PKI / Secrets Management Engineer
? Are you the NEX T PKI / Secrets Management Engineer? ?
What we value:
- 10+ years of experience.
- Strong experience with Vault in production.
- Advanced knowledge of PKI, TLS/SSL, digital certificates.
- Experience with HSM (Hardware Security Module).
- Automation with Terraform, Helm, CI/CD.
- Solid troubleshooting skills.
- Fluent English is a must.
Nice to have:
- Knowledge of OIDC/IAM (e. g. , Keycloak).
- Experience with public clouds (AWS, Azure, GCP).
- German is a plus.
- Familiarity with agile methodologies.
What you can expect from this role:
? Lisbon – Hybrid model
- Design, deploy, and operate secure PKI and secrets management solutions in modern hybrid and
- native environments. - Deploy and manage Hashi
Corp Vault in production (HA, DR, Raft storage, HSM/KMS). - Configure namespaces, authentication backends, policies, and App
Roles. - Design and maintain PKI hierarchies (root, intermediate, issuing CAs).
- Automate certificate lifecycle (issuance, renewal, revocation) with Vault PKI or
- grade solutions. - Integrate secrets and PKI services with enterprise systems (Kubernetes, load balancers, VPNs, databases, CI/CD).
- Implement RBAC, secure audit logging, and compliance controls (FIPS, PCI-DSS, NIST).
- Automate deployments and workflows using Terraform, Helm, Ansible, Git
Ops. - Monitor and troubleshoot Vault and PKI operations (Prometheus, Grafana).
- Provide documentation, runbooks, and knowledge transfer.
What we offer you:
- A dynamic and professional team.
- Opportunity to participate in local or international projects.
- Personalized guidance.
- Training plan tailored to your needs.
- Career progression and development opportunities.
- Chance to be part of a
- growing team.
- Informações detalhadas sobre a oferta de emprego
Empresa: Next Engineering Localização: Lisboa
Lisboa, Lisboa, PortugalPublicado: 14. 9. 2025
Vaga de emprego atual
Seja o primeiro a candidar-se à vaga de emprego oferecida!