Who Can Apply
- Candidates must be legally authorized to work in Canada
Job Description
Insight Global is seeking a Senior Platform Engineer in Enterprise Secrets Management for a leading Vancouver-based retailer. You are responsible for designing, operating, and evolving secure, highly available secrets management platforms. You enable secure access to credentials, secrets, and cryptographic material across all engineering workflows while ensuring compliance, resilience, and zero-trust principles at scale.
About the Team
The Enterprise Secrets Management team provides centralized, secure, and compliant secrets management services, including dynamic secrets, privileged access, and audit capabilities. The platform integrates deeply with CI/CD, infrastructure-as-code, and developer workflows to secure the software delivery lifecycle end-to-end.
Key Responsibilities
• Own and operate enterprise secrets management platforms at global scale
• Implement dynamic secrets, lease-based access, and just-in-time credential workflows
• Integrate secrets management into CI/CD pipelines and Terraform workflows
• Build and enforce secure patterns for secret injection, rotation, and lifecycle management
• Develop policy-as-code controls for access governance and compliance
• Ensure high availability, disaster recovery, and replication architecture
• Support identity and privileged access management and break-glass automation
• Drive adoption of secure secrets usage patterns through automation and self-service
• Monitor audit logs, usage patterns, and risk signals to strengthen security posture
• Document architecture, operational procedures, and runbooks
• Partner with security, audit, and engineering teams to align with enterprise controls
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.
Required Skills & Experience
Core Skills & Expertise
• Strong experience with HashiCorp Vault Enterprise including Policy, Auth, Dynamic Secrets Mounts
o Experience with developing custom Vault Plugins
o Experience managing global vault cluster infrastructure and upgrade lifecycle
• Deep knowledge of identity systems (OIDC, OAuth, IAM, LDAP/AD)
• Understanding of cryptography, key management, and certificate lifecycle management
• Experience with zero-trust security models and least-privilege access design
• Integration of secrets into CI/CD and IaC workflows (GitLab, Terraform)
• Knowledge of compliance, audit, and security controls (e.g., SOX, enterprise security standards)
• Automation and scripting using Python, Go, and Vault CLI/API
Qualifications
• 8+ years in Platform Engineering, Security Engineering, or Infrastructure roles
• Proven experience operating secure, production-grade secrets platforms
• Experience designing enterprise authentication and authorization systems
• Strong collaboration across security, engineering, and compliance stakeholders
Benefit packages for this role will start on the 1st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.