cloud Security Professional (CCSP)

AWS Certified Security – Specialty

Microsoft Certified: Azure Security Engineer Associate

Disclaimer

HCL is an equal opportunity employer, committed to providing equal employment opportunities to all applicants and employees regardless of race, religion, sex, color, age, national origin, pregnancy, sexual orientation, physical disability or genetic information, military or veteran status, or any other protected classification, in accordance with federal, state, and/or local law. Should any applicant have concerns about discrimination in the hiring process, they should provide a detailed report of those concerns to secure@hcltech.com for investigation.

Compensation and Benefits

A candidate’s pay within the range will depend on their skills, experience, education, and other factors permitted by law. This role may also be eligible for performance-based bonuses subject to company policies. In addition, this role is eligible for the following benefits subject to company policies: medical, dental, vision, pharmacy, life, accidental death & dismemberment, and disability insurance; employee assistance program; 401(k) retirement plan; 10 days of paid time off per year (some positions are eligible for need-based leave with no designated number of leave days per year); and 10 paid holidays per year.