SIGNUP
Back to Jobs
XX
Secrets Management Security Analyst (Security Analyst III)Elevance HealthNorfolk, Virginia, United States
Find similar jobs

This job offer is no longer available

XX

Secrets Management Security Analyst (Security Analyst III)

Elevance Health
  • US
    Norfolk, Virginia, United States
  • US
    Norfolk, Virginia, United States
Find similar jobs

About

Secrets Management Security Analyst (Security Analyst III) Location:
This role requires associates to be in-office 1 - 2 days per week, fostering collaboration and connectivity, while providing flexibility to support productivity and work-life balance. This approach combines structured office engagement with the autonomy of virtual work, promoting a dynamic and adaptable workplace. Ideal candidates will be able to report to one of our Pulse Point locations in Indianapolis, IN, Norfolk, VA, Mason, OH or Tampa, FL. Alternate locations may be considered if candidates reside within a commuting distance from an office.
Please note that per our policy on hybrid/virtual work, candidates not within a reasonable commuting distance from the posting location(s) will not be considered for employment, unless an accommodation is granted as required by law.
Responsibilities
Manages and maintains enterprise secrets management platforms (e.g., HashiCorp Vault, Azure Key Vault, AWS Secrets Manager).
Provisions, rotates, and revokes secrets including API keys, tokens, certificates, and credentials.
Monitors secret usage and ensures compliance with security policies.
Integrates secrets management solutions into applications, CI/CD pipelines, and infrastructure workflows.
Partners with Engineering and DevOps teams to eliminate hard‑coded credentials.
Implements automated secrets lifecycle management processes.
Enforces least‑privilege access to secrets using RBAC, policies, and identity federation (AD/Entra ID, IAM).
Designs and maintains secure authentication methods (AppRole, IAM auth, managed identities, etc.).
Supports onboarding of applications and users into secrets management platforms.
Monitors logs and alerts for abnormal secrets access or misuse.
Investigates and responds to incidents involving credential exposure or unauthorized access.
Conducts periodic audits and access reviews.
Ensures adherence to internal security standards and frameworks (e.g., NIST, CIS, SOC 2).
Supports audit readiness and evidence collection related to secrets usage and controls.
Conducts risk assessments related to identity, credential, and secrets management.
Develops scripts or automation for secrets provisioning, rotation, and reporting.
Optimizes secrets workflows to improve scalability and reliability.
Contributes to DevSecOps practices by embedding secrets management into pipelines and IaC frameworks.
Works with InfoSec, cloud, and platform teams to define best practices.
Provides guidance and training to developers and engineers on secure secrets usage.
Creates documentation, runbooks, and onboarding materials.
Participates and completes tasks associated with the implementations for systems and network security technologies.
Executes testing plans; coordinates and prepares reporting of data security events and incidents.
Provides system and network architecture support.
Provides technical support to business and technology associates.
Provides trouble resolution on complex issues.
Performs system and network upgrade tasks.
Designs and analyzes vendor services and information security requirements; maintains relationship with key vendors.
Participates and completes lights‑on initiatives to consolidate equipment and/or implement business relocations.
Performs complex configuration changes to meet business and information security requirements.
Performs capacity analysis; recommends and implements capacity increases.
Minimum Requirements Requires a BA/BS degree in Information Technology, Computer Science or a related field of study and a minimum of 3 years of experience in a support and operations or design and engineering role; or any combination of education and experience that would provide an equivalent background.
Preferred Skills, Capabilities and Experiences
Hands‑on experience with secrets management platforms (e.g., HashiCorp Vault, AWS Secrets Manager, Azure Key Vault) highly preferred.
Identity and access management (IAM, Active Directory/Entra ID) experience highly preferred.
Understanding of authentication and authorization mechanisms, encryption and key management concepts and secure application development practices highly preferred.
Experience with scripting or automation (Python, PowerShell, Bash).
Familiarity with cloud environments (AWS and/or Azure) highly preferred.
Experience with Dynamic secrets, certificate management, and PKI, Kubernetes and container security (secrets in EKS/AKS) and Infrastructure‑as‑Code (Terraform, ARM, Bicep, CloudFormation) highly preferred.
Knowledge of DevSecOps and CI/CD tools (GitHub Actions, Azure DevOps, Jenkins) and Security monitoring platforms (SIEM tools like Sentinel, Splunk) highly preferred.
Certifications such as HashiCorp Vault Associate, AWS or Azure security certifications and/or Security+ or equivalent highly preferred.
Strong analytical and problem‑solving abilities preferred.
Demonstrated attention to detail and risk awareness experience preferred.
Effective communication and collaboration skills preferred.
Ability to translate security requirements into practical solutions preferred.
Continuous learning mindset in a rapidly evolving security landscape preferred.
Elevance Health operates in a Hybrid Workforce Strategy. Unless specified as primarily virtual by the hiring manager, associates are required to work at an Elevance Health location at least once per week, and potentially several times per week. Specific requirements and expectations for time onsite will be discussed as part of the hiring process.
The health of our associates and communities is a top priority for Elevance Health. We require all new candidates in certain patient/member‑facing roles to become vaccinated against COVID‑19 and Influenza. If you are not vaccinated, your offer will be rescinded unless you provide an acceptable explanation. Elevance Health will also follow all relevant federal, state, and local laws.
Elevance Health is an Equal Employment Opportunity employer and all qualified applicants will receive consideration for employment without regard to age, citizenship status, color, creed, disability, ethnicity, genetic information, gender (including gender identity and gender expression), marital status, national origin, race, religion, sex, sexual orientation, veteran status or any other status or condition protected by applicable federal, state, or local laws. Applicants who require accommodation to participate in the job application process may contact elevancehealthjobssupport@elevancehealth.com for assistance.
Qualified applicants with arrest or conviction records will be considered for employment in accordance with all federal, state, and local laws, including, but not limited to, the Los Angeles County Fair Chance Ordinance and the California Fair Chance Act.
Prospective employees required to be screened under Florida law should review the education and awareness resources at HB531 | Florida Agency for Health Care Administration (https://info.flclearinghouse.com/).
#J-18808-Ljbffr
  • Norfolk, Virginia, United States

Languages

  • English
Notice for Users

This job was posted by one of our partners. You can view the original job source here.

Find similar jobs