Fintal Partners
Base pay range
$250,000.00/yr - $400,000.00/yr
We are looking for a passionate and pragmatic Infrastructure Security Engineer to join our clients' Platform team. In this role, you’ll help design, implement, and scale security controls across a global infrastructure. You will work closely with engineers responsible for Linux, Kubernetes, CI/CD, storage, and shared compute systems to ensure that security is embedded into the foundations of how the platforms are operated and expanded.
This position is ideal for someone who enjoys solving complex infrastructure challenges through a security lens. You’ll take a hands‑on approach to strengthening authentication, secrets management, and access controls — while developing the tooling and automation that make secure‑by‑default the standard for engineering teams.
As part of a small, fast‑moving group within the Platform department, you’ll directly influence the auditability, integrity, and resilience of the systems that underpin critical business operations.
Core Responsibilities
Enhance authentication and secure identity propagation in critical systems using OIDC‑OAuth2, LDAP, and Kerberos protocols
Manage and streamline PKI and TLS certificate processes, enabling secure service‑to‑service and user authentication across environments
Design and implement authorization and secure access flows across the infrastructure and data technology stack
Build automation around HashiCorp Vault for secrets lifecycle management and integration into engineering workflows
Develop infrastructure‑as‑code and policy‑as‑code solutions to enforce access and secrets policies at scale
Partner with Platform and Engineering teams to establish secure default configurations and benchmarks
Contribute to documentation, RFCs, and onboarding to ensure safe and effective adoption of new security measures
Participate in platform threat modeling and security design reviews
Skills and Experience
3–7 years of experience in Infrastructure Security, DevSecOps, or Site Reliability Engineering with security‑focused projects
Proficient with building automations in Python, Java, or Golang and infrastructure‑as‑code (preferably Terraform) when applicable
Practical expertise in secret management (ideally HashiCorp Vault) and secure workflow integrations
Hands‑on experience with authentication protocols (OIDC, Kerberos, LDAP), IAM solution design, and access governance concepts
Solid understanding of PKI and TLS certificate management, including issuance, rotation, and secure integration into workflows
Familiarity with Linux access controls, permissions, and secure access patterns
Strong collaboration skills, with the ability to bridge technical system requirements and security objectives across teams
#J-18808-Ljbffr
We are looking for a passionate and pragmatic Infrastructure Security Engineer to join our clients' Platform team. In this role, you’ll help design, implement, and scale security controls across a global infrastructure. You will work closely with engineers responsible for Linux, Kubernetes, CI/CD, storage, and shared compute systems to ensure that security is embedded into the foundations of how the platforms are operated and expanded.
This position is ideal for someone who enjoys solving complex infrastructure challenges through a security lens. You’ll take a hands‑on approach to strengthening authentication, secrets management, and access controls — while developing the tooling and automation that make secure‑by‑default the standard for engineering teams.
As part of a small, fast‑moving group within the Platform department, you’ll directly influence the auditability, integrity, and resilience of the systems that underpin critical business operations.
Core Responsibilities
Enhance authentication and secure identity propagation in critical systems using OIDC‑OAuth2, LDAP, and Kerberos protocols
Manage and streamline PKI and TLS certificate processes, enabling secure service‑to‑service and user authentication across environments
Design and implement authorization and secure access flows across the infrastructure and data technology stack
Build automation around HashiCorp Vault for secrets lifecycle management and integration into engineering workflows
Develop infrastructure‑as‑code and policy‑as‑code solutions to enforce access and secrets policies at scale
Partner with Platform and Engineering teams to establish secure default configurations and benchmarks
Contribute to documentation, RFCs, and onboarding to ensure safe and effective adoption of new security measures
Participate in platform threat modeling and security design reviews
Skills and Experience
3–7 years of experience in Infrastructure Security, DevSecOps, or Site Reliability Engineering with security‑focused projects
Proficient with building automations in Python, Java, or Golang and infrastructure‑as‑code (preferably Terraform) when applicable
Practical expertise in secret management (ideally HashiCorp Vault) and secure workflow integrations
Hands‑on experience with authentication protocols (OIDC, Kerberos, LDAP), IAM solution design, and access governance concepts
Solid understanding of PKI and TLS certificate management, including issuance, rotation, and secure integration into workflows
Familiarity with Linux access controls, permissions, and secure access patterns
Strong collaboration skills, with the ability to bridge technical system requirements and security objectives across teams
#J-18808-Ljbffr