×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Systems Engineer Cybersecurity

Infrastructure Engineer; Vault

Job in San Francisco, San Francisco County, California, 94199, USA
Listing for: Crusoe
Full Time position
Listed on 2026-03-01
Job specializations:
  • IT/Tech
    Systems Engineer, Cybersecurity
Salary/Wage Range or Industry Benchmark: 80000 - 100000 USD Yearly USD 80000.00 100000.00 YEAR
Job Description & How to Apply Below
Position: Staff Infrastructure Engineer (Vault)

Job Overview

Crusoe's mission is to accelerate the abundance of energy and intelligence. We’re crafting the engine that powers a world where people can create ambitiously with AI — without sacrificing scale, speed, or sustainability. Be a part of the AI revolution with sustainable technology e, you'll drive meaningful innovation, make a tangible impact, and join a team that’s setting the pace for responsible, transformative cloud infrastructure.

Position

Staff Infrastructure Security Engineer

We are seeking a highly skilled Staff Infrastructure Security Engineer to architect, deploy, and operationalize the foundational security services that will underpin our shift to a Zero Trust model. In this strategic role, you will define and establish the "roots of trust" for our organization, serving as a technical leader in Secrets Management and Identity architecture. While your immediate focus is to serve as the Subject Matter Expert (SME) driving our enterprise Hashi Corp Vault platform from Proof-of-Concept (PoC) to global production readiness, your long-term scope is far broader.

You will be responsible for evolving our credentials management strategy, onboarding engineering teams to secure self-service workflows, and designing scalable trust patterns across our hybrid multi-cloud environment.

Key Responsibilities
  • Strategic Architecture & Governance
  • Zero Trust Architecture:
    Architect a highly available, disaster-resilient, and scalable multi-cluster secrets management platform that serves as the foundation for the organization’s Zero Trust strategy.
  • Technical Leadership:
    Drive consensus across Cloud Engineering, Dev Ops, and SRE teams to define standardized secret management workflows and integrate security patterns into the SDLC.
  • Compliance & Governance:
    Ensure the platform design meets rigorous internal policies and external compliance frameworks (e.g., SOX, ISO 27001).
  • Policy as Code:
    Design and implement advanced governance controls, including Sentinel Policy as Code, to automate security guardrails and access decisions.
  • Platform Engineering & Implementation
  • Infrastructure as Code (IaC):
    Lead the engineering of the Vault infrastructure using Terraform, ensuring all deployments are reproducible, version-controlled, and automated.
  • Identity Integration:
    Architect the integration between the secrets platform, Identity Providers (Okta), and workload identities (Kubernetes Service Accounts) to establish robust machine-to-machine authentication.
  • Advanced Secrets Capabilities:
    Configure and tune essential secrets engines (KV, Transit, KMIP) and Enterprise features (Performance Replication, Seal automation) to support diverse engineering use cases.
  • Operational Excellence & Developer Enablement
  • Vault as a Service (VaaS):
    Operationalize the platform by building self-service mechanisms, distinct "paved road" onboarding procedures, and documentation that allows engineering teams to easily consume security services.
  • Observability:
    Implement comprehensive monitoring, alerting, and audit logging to ensure platform health, provide visibility into usage patterns, and satisfy audit requirements.
  • Lifecycle Management:
    Own the full operational lifecycle of the production environment, including patching, version upgrades, backup/restore procedures, and incident response runbooks.
Required Qualifications
  • 6+ years (or equivalent) hands‑on experience in cloud security, Dev Ops, or infrastructure engineering.
  • Deep expertise and proven track record deploying and managing Hashi Corp Vault in an enterprise environment (experience with the Enterprise edition is highly preferred).
  • Expert‑level knowledge of Secrets Management, X.509 PKI (Public Key Infrastructure), Certificate Authority Operations, and Cryptography concepts.
  • Strong experience with Google Cloud Platform (GCP) and cloud native identity and access management (IAM).
  • Proficiency with Infrastructure as Code (IaC) tools, especially Terraform, for automating the deployment and configuration of Vault and its dependent infrastructure.
Technical Skills
  • Fluent in at least one programming language (ideally Go or Python).
  • Demonstrable experience with Kubernetes and container security…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search