Site Reliability Engineer; SRE - Identity, Cryptography & Key Management

Position: Site Reliability Engineer (SRE) - Identity, Cryptography & Key Management
Description

The Senior Site Reliability Engineer (SRE) - Identity, Cryptography Multi?

Cloud Key Management is responsible for the reliability, security, scalability, and operational excellence of enterprise identity platforms, cryptographic services, and key management solutions across hybrid and multi?cloud environments.

This individual will work embedded with engineering teams and act as a hands?on technical authority for Identity Management, KMSaaS, cryptography, and external cloud services. The role focuses on designing for reliability, automating operational controls, remediating vulnerabilities, and enforcing approved technology standards across identity and cryptographic workloads.

The SRE will champion Site Reliability Engineering principles, including error budgets, SLOs/SLIs, automation, observability, and continuous improvement, while serving as a trusted advisor to engineering, security, and architecture teams.

Primary Skill Microsoft Azure

Desired Skills

* Experience with Thales HSM and CTM Platform

* Deep experience with Azure, AWS and GCP Cryptography

* Familiarity with ITDR (Identity Threat Detection and Response) concepts and tooling.

* Knowledge of policy?as?code and compliance automation.

* Experience supporting highly regulated environments (financial services, healthcare, or similar).

* Strong scripting and programming skills (Python, Go, Bash, or similar).

* Experience defining and implementing enterprise technology standards.

* Prior leadership or mentorship experience in SRE or platform engineering teams.?

Required Skills

* Serve as the SRE and technical SME for Identity Management, KMSaaS, cryptography, and external cloud key management platforms (AWS, Azure, GCP, Thales).

* Partner with engineering teams to design, deploy, and operate highly available, resilient, and secure identity and cryptographic services.

* Lead and execute remediation of vulnerabilities, security findings, and audit issues related to identity, encryption, key management, and secrets handling.

* Identify and drive the elimination of non?permitted or non?standard technologies, working with stakeholders to migrate to approved platforms.

* Define and enforce SLOs, SLIs, error budgets, and reliability metrics for identity and cryptographic services.

* Implement and mature observability, including monitoring, alerting, logging, and tracing, across identity and KMS platforms.

* Automate operational tasks using Infrastructure as Code (IaC), CI/CD pipelines, and policy?as?code approaches.

* Support incident response, root cause analysis (RCA), and post?incident remediation for identity and cryptographic service disruptions.

* Collaborate with security teams to ensure compliance with regulatory, cryptographic, and enterprise security standards.

* Provide technical leadership, mentoring, and guidance to engineers and operations staff.

Primary (Required) Skills

* Site Reliability Engineering (SRE) experience supporting mission?critical platforms.

* Deep expertise in Identity Management and Access Control (IAM, directory services, authentication, authorization).

* Strong knowledge of cryptography concepts (encryption, key lifecycle management, HSMs, secrets management).

Hands on experience with Key Management Services (KMSaaS) across:

* AWS KMS

* Azure Key Vault

* Google Cloud KMS

* Thales HSM / Cipher Trust or equivalent external key management platforms

* Experience operating services in multi?cloud and hybrid environments.

* Strong background in Linux/Unix systems, networking, and distributed systems.

* Proficiency with Infrastructure as Code (Terraform, ARM, Cloud Formation, or equivalent).

* Experience with CI/CD pipelines and automation frameworks.

* Proven ability to remediate security vulnerabilities and compliance findings in enterprise environments.

* Excellent collaboration and communication skills, with the ability to influence engineering and security stakeholders.