IAM Principal Secrets Management - PAM

IAM Principal Secrets Management - PAM

This role has been designed as 'Hybrid' with an expectation that you will work on average 2 days per week from an HPE office.

Hewlett Packard Enterprise is the global edge-to-cloud company advancing the way people live and work. We help companies connect, protect, analyze, and act on their data and applications wherever they live, from edge to cloud, so they can turn insights into outcomes at the speed required to thrive in today's complex world. Our culture thrives on finding new and better ways to accelerate what's next.

We know varied backgrounds are valued and succeed here. We have the flexibility to manage our work and personal needs. We make bold moves, together, and are a force for good. If you are looking to stretch and grow your career our culture will embrace you. Open up opportunities with HPE.

Are you ready to make an impact with one of the world's leading technology companies? HPE's Cybersecurity team is where you can do just that. We're looking for an experienced and visionary Principal Secrets Management Architect to join our global Cybersecurity organization. If you're passionate about protecting credentials, designing enterprise-scale secrets management solutions, and leading modernization across hybrid environments, this is the role for you.

As a Principal Secrets Management Architect in the Identity and Access Management team, you will serve as the enterprise subject matter expert (SME) and technical leader for secrets management and credential security across HPE. You will be responsible for the architecture, design, and implementation of secure, scalable, and automated secrets management solutions leveraging Hashi Corp Vault and other enterprise-grade technologies. This role will lead end‑to‑end strategy and execution for secrets management—from platform design and integration to lifecycle governance and automation.

You will work closely with IAM, PAM, Dev Sec Ops , and application security teams to embed secrets management into enterprise identity and access controls.

• Define the enterprise secrets management strategy, standards, and reference architectures aligned to HPE's Zero Trust and IAM frameworks
• Architect and design scalable secrets management solutions for hybrid environments—on‑premises, private cloud, and public cloud (AWS, Azure, GCP)
• Lead the adoption of Hashi Corp Vault Enterprise as the core platform for secrets storage, rotation, and access governance
• Establish patterns for dynamic secrets, short‑lived credentials, and API‑based access control
• Partner with enterprise architects, IAM, and Dev Sec Ops  leaders to define integration patterns and security models across platforms

• Serve as the technical lead and SME for the design, configuration, and deployment of Hashi Corp Vault Enterprise (Performance Replication, DR, Name spaces, PKI, Secrets Engines, and Authentication Methods)
• Lead the integration of secrets management with PAM, CI/CD pipelines, cloud workloads, and container platforms (Kubernetes, Docker)
• Implement policy‑based access controls (RBAC, name spaces, App Roles, OIDC, JWT) and automated credential rotation
• Design and deploy audit logging, monitoring, and event correlation with SIEM/SOAR platforms
• Support migration from legacy password vaults or static key stores to centralized secrets management platforms
• Oversee performance tuning, disaster recovery, and lifecycle management for enterprise secrets management services

• Define and enforce governance, access policies, and lifecycle controls for secrets and credentials
• Ensure secrets management aligns with corporate and regulatory compliance standards (SOX, FedRAMP, ISO 27001, NIST 800‑53)
• Conduct threat modeling and risk assessments for secret exposure and credential misuse scenarios
• Partner with audit and compliance teams to demonstrate control effectiveness and continuous compliance

• Act as the enterprise SME and advisor to cybersecurity, IAM, Dev Sec Ops , and infrastructure teams…