Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Staff Cybersecurity Engineer - PKI/Secrets Management

Dormont Manufacturing Co

Role Overview We’re looking for a senior, self-driven Cyber Security Engineer to own the strategy, design, implementation, and operation of our enterprise PKI and secrets management capabilities. This role is accountable for how trust, identity, and secure access are established and enforced across the enterprise, and for ensuring these foundations scale with the business. You will operate as a technical leader and subject‑matter expert, partnering with senior engineering and security leaders to define long‑term direction, set standards, and drive adoption. You should thrive in a fast‑paced, agile environment—comfortable making high‑impact decisions, navigating ambiguity, and rapidly adapting as technologies and requirements evolve. What You’ll Do Setting the technical vision and architecting, implementing, and operating scalable, highly available PKI and secrets management services for the enterprise. Owning design decisions that shape internal trust models, cryptographic architectures, and access patterns for the most sensitive data and systems. Defining, implementing, and continuously improving policies, processes, and controls for the full lifecycle of keys, certificates, and secrets across diverse platforms. Influencing and aligning engineering, infrastructure, and leadership teams to deliver robust, observable, and compliant cryptographic systems. Mentoring and developing engineers, raising the bar for technical excellence, and driving consistent best practices for cryptographic and secrets management across the organization. Advising senior leadership on long‑term security architecture strategy, trade‑offs, and investment priorities related to identity, PKI, and secrets management. Providing operational leadership, including participation in on‑call rotations for global, mission‑critical services and driving post‑incident improvements. Leading HSM strategy, including architecture, platform selection, appliance consolidation, and multi‑year roadmap planning in alignment with enterprise security and compliance goals. Required Qualifications Bachelor’s degree in Computer Science, Mathematics, Physics, or equivalent senior‑level industry experience. 7+ years experience in enterprise security engineering or Site Reliability Engineering (SRE), with direct responsibility for high‑availability security or cryptographic services. 7+ years experience with enterprise secrets management platforms (e.g., HashiCorp Vault, AWS Secrets Manager, Azure Key Vault, BeyondTrust), including architecture, operations, and integration at scale. Strong understanding of public‑key cryptography, PKI, and modern cryptographic protocols, with the ability to make pragmatic, risk‑informed design decisions. Demonstrated experience designing, operating, and evolving production PKI systems (root and issuing CAs, CRL/OCSP, certificate lifecycle, and policy governance). Proficiency with infrastructure‑as‑code (e.g., Terraform) and engineering practices that enable repeatable, auditable, and secure deployments. Working knowledge of major cloud platforms (AWS, GCP, Azure) and how to integrate PKI and secrets management with cloud‑native services. Experience with containerization, orchestration (e.g., Kubernetes), and CI/CD workflows, including secure delivery patterns and secrets handling. Excellent communication skills, with a track record of presenting complex technical concepts, trade‑offs, and recommendations to engineering and executive audiences. Strong threat modeling and security architecture skills, with the ability to anticipate abuse cases and design for resilience. Hands‑on management, integration, and configuration experience with HSM platforms (Entrust, Thales, etc.), including key ceremonies, partitioning, and role design. Experience working with and implementing security standards and frameworks (e.g., FIPS 140‑2/3, PCI‑DSS, and related controls), and translating them into actionable technical requirements. Preferred Qualifications HashiCorp Vault certification or clearly demonstrable expert‑level proficiency with Vault in complex, production environments. Deep expertise in HashiCorp Vault and Terraform, including multi‑tenant architectures, performance optimization, and automation of large‑scale deployments. Experience scaling backend systems and implementing secure hardware solutions (HSM, TPM, TEE, etc.) in high‑availability, regulated environments. Familiarity with modern authentication and authorization protocols (OAuth 2.0, OIDC, WebAuthn/FIDO2, Zero Trust architectures) and how they integrate with PKI and secrets management. Experience with remote attestation, secure enclaves, and hardware‑backed key protection in cloud or hybrid environments. Proficiency in at least one modern programming language (e.g., Go, Rust, Python, Node.js) for building integrations, tooling, and automation around cryptographic and secrets platforms. Demonstrated passion for security, rigor, and correctness, with a strong bias toward automation, measurable outcomes, and operational excellence. Equal Employment Opportunity Statement General Motors is committed to being a workplace that is not only free of unlawful discrimination, but one that genuinely fosters inclusion and belonging. We strongly believe that providing an inclusive workplace creates an environment in which our employees can thrive and develop better products for our customers. All employment decisions are made on a non‑discriminatory basis without regard to sex, race, color, national origin, citizenship status, religion, age, disability, pregnancy or maternity status, sexual orientation, gender identity, status as a veteran or protected veteran, or any other similarly protected status in accordance with federal, state and local laws. We encourage interested candidates to review the key responsibilities and qualifications for each role and apply for any positions that match their skills and capabilities. Applicants in the recruitment process may be required, where applicable, to successfully complete a role‑related assessment(s) and/or a pre‑employment screening prior to beginning employment. To learn more, visit How we Hire . Accommodations General Motors offers opportunities to all job seekers including individuals with disabilities. If you need a reasonable accommodation to assist with your job search or application for employment, email us or call us at View phone number on click.appcast.io. In your email, please include a description of the specific accommodation you are requesting as well as the job title and requisition number of the position for which you are applying. #J-18808-Ljbffr Dormont Manufacturing Co

