Hi,
My name is Rohit Chauhan, and I am a Staffing Specialist at Novia Infotech LLC. I am reaching out to you on an exciting job opportunity with one of our clients.
Job Title: Senior DevSecOps & IAM Engineer (Venafi SSH Security)
Location: San
Antonio, TX (Onsite)
Bill Rate: $47/hr
Position Summary
We are seeking a highly skilled Senior DevSecOps & Identity Access Management (IAM) Engineer with expertise in SSH key lifecycle management, Venafi SSH Protect, Identity Security, DevSecOps automation, and cloud-native security engineering. The ideal candidate will be responsible for securing enterprise infrastructure through automated SSH key discovery, certificate management, key rotation, privileged access controls, and modern Zero Trust identity initiatives.
This role requires strong experience with Venafi integrations, workforce identity management, CI/CD security, Java-based development, API integrations, and cloud transformation programs. The candidate will work closely with security, infrastructure, cloud, and application teams to build scalable, secure, and compliant identity solutions.
Key Responsibilities
SSH Key Lifecycle & Venafi Administration
- Implement and manage enterprise SSH key lifecycle processes including discovery, provisioning, rotation, remediation, expiration, and revocation.
- Configure, administer, and optimize Venafi SSH Protect and Venafi SSH Certificate Authority (SSH CA) solutions.
- Develop automated SSH key rotation strategies and enforce enterprise key management policies.
- Perform SSH key discovery using agent-based and agentless scanning methodologies across Windows, Unix, Linux, cloud, and hybrid environments.
- Maintain a centralized inventory of SSH keys, certificates, owners, algorithms, key sizes, and associated systems.
- Implement SSH certificate-based authentication using Venafi SSH CA capabilities.
Identity & Access Management Engineering
- Design, develop, and support Workforce Identity and Access Management (IAM) solutions.
- Implement and manage:
- Single Sign-On (SSO)
- Multi-Factor Authentication (MFA)
- Role-Based Access Control (RBAC)
- Passwordless Authentication
- Self-Service Password Reset (SSPR)
- Device Trust
- Identity Federation
- Support identity lifecycle management including onboarding, role changes, transfers, and deprovisioning.
- Integrate IAM solutions with enterprise applications, cloud services, and privileged access management platforms.
DevSecOps & Cloud Security Engineering
- Design and implement secure CI/CD pipelines incorporating automated security controls.
- Integrate security scanning, compliance validation, and identity controls into DevSecOps workflows.
- Support cloud transformation initiatives and cloud-native security architectures.
- Utilize Docker, Ansible, Git, and Azure DevOps tools to automate infrastructure and application delivery.
- Develop Infrastructure as Code (IaC) and configuration management solutions supporting security automation.
API Development & Java Engineering
- Design and develop secure APIs and integration services supporting IAM and security platforms.
- Develop enterprise solutions using Java and J2EE technologies.
- Build automation services for identity lifecycle management, SSH key governance, and certificate management.
- Support system integrations using REST APIs and enterprise integration patterns.
Security Operations & Compliance
- Conduct SSH key risk assessments and identify:
- Weak Keys
- Duplicate Keys
- Orphaned Keys
- Stale Keys
- Excessive Privileges
- Unauthorized Root Access
- Prioritize remediation efforts based on risk and business impact.
- Implement security controls aligned with Zero Trust principles and enterprise security policies.
- Generate compliance reports, audit evidence, and governance documentation.
Venafi & Enterprise Security Integrations
- Integrate Venafi with:
- Active Directory
- CyberArk
- ServiceNow
- IAM Platforms
- PAM Solutions
- Cloud Security Tools
- Configure automated workflows for certificate issuance, renewal, revocation, and monitoring.
- Support enterprise-wide SSH governance and certificate lifecycle management initiatives.
Monitoring, Reporting & Governance
- Monitor SSH key usage, certificate activity, and compliance status.
- Develop dashboards and reporting mechanisms for inventory tracking and audit readiness.
- Create governance processes around SSH key issuance, usage, rotation, and retirement.
- Support regulatory compliance and internal audit requirements.
Required Technical Skills
SSH Security & Venafi
- Venafi SSH Protect
- SSH Key Lifecycle Management
- SSH Certificate Authority (SSH CA)
- SSH Key Discovery
- SSH Key Rotation
- SSH Key Inventory Management
- SSH Certificate Management
- Public Key Infrastructure (PKI)
- Cryptography Fundamentals
Identity & Access Management
- Workforce IAM
- Identity Lifecycle Management
- Identity Federation
- Privileged Access Management (PAM)
- RBAC
- MFA
- SSO
- Passwordless Authentication
- Device Trust
- SSPR
- Zero Trust Security
DevSecOps & Automation
- DevSecOps
- CI/CD Pipelines
- Docker
- Ansible
- Git
- Azure DevOps
- Security Automation
- Infrastructure Automation
Development & Integration
- Java
- J2EE
- REST API Development
- API Security
- PowerShell Scripting
- Integration Engineering
Cloud Technologies
- Azure Cloud
- Cloud Security
- Cloud Transformation
- Infrastructure as Code (IaC)
Enterprise Platforms
- Active Directory
- CyberArk
- ServiceNow
- IAM Platforms
- PAM Solutions
Operating Systems
- Windows Server
- Linux
- Unix
Preferred Qualifications
- Experience implementing enterprise-wide SSH certificate authentication.
- Hands-on experience with agentless SSH discovery frameworks.
- Experience with CyberArk and privileged access governance.
- Knowledge of PKI and certificate lifecycle management best practices.
- Experience integrating IAM and DevSecOps platforms in large enterprise environments.
- Strong understanding of security compliance, governance, and audit controls.
|
Rohit Chauhan IT Recruiter A: 4421 Avenida Ln, McKinney, TX, 75070
|
You received this message because you are subscribed to the Google Groups "NoviaJobs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to noviajobs+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/noviajobs/CAJ0-OE8kvcPxVpgAyFkPMMfi08nCoV0ZFLAL2G-maw-%2BPT7nHg%40mail.gmail.com.
No comments:
Post a Comment