Description
- Design, deploy, and operate enterprise grade HashiCorp Vault environments, including:
- Primary and DR cluster pairs
- Multi AZ / multi data center resilient architectures
- Lane based isolation (Dev / UAT / Production)
- Engineer and support Password Vault solutions for:
- Privileged and service account password management
- Credential rotation and policy enforcement
- Define clear functional boundaries between:
- Human and interactive privileged access
- Non human, non interactive identities and application secrets
Resiliency, Availability & DR
- Implement high availability and disaster recovery designs for secrets platforms addressing:
- Node loss
- Data center loss
- Regional failure scenarios
- Own backup, restore, and DR testing strategies for Vault and CyberArk platforms.
- Ensure secrets platforms meet Tier 0 availability and resiliency expectations.
Identity, Access & Integration
- Integrate Vault and CyberArk with enterprise Active Directory for:
- Authentication
- Authorization
- Group and role based access controls
- Implement and manage database credential integrations using:
- Vault dynamic and static secrets engines
- CyberArk managed credentials where required
- Design secret zero resolution and identity based authentication patterns, minimizing reliance on long lived static credentials.
- Enforce least privilege, role based access models across both platforms.
Operations & Platform Reliability
- Own day 2 operations for enterprise secrets platforms, including:
- Health monitoring and alerting
- Access logging and audit readiness
- Performance tuning and capacity planning
- Participate in incident response, root cause analysis, and security events related to secrets and credential exposure.
- Maintain standard operating procedures and runbooks for enterprise teams.
Automation, Standards & Enablement
- Automate provisioning and configuration using IaC (Infrastructure as Code) and configuration management tools.
- Define standardized onboarding patterns for applications leveraging Vault or CyberArk.
- Publish reference architectures, integration patterns, and engineering standards.
- Partner with application, infrastructure, and security teams to drive adoption at scale.
________________________________________
Skills
ldap, ssl, group policy, active directory, Aws, Cloud, Devops, powershell scripting, powershell, automation, application support, vaulting, cyberark, Windows Engineering, virtualization, infrastructure engineering, identity access management, commvault
Top Skills Details
ldap,ssl,group policy,active directory,Aws,Cloud,Devops
Additional Skills & Qualifications
- Experience running HashiCorp Vault and/or CyberArk in a Cloud Service Proivder.
- Familiarity with HSM integration, auto unseal mechanisms, and key management.
- Experience in financial services or regulated environments.
- Ability to mentor engineers and influence enterprise wide security architecture decisions.
________________________________________
Soft Skills
- Strong architectural thinking with a security first mindset.
- Ability to communicate clearly with engineering, security, and executive audiences.
- Comfortable working in large, federated enterprise organizations.
- High sense of ownership for platform reliability and security posture.
- Ability to manage personal workload in stressful situations.
Experience Level
Expert Level
Job Type & Location
This is a Contract position based out of Chandler, AZ.
Pay And Benefits
The pay range for this position is $60.00 - $89.00/hr.
Requirements
Eligibility requirements apply to some benefits and may depend on your job classification and length of employment. Benefits are subject to change and may be subject to specific elections, plan, or program terms. If eligible, the benefits available for this temporary role may include the following:
- Medical, dental & vision
- Critical Illness, Accident, and Hospital
- 401(k) Retirement Plan – Pre-tax and Roth post-tax contributions available
- Life Insurance (Voluntary Life & AD&D for the employee and dependents)
- Short and long-term disability
- Health Spending Account (HSA)
- Transportation benefits
- Employee Assistance Program
- Time Off/Leave (PTO, Vacation or Sick Leave)
Workplace Type
This is a hybrid position in Chandler,AZ.
Application Deadline
This position is anticipated to close on May 15, 2026.
h4>About TEKsystems:
We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company.
The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.
About TEKsystems And TEKsystems Global Services
We’re a leading provider of business and technology services. We accelerate business transformation for our customers. Our expertise in strategy, design, execution and operations unlocks business value through a range of solutions. We’re a team of 80,000 strong, working with over 6,000 customers, including 80% of the Fortune 500 across North America, Europe and Asia, who partner with us for our scale, full-stack capabilities and speed. We’re strategic thinkers, hands-on collaborators, helping customers capitalize on change and master the momentum of technology. We’re building tomorrow by delivering business outcomes and making positive impacts in our global communities. TEKsystems and TEKsystems Global Services are Allegis Group companies. Learn more at TEKsystems.com.
The company is an equal opportunity employer and will consider all applications without regard to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.