Vacancy posted 1 day ago
Similar jobs that could be interesting for youBased on the Staff Cybersecurity Engineer - PKI/Secrets Management in Brooklyn, NY vacancy
  • $115.5k - $165k

     ...Zscaler and help shape the future of cybersecurity. Our Engineering team built the world’s largest cloud...  ...environments (e.g., Tenable.sc / Nessus Manager or similar) Building Python/Go/...  ...U.S. citizenship and active U.S. Top Secret (TS) clearance (must be maintained) 5... 
    Suggested
    Work at office
    Local area
    Worldwide

    Framework Ventures

    New York, NY
    4 days ago
  • A leading cybersecurity firm is seeking a Staff Software Engineer specializing in Identity & Access Management. In this role, you will oversee the IAM architecture and strategy, ensuring secure and scalable systems. You will collaborate with engineering teams to establish... 
    Suggested

    SimSpace Corporation

    New York, NY
    4 days ago
  • $180k - $220k

    A cybersecurity leader based in New York is searching for a Staff AI Engineer to lead AI capabilities and product initiatives. You will design, build, and improve AI systems, defining technical architecture and collaborating with leadership for roadmap development. The... 
    Suggested

    SecurityScorecard Inc.

    New York, NY
    2 days ago
  •  ...protecting our firm and clients from evolving security threats. As a Cybersecurity & Global Security Attorney, you’ll tackle complex legal and...  .... Advise on cybersecurity incident response, crisis management, and regulatory engagement. Provide day-to-day legal advice... 
    Suggested
    Contract work
    Immediate start
    Worldwide

    NACBA

    New York, NY
    1 day ago
  • $200k - $225k

     ...The platform handles invoice capture, approval routing, vendor management, multi‑entity accounting, and payment execution. They are...  ...and this role will lead it. About the Role We are hiring a Staff Engineer to own the architecture, design, and delivery of AI‑powered and... 
    Suggested
    For contractors

    DKKD Staffing

    New York, NY
    2 days ago
  • $217k - $303.9k

    Reddit is hiring a Staff Software Engineer focused on Identity & Access Management from a remote location in the United States. In this role, you will design and support identity and access solutions, collaborating with cross-functional teams to secure identity infrastructures... 
    Remote work

    Reddit

    New York, NY
    3 days ago
  • Join Datadog as a Staff Engineer in New York, where you will redefine how customers interact with log data. Collaborate with Product Managers, lead initiatives in ingestion pipelines and log management, and mentor engineers to foster a high-performing culture. The position... 

    Waaratechnologies

    New York, NY
    4 days ago
  • $40 - $55 per hour

     ...on using business drivers to guide cybersecurity activities and manage risk. CPMG offers flexible, integrative...  ...the deployment of cleared American staff for maintenance and repair of...  ...Must be able to obtain/maintain a Top-Secret Clearance. Must have the physical ability... 
    Hourly pay
    Contract work
    For contractors
    Apprenticeship
    Work at office
    Local area
    Worldwide
    Overseas
    Flexible hours

    Goldbelt

    New York, NY
    2 days ago
  • $174.32k - $246.23k

    The Staff Cloud Security Engineer is a critical, hands‑on technical role responsible...  ...environments (systems, secrets, data) to minimize...  ...operations, vulnerability management, compliance checks, and incident...  ...Information Technology, Cybersecurity, or a related field 5+... 
    Work at office
    Local area
    Remote work
    Work from home
    Home office

    Included Health

    New York, NY
    4 days ago
  • $200k - $250k

     ...while AI agents handle the operationally intensive work: data management, analytics, campaign generation, measurement and reporting. Everything...  ...systems built in partnership with OpenAI: an Agentic Data Engineer that unifies and standardizes a brand's first‑party data in... 
    Contract work
    Relocation

    Minerva Inc

    New York, NY
    2 days ago
  • Nagarro is hiring a Senior Staff Engineer - Salesforce Alliance Manager in the United States. The role involves acting as the primary liaison between Nagarro and Salesforce partners, generating co-sell pipelines, and developing joint go-to-market strategies. The ideal... 

