Fintal Partners
We are looking for a passionate and pragmatic Infrastructure Security Engineer to join our clients' Platform team. In this role, you’ll help design, implement, and scale security controls across a global infrastructure.
You will work closely with engineers responsible for Linux, Kubernetes, CI/CD, storage, and shared compute systems to ensure that security is embedded into the foundations of how the platforms are operated and expanded.
This position is ideal for someone who enjoys solving complex infrastructure challenges through a security lens. You’ll take a hands-on approach to strengthening authentication, secrets management, and access controls — while developing the tooling and automation that make secure-by-default the standard for engineering teams.
As part of a small, fast-moving group within the Platform department, you’ll directly influence the auditability, integrity, and resilience of the systems that underpin critical business operations.
Core Responsibilities
Enhance authentication and secure identity propagation in critical systems using OIDC-OAuth2, LDAP, and Kerberos protocols Manage and streamline PKI and TLS certificate processes, enabling secure service-to-service and user authentication across environments Design and implement authorization and secure access flows across the infrastructure and data technology stack Build automation around HashiCorp Vault for secrets lifecycle management and integration into engineering workflows Develop infrastructure-as-code and policy-as-code solutions to enforce access and secrets policies at scale Partner with Platform and Engineering teams to establish secure default configurations and benchmarks Contribute to documentation, RFCs, and onboarding to ensure safe and effective adoption of new security measures Participate in platform threat modeling and security design reviews Skills and Experience
3–7 years of experience in Infrastructure Security, DevSecOps, or Site Reliability Engineering with security-focused projects Proficient with building automations in Python, Java, or Golang and infrastructure-as-code (preferably Terraform) when applicable Practical expertise in secret management (ideally HashiCorp Vault) and secure workflow integrations Hands-on experience with authentication protocols (OIDC, Kerberos, LDAP), IAM solution design, and access governance concepts Solid understanding of PKI and TLS certificate management, including issuance, rotation, and secure integration into workflows Familiarity with Linux access controls, permissions, and secure access patterns Strong collaboration skills, with the ability to bridge technical system requirements and security objectives across teams Seniority level
Mid-Senior level Employment type
Full-time Benefits
Medical insurance Vision insurance 401(k)
#J-18808-Ljbffr
Enhance authentication and secure identity propagation in critical systems using OIDC-OAuth2, LDAP, and Kerberos protocols Manage and streamline PKI and TLS certificate processes, enabling secure service-to-service and user authentication across environments Design and implement authorization and secure access flows across the infrastructure and data technology stack Build automation around HashiCorp Vault for secrets lifecycle management and integration into engineering workflows Develop infrastructure-as-code and policy-as-code solutions to enforce access and secrets policies at scale Partner with Platform and Engineering teams to establish secure default configurations and benchmarks Contribute to documentation, RFCs, and onboarding to ensure safe and effective adoption of new security measures Participate in platform threat modeling and security design reviews Skills and Experience
3–7 years of experience in Infrastructure Security, DevSecOps, or Site Reliability Engineering with security-focused projects Proficient with building automations in Python, Java, or Golang and infrastructure-as-code (preferably Terraform) when applicable Practical expertise in secret management (ideally HashiCorp Vault) and secure workflow integrations Hands-on experience with authentication protocols (OIDC, Kerberos, LDAP), IAM solution design, and access governance concepts Solid understanding of PKI and TLS certificate management, including issuance, rotation, and secure integration into workflows Familiarity with Linux access controls, permissions, and secure access patterns Strong collaboration skills, with the ability to bridge technical system requirements and security objectives across teams Seniority level
Mid-Senior level Employment type
Full-time Benefits
Medical insurance Vision insurance 401(k)
#J-18808-Ljbffr