Senior / Lead Vault DevOps Engineer - HashiCorp

• Title: Senior / Lead Vault DevOps Engineer - HashiCorp

  Ref: 26/06/SLV

  About Us

  At Allstate Northern Ireland, we believe it’s more than just a job.  We believe in allowing our people to choose the direction of their careers.  It’s about you, your future and where you want to get to.

  Opportunity is the hallmark of the Allstate career experience.  We invest heavily in our employees, offering long term career development, personal growth and investment in new technologies.  Every day is different, with new ideas, challenges, and rewards — no matter which team you join.

  We believe that inclusive diversity is crucial to creating a culture of mutual respect where the strengths and talents of each individual are recognised.  We like to leave things better than we found them and deliver results.  We do all of this while having fun and exploring personal passions.

  Join our team and you’ll find challenge and reward in a culture of innovation, support and balance.

  Location

  Belfast / Derry / Londonderry / Strabane

  Your role in the team

  As a Senior IAM Vault DevOps engineer, you will be the subject matter expert around Vault technology, Vault policy and integrating Vault with applications.  This individual will provide consultation to application teams and develop automation around Vault itself to create and configure new secrets engines and policies. 

  The Vault DevOps engineer will support the deployment, integration, and automation of HashiCorp Vault and will work closely with DevOps, cloud infrastructure architects and engineers to design, implement and manage secure, scalable, and reliable cloud infrastructure environments. 

  In designing and building cloud security solutions, you will balance the need for speed and flexibility of cloud infrastructure and IaaS/PaaS/SaaS applications with the need to protect Allstate against existing and potential security threats. 

  This role requires the ability to understand/synthesize radical ideas, the aptitude to understand new security strategies and the tenacity to get the job done.  The ideal candidate will have worked with a wide range of continuous delivery and DevOps tools and technologies.

  Responsibilities include (but aren't limited to):

  • Understand system security vulnerabilities and associated threats and assess the overall security risks to the system
  • Perform system vulnerability scanning using approved software tools and ability to automate
  • Understand software installations, systems monitoring and troubleshooting, account management, and overall efforts to minimize system downtime
  • Understand DevOps ideologies with the ability to drive and communicate change supporting DevOps/SecOps methodology within the organization
  • Serve as the interface to governance, compliance, and risk management teams to ensure the system consistently meets the requirements for certification and accreditation
  • Developing, maintaining self-service GIT based solution that allows teams to configure and manage their private namespaces
  • Engineering and operating HashiCorp Vault Highly Available instances across multiple on-prem datacenters and in cloud
  • Set standards and guidance for on-prem integration with Vault
  • Have knowledge of API calls for Cloud API, Vault API and Apigee
  • Build out secrets engine features i.e. Transit, Database, Active Directory
  • Engineering, deploying, configuring Vault utilizing secure pipelines and terraform
  • Developing custom vault plugins as required
  • Help customers onboard to Vault via email support, Microsoft Teams support, and consultation calls
  • Support and troubleshoot any vault issues, upgrades and patching
  • Provide automation solutions and documentation to developers, software engineers and technical personnel
  • Experience in creating and maintaining Jenkins pipelines for creating new namespaces, AppRole authentication, and AWS authentication
  • Maintain Vault product documentation written with markdown on a GitHub repo
  • Maintain bash scripts for LDAP system account rotation
  • Partner with other DevOps application teams that integrate with Vault.

  So, what are the essential criteria to apply?

  • Must be a UK/RoI/EU citizen or possess a current UK visa and eligible to take up full time, permanent employment. EU candidates must also demonstrate they are eligible to take up UK employment post-Brexit.
  • 5+ years Software Development experience
  • 3+ years’ experience managing Linux environments (or any variant of Unix)
  • Experience working across interdisciplinary teams such as development, infrastructure, testing, or business functions in a DevOps capacity.
  • Strong "Infrastructure as Code" (IAC) experience.
  • Deep understanding of Software Development Life Cycle.
  • Experience managing shared, multi-tenant services.
  • Experience managing public Cloud infrastructure.
  • Experience with Configuration Management.
  • Good understanding of application security.
  • Basic Understanding of Identity Management.

  We also have some desirable criteria

  • Bachelor's degree or equivalent in Computer Science, Information Systems Management, Information Technology or other related discipline with 5 or more additional years related professional experience.
  • 2+ Years Working with System / Service Monitoring. Such as Kibana, Splunk, etc.
  • Experience implementing Multi-factor Authentication (MFA), using different authentication types
  • 5 + years’ experience as a Security Engineer supporting software architecture development environments.
  • HashiCorp Vault development expertise
  • Terraform Enterprise experience with Experience running High Availability infrastructure.
  • Vault PKI expertise.
  • Jenkins, Python, Java, shell scripting experience.
  • Experience with creation and management of virtual infrastructure on-premise, AWS and Pivotal Cloud Foundry
  • Experience with automating deployment, scaling and management of Container applications - Docker/Kubernetes.
  • Ability to work independently or within a team.
  • Strong written and oral communication skills.
  • Organized, responsive and highly thorough problem solver.
  • Continuous learning with interest/ability to upgrade skills.

  What we offer

  As a leading employer we offer a generous benefits package that includes flexible annual leave entitlement, dental and healthcare insurance, an attractive pension package and discounts on gym memberships, public transport and parking.

  Allstate invests heavily in your development, as an employee you will have access to multiple world-class learning platforms and courses from our award-winning in-house Learning & Development team.

  We pride ourselves in providing clear career paths and opportunities for internal mobility allowing you to further develop within the organisation.

  We encourage a better work life balance and you’ll have the opportunity to apply for various flexible working arrangements.

  Apply Here: https://bit.ly/2QnBb1H  
  

  Statement on Fair Employment and Equal Opportunities

  Allstate NI wishes to ensure equal opportunity is given to all job applicants.  This company will not discriminate on the grounds of race, gender (including gender reassignment status), sexual orientation, religious belief, political opinion, marital status, age or disability.

  We are an equal opportunities employer. We welcome applications from all suitably qualified persons. However, as women are currently under-represented in our workforce, we would particularly welcome applications from women. All appointments will be made on merit.

  Applicants should note Allstate NI complete AccessNI background checks on all candidates offered a position.

   

  The closing date for receipt of applications is Friday 28th August 2020