Security Engineer – Secrets Management

Security Engineer executes security controls to prevent hackers from infiltrating company information or jeopardizing e-commerce programs. Researches attempted efforts to compromise security protocols. Maintains security systems for routers and switches. Administers security policies to control access to systems. Maintains the company's firewall. Uses applicable encryption methods. Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information.

You will report to the CUSTOMER IAM ENGINEERING TECHNICAL LEADER and have a hybrid schedule working in Katowice, Poland or Prague, Czechia.

Your Responsibilities:

• Lead Secrets Management: Be the subject matter expert for API secrets management across the organization.
• Deploy & Maintain Vault Solutions: Configure, deploy, and manage HashiCorp Vault clusters, including securing secrets, tokens, policies, and access controls.
• Integrate Across Platforms: Collaborate with cross-functional teams to seamlessly integrate Vault with applications, CI/CD pipelines, SALT Security, and DevOps workflows.
• Enhance Security Compliance: Develop and enforce policies for secure secrets lifecycle management to ensure compliance with best practices.
• Drive Collaboration: Work closely with developers, security teams, and system architects to align Vault solutions with organizational goals.

The Essentials - You Will Have:

• Minimum of 3 years of hands-on experience in designing and implementing secrets management solutions.
• Proven proficiency in HashiCorp Vault, Terraform Enterprise, or any other secrets management tools like CyberArk Conjur.
• Knowledge of OIDC, JWT, and OAuth protocols, along with asymmetric cryptography concepts.
• Strong skills with CI/CD pipelines, Kubernetes (K8s/AKS/GKE), and cloud platforms like Azure and GCP.
• Proficiency in at least one programming language and experience with code management tools like GitHub.
• Familiarity with tools such as Jenkins, Ansible, Docker, and Puppet.
• Understanding of Agile methodology and working knowledge of JIRA.

The Preferred - You Might Also Have:

• Knowledge and experience with SALT Security.
• Expertise in privileged access management tools (CyberArk, Centrify/Delinea).
• Bachelor's degree in Computer Science, Information Technology, or a related field.

What We Offer:

Our benefits package includes …

• Comprehensive mindfulness programs with a premium membership to Calm
• Volunteer Paid Time off available after 6 months of employment for eligible employees
• Company volunteer and donation matching program – Your volunteer hours or personal cash donations to an eligible charity can be matched with a charitable donation.
• Employee Assistance Program
• Personalized wellbeing programs through our OnTrack program
• On-demand digital course library for professional development

... and other local benefits!

At Rockwell Automation we are dedicated to building a diverse, inclusive and authentic workplace, so if you're excited about this role but your experience doesn't align perfectly with every qualification in the job description, we encourage you to apply anyway. You may be just the right person for this or other roles.