Role Overview
The HashiCorp Vault Engineer is responsible for the installation, configuration, integration, and operational readiness of HashiCorp Vault for secrets management, policy control, automation identities, and secure key access across the DevOps and DevSecOps toolchain.
Key Responsibilities
- Install and configure HashiCorp Vault across required environments
- Define authentication methods, policies, secrets engines, and controlled access patterns
- Integrate Vault with GitLab, Terraform, CI/CD pipelines, and automation identities
- Support signing key access, secret retrieval workflows, and secure platform-to-platform integration
- Configure audit logging, backup procedures, restore procedures, and DR support controls
- Produce operational documentation, runbooks, and handover material
- Support managed service readiness for Vault administration and policy maintenance
-
Required Skills and Experience
- 6+ years of overall experience in security engineering, platform engineering, or secrets management
- 3+ years of hands-on HashiCorp Vault implementation or operations experience
- Strong experience with Vault auth methods, policies, secrets engines, and audit capabilities
- Experience integrating Vault with CI/CD and IaC platforms
- Experience with TLS, certificates, access governance, backup/restore, and secure operational controls
- Strong Linux administration and troubleshooting skills
Required Certifications
- HashiCorp Certified: Vault Associate
- HashiCorp Certified: Vault Operations Professional
- Security certification such as CISSP, CISM, Security+, or equivalent preferred
Expected Deliverables
- Configured Vault platform for project scope
- Auth and policy model aligned to delivery workflows
- Vault integration with GitLab and Terraform
- Backup, restore, and DR support procedures
- Operational runbooks and service transition artifacts