Negotiable
Undetermined
Remote
Remote or Denver, Colorado
Summary: The Sr. Systems Engineer will leverage extensive knowledge in certificate management and cryptographic platforms to enhance DaVita's infrastructure. This role involves developing a self-service portal, automating workflows, and optimizing existing platforms while ensuring best practices are followed. The engineer will also serve as a primary contact for Directory Services projects and contribute to risk mitigation and system hardening efforts. The position requires collaboration with various teams to streamline processes and support engineering initiatives.
Key Responsibilities:
- Develop and maintain a centralized self-service portal for certificate requests.
- Expose APIs for DevOps teams to integrate CI/CD automation with secrets platforms.
- Maximize ROI of existing platforms by standardizing workflows.
- Lead optimization and enhancement of cryptographic platforms.
- Contribute to risk mitigation and system hardening controls.
- Serve as an escalation point for complex issues within the Directory Services team.
- Design and maintain engineering roadmaps and manage timelines for deliverables.
- Participate in engineering forums and contribute to technology discussions.
- Perform other engineering duties as assigned.
Key Skills:
- 7-10 years of experience managing certificate and cryptographic platforms.
- Experience with Keyfactor certificate platforms preferred.
- 5+ years in engineering within Directory Services/DevOps, focusing on secrets management.
- Proficiency in PowerShell.
- Experience with HSM platform deployment and management.
- Expertise in certificate and PKI concepts and deployment architecture.
- Familiarity with CyberArk and HashiVault preferred.
- Experience with cloud infrastructure (GCP, Azure, AWS).
- Knowledge of API integrations and developing application integrations.
- Experience deploying infrastructure as code and supporting CI/CD pipelines.
- 5+ years working with cross-functional technical teams.
- Understanding of incident, request, problem, and change management.
- Effective communication skills with various stakeholders.
Salary (Rate): undetermined
City: undetermined
Country: undetermined
Working Arrangements: remote
IR35 Status: undetermined
Seniority Level: undetermined
Industry: IT
Sr. Systems Enginnner
The person in this position must have extensive knowledge of certificate management strategies across environments. We need this person to bring that experience and help us build our environment using the best practices other companies have developed. We already have a system what would be delivered by engineers with less experience. We need that additional experience to take DaVita to the next level and plan for the future. "A Senior Identity Encryption Engineer who brings deep, specialized experience in PKI and secrets management. This engineer will be tasked with transforming our current platforms into a seamless, automated service.
- Self-Service Portal: Develop and maintain a centralized, user-friendly portal for developers and infrastructure engineers to seamlessly request and provision certificates.
- API-Driven Zero-Touch Automation: Expose safe, governed APIs and plugins so that DevOps teams can integrate their own CI/CD automation jobs directly with our secrets platforms (Keyfactor, HashiVault, Azure Key Vault).
- Platform Consolidation & Optimization: Maximize the ROI of existing platforms by standardizing workflows and ensuring all enterprise applications are utilizing the correct enterprise tools rather than siloed, one-off solutions.
The Systems Engineer will be a primary point of contact to the design, development and delivery of concurrent Directory Services requests or projects.
Lead the optimization and enhancement of DaVita s cryptographic platforms, including systems integration and automation, as well as preparing for foreseeable future changes in the industry.
Contribute to design and implementation of risk mitigation and system hardening controls such as delegation management, monitoring, patching, and optimization.
Escalation point for admins on the Directory Services team. Supporting admins on complex issue resolution and helping to automate routine tasks performed by the Directory Services admins and other teams.
Responsible for helping to design and maintain engineering roadmaps and priorities for the Directory Services team.
Manage timelines and deliverables for engineering priorities as defined in the engineering roadmaps. Support the management of pilot or POC initiatives as approved by ARB.
Active participation and contribution in Engineering forums such as subcommittees, engineering meetings, new technology meetings, and steering committees.
Other engineering duties as assigned.
Skills:
7-10 years of experience managing certificate and other cryptographic platforms.
Experience with Keyfactor certificate platforms is highly preferred.
5+ years experience in an engineering capacity in the Directory Services/DevOps space developing and automating workflows for secrets management.
PowerShell experience is required.
Experience with HSM platform deployment, management, and troubleshooting.
Expert knowledge of certificate and PKI concepts along with deployment architecture design and management.
Experience with CyberArk and HashiVault preferred.
Demonstrated experience with cloud-based infrastructure such as Google Cloud Platform, Azure (especially azure KeyVault), or AWS required
Knowledge of API integrations. Demonstrated ability to develop integrations between applications leveraging existing APIs is preferred.
Proven experience deploying infrastructure as code; developing and supporting CI\CD pipelines.
5+ years experience working with cross functional technical and project teams on the development and delivery of IT solutions.
Understanding of incident, request, problem, and change management.
Ability to communicate effectively between Business Owners, Project Managers (PMs) and Operations Teams.