Secrets Management Security Analyst (Security Analyst III)The Elevance Health Companies, Inc. • Indianapolis, Indiana, United States
Secrets Management Security Analyst (Security Analyst III)
The Elevance Health Companies, Inc.
- Indianapolis, Indiana, United States
- Indianapolis, Indiana, United States
À propos
Support the design, implementation, and ongoing operations of enterprise secrets management solutions, protecting sensitive information such as credentials, API keys, certificates, and encryption keys across cloud and on‑prem environments. Location
Hybrid work: associates are required to be in‑office 1–2 days per week at a Pulse Point location (Indianapolis, IN; Norfolk, VA; Mason, OH; or Tampa, FL). Alternate locations may be considered for candidates residing within commuting distance. Candidates not within a reasonable commuting distance will not be considered unless an accommodation is granted as required by law. Responsibilities
Manages and maintains enterprise secrets management platforms (e.g., HashiCorp Vault, Azure Key Vault, AWS Secrets Manager). Provisions, rotates, and revokes secrets including API keys, tokens, certificates, and credentials. Monitors secret usage and ensures compliance with security policies. Integrates secrets management solutions into applications, CI/CD pipelines, and infrastructure workflows. Partners with Engineering and DevOps teams to eliminate hard‑coded credentials. Implements automated secrets lifecycle management processes. Enforces least‑privilege access to secrets using RBAC, policies, and identity federation (AD/Entra ID, IAM). Designs and maintains secure authentication methods (AppRole, IAM auth, managed identities, etc.). Supports onboarding of applications and users into secrets management platforms. Monitors logs and alerts for abnormal secrets access or misuse. Investigates and responds to incidents involving credential exposure or unauthorized access. Conducts periodic audits and access reviews. Ensures adherence to internal security standards and frameworks (e.g., NIST, CIS, SOC2). Supports audit readiness and evidence collection related to secrets usage and controls. Conducts risk assessments related to identity, credential, and secrets management. Develops scripts or automation for secrets provisioning, rotation, and reporting. Optimizes secrets workflows to improve scalability and reliability. Contributes to DevSecOps practices by embedding secrets management into pipelines and IaC frameworks. Works with InfoSec, cloud, and platform teams to define best practices. Provides guidance and training to developers and engineers on secure secrets usage. Creates documentation, runbooks, and onboarding materials. Executes testing plans; coordinates and prepares reporting of data security events and incidents. Provides system and network architecture support. Provides technical support to business and technology associates. Performs system and network upgrade tasks. Designs and analyzes vendor services and information security requirements; maintains relationship with key vendors. Performs complex configuration changes to meet business and information security requirements. Performs capacity analysis; recommends and implements capacity increases. Minimum Requirements
BA/BS degree in Information Technology, Computer Science, or related field. Minimum of 3 years of experience in a support and operations or design and engineering role, or an equivalent combination of education and experience. Preferred Skills, Capabilities, and Experiences
Hands‑on experience with secrets management platforms (HashiCorp Vault, AWS Secrets Manager, Azure Key Vault). Experience in identity and access management (IAM, Active Directory/Entra ID). Understanding of authentication and authorization mechanisms, encryption and key management concepts, and secure application development practices. Experience with scripting or automation (Python, PowerShell, Bash). Familiarity with cloud environments (AWS and/or Azure). Experience with dynamic secrets, certificate management, PKI, Kubernetes and container security (secrets in EKS/AKS). Experience with Infrastructure‑as‑Code (Terraform, ARM, Bicep, CloudFormation). Knowledge of DevSecOps and CI/CD tools (GitHub Actions, Azure DevOps, Jenkins). Knowledge of security monitoring platforms (SIEM tools like Sentinel, Splunk). Certifications such as HashiCorp Vault Associate, AWS or Azure security certifications, Security+ or equivalent. Strong analytical and problem‑solving abilities. Demonstrated attention to detail and risk awareness. Effective communication and collaboration skills. Ability to translate security requirements into practical solutions. Continuous learning mindset in a rapidly evolving security landscape. Other Information
Job Level: Non‑Management Exempt Workshift: 1st Shift (United States of America) Job Family: IFT > IT Security & Compliance Equal Employment Opportunity Statement
Elevance Health is an Equal Employment Opportunity employer, and all qualified applicants will receive consideration for employment without regard to age, citizenship status, color, creed, disability, ethnicity, genetic information, gender (including gender identity and gender expression), marital status, national origin, race, religion, sex, sexual orientation, veteran status, or any other status or condition protected by applicable federal, state, or local laws.
#J-18808-Ljbffr
Compétences linguistiques
- English
Avis aux utilisateurs
Cette offre provient d’une plateforme partenaire de TieTalent. Cliquez sur « Postuler maintenant » pour soumettre votre candidature directement sur leur site.