PKI / Secrets Management Engineer
Are you the NEX T PKI / Secrets Management Engineer ?
What we value:
10+ years of experience.
Strong experience with Vault in production.
Advanced knowledge of PKI, TLS/SSL, digital certificates.
Experience with HSM (Hardware Security Module).
Automation with Terraform, Helm, CI/CD.
Solid troubleshooting skills.
Fluent English is a must.
Nice to have:
Knowledge of OIDC/IAM (e. g. , Keycloak).
Experience with public clouds (AWS, Azure, GCP).
German is a plus.
Familiarity with agile methodologies.
What you can expect from this role:
Lisbon – Hybrid model
Design, deploy, and operate secure PKI and secrets management solutions in modern hybrid and
- native environments.
Deploy and manage Hashi
Corp Vault in production (HA, DR, Raft storage, HSM/KMS).
Configure namespaces, authentication backends, policies, and App
Roles.
Design and maintain PKI hierarchies (root, intermediate, issuing CAs).
Automate certificate lifecycle (issuance, renewal, revocation) with Vault PKI or
- grade solutions.
Integrate secrets and PKI services with enterprise systems (Kubernetes, load balancers, VPNs, databases, CI/CD).
Implement RBAC, secure audit logging, and compliance controls (FIPS, PCI-DSS, NIST).
Automate deployments and workflows using Terraform, Helm, Ansible, Git
Ops.
Monitor and troubleshoot Vault and PKI operations (Prometheus, Grafana).
Provide documentation, runbooks, and knowledge transfer.
What we offer you:
A dynamic and professional team.
Opportunity to participate in local or international projects.
Personalized guidance.
Training plan tailored to your needs.
Career progression and development opportunities.
Chance to be part of a
- growing team.
- Informações detalhadas sobre a oferta de emprego
Empresa: Next Engineering Localização: Lisboa
Lisboa, Lisboa, PortugalPublicado: 14. 9. 2025
Vaga de emprego atual
Seja o primeiro a candidar-se à vaga de emprego oferecida!