Secrets Management Security Analyst (Security Analyst III)Elevance Health • United States
Secrets Management Security Analyst (Security Analyst III)
Elevance Health
- United States
- United States
Über
Location: This role requires associates to be in-office 1 - 2 days per week, fostering collaboration and connectivity, while providing flexibility to support productivity and work-life balance. This approach combines structured office engagement with the autonomy of virtual work, promoting a dynamic and adaptable workplace. Ideal candidates will be able to report to one of our Pulse Point locations in Indianapolis, IN, Norfolk, VA, Mason, OH or Tampa, FL. Alternate locations may be considered if candidates reside within a commuting distance from an office. The Secrets Management Security Analyst (Security Analyst III) will support the design, implementation, and ongoing operations of enterprise secrets management solutions. This role is critical to protecting sensitive information such as credentials, API keys, certificates, and encryption keys across cloud and on-prem environments. The ideal candidate has hands-on experience with secure credential management (e.g., HashiCorp Vault), strong understanding of identity and access controls, and a passion for automation and DevSecOps. How you will make an impact: Manages and maintains enterprise secrets management platforms (e.g., HashiCorp Vault, Azure Key Vault, AWS Secrets Manager). Provisions, rotates, and revokes secrets including API keys, tokens, certificates, and credentials. Monitors secret usage and ensure compliance with security policies. Integrates secrets management solutions into applications, CI/CD pipelines, and infrastructure workflows. Partners with Engineering and DevOps teams to eliminate hard-coded credentials. Implements automated secrets lifecycle management processes. Enforces least-privilege access to secrets using RBAC, policies, and identity federation (AD/Entra ID, IAM). Designs and maintains secure authentication methods (AppRole, IAM auth, managed identities, etc.). Supports onboarding of applications and users into secrets management platforms. Monitors logs and alerts for abnormal secrets access or misuse. Investigates and responds to incidents involving credential exposure or unauthorized access. Conducts periodic audits and access reviews. Ensures adherence to internal security standards and frameworks (e.g., NIST, CIS, SOC 2). Supports audit readiness and evidence collection related to secrets usage and controls. Conducts risk assessments related to identity, credential, and secrets management. Develops scripts or automation for secrets provisioning, rotation, and reporting. Optimizes secrets workflows to improve scalability and reliability. Contributes to DevSecOps practices by embedding secrets management into pipelines and IaC frameworks. Works with InfoSec, cloud, and platform teams to define best practices. Provides guidance and training to developers and engineers on secure secrets usage. Creates documentation, runbooks, and onboarding materials. Participates and completes tasks associated with the implementations for systems and network security technologies. Executes testing plans; coordinates and prepares reporting of data security events and incidents. Provides system and network architecture support. Provides technical support to business and technology associates. Provides trouble resolution on complex issues. Performs system and network upgrade tasks. Designs and analyzes vendor services and information security requirements; maintains relationship with key vendors. Participates and completes lights-on initiatives to consolidate equipment and/or implement business relocations. Performs complex configuration changes to meet business and information security requirements. Performs capacity analysis; recommends and implements capacity increases. Minimum Requirements: Requires a BA/BS degree in Information Technology, Computer Science or related field of study and a minimum of 3 years of experience in a support and operations or design and engineering role; or any combination of education and experience, which would provide an equivalent background. Preferred Skills, Capabilities and Experiences: Hands-on experience with: Secrets management platforms (e.g., HashiCorp Vault, AWS Secrets Manager, Azure Key Vault) highly preferred. Identity and access management (IAM, Active Directory/Entra ID) experience highly preferred. Understanding of authentication and authorization mechanisms, encryption and key management concepts and secure application development practices highly preferred. Experience with scripting or automation (Python, PowerShell, Bash) Familiarity with cloud environments (AWS and/or Azure) highly preferred. Experience with Dynamic secrets, certificate management, and PKI, Kubernetes and container security (secrets in EKS/AKS) and Infrastructure-as-Code (Terraform, ARM, Bicep, CloudFormation) highly preferred. Knowledge of DevSecOps and CI/CD tools (GitHub Actions, Azure DevOps, Jenkins) and Security monitoring platforms (SIEM tools like Sentinel, Splunk) highly preferred. Certifications such as HashiCorp Vault Associate, AWS or Azure security certifications and/or Security+ or equivalent highly preferred. Strong analytical and problem-solving abilities preferred. Demonstrated attention to detail and risk awareness experience preferred. Effective communication and collaboration skills preferred Ability to translate security requirements into practical solutions preferred. Continuous learning mindset in a rapidly evolving security landscape preferred. Job Level: Non-Management Exempt Workshift: 1st Shift (United States of America) Job Family: IFT > IT Security & Compliance
Sprachkenntnisse
- English
Hinweis für Nutzer
Dieses Stellenangebot stammt von einer Partnerplattform von TieTalent. Klick auf „Jetzt Bewerben”, um deine Bewerbung direkt auf deren Website einzureichen.