    Nagarro

    New York, NY
    4 days ago
  • A fast-growing startup is seeking a Staff Engineer to shape technology and product experience. You will design, build, and scale full-stack applications while driving technical direction and collaborating with cross-functional teams. This is an opportunity to have a significant... 
    Remote job

    Short Story

    New York, NY
    4 days ago
  • # Staff Security Engineer, Customer Support and IntegrityApply To JobJob ID: 3467189DoorDash, Inc....  ...Security Engineer who will act as the main cybersecurity partner to the Customer Support and...  ...improve how the company proactively manages security risks at scale.* Be the... 
    Hourly pay
    Work at office
    Local area
    Remote work
    Flexible hours

    DoorDash

    New York, NY
    4 days ago
  • CreatorIQ in New York is seeking a Staff Search Engineer to lead the design of the real-time search platform. You'll architect and maintain Elasticsearch clusters, develop high-performance APIs in Go, and provide technical leadership. The ideal candidate will have 7-10+... 

    CreatorIQ

    New York, NY
    1 day ago
  • Salt Digital Recruitment seeks a staff-level engineer in New York, focusing on architecting a greenfield trading platform in a regulated financial environment. This role emphasizes technical leadership, system design, and building high-throughput, low-latency infrastructure... 

    Salt Digital Recruitment

    New York, NY
    5 days ago
  •  ...Senior Staff Engineer - Salesforce Alliance Manager Full-time Service Region: UCC We are a Digital Product Engineering company that is scaling in a big way! We build products, services, and experiences that inspire, excite, and delight. We work at scale — across all devices... 
    Full time

    Nagarro

    New York, NY
    4 days ago
  • $204k - $240k

     ...incident response, alongside a firm understanding of web applications and cloud technologies. The position also involves mentoring engineers and working closely on security projects. We offer a competitive salary ranging from $204,000 to $240,000 along with an equity... 

    Etsy, Inc.

    New York, NY
    1 day ago
  • A cybersecurity startup is seeking a Staff ML Engineer to define and build its machine learning capabilities. The role requires developing production ML systems and defining the ML strategy across products. Candidates should have over 8 years of experience in ML system... 

    Adaptive Security Corporation

    New York, NY
    2 days ago
  • $173k - $286k

     ...Location Type Remote Department AI Generation Engine Compensation Tier 1 $204,000 - $286,00...  ..., financial services, navigation, cybersecurity, and other sectors. We are a global...  ...software engineers, ML experts, products managers and user experience researchers, where they... 
    Full time
    Seasonal work
    Local area
    Remote work
    Flexible hours

    SandboxAQ

    New York, NY
    4 days ago
  • $200k - $240k

     ...SecurityScorecard is the global leader in cybersecurity ratings, with over 12 million...  ...for self-monitoring, third-party risk management, board reporting, and cyber insurance...  ...and act on risk. We are looking for a Staff AI Engineer to lead that work. This is the role for... 

    Zoomcar

    New York, NY
    1 day ago
  • $188k - $275k

     ...Nasdaq: CRWV) in March 2025. Learn more at [ What You’ll Do: We are seeking a Staff Security Engineer to lead the most complex technical work in CoreWeave’s Vulnerability Management program. You will design and implement scalable triage, prioritization, and... 
    Permanent employment
    Full time
    Temporary work
    Casual work
    Work at office
    Flexible hours

    CoreWeave

    New York, NY
    1 day ago
  • Censys is looking for a Staff Backend Engineer to join their Exposure Management team. The role, fully remote within the US or Canada, requires solid experience in Golang and technical leadership abilities to drive the evolution of their legacy Attack Surface Management... 
    Remote job

    Censys

    New York, NY
    1 day ago
  •  ...environmental assessments and ensure compliance with regulations. The ideal candidate will have a Bachelor's in Environmental Engineering and experience in managing environmental initiatives. This role involves oversight of ISO 14001 programs, analysis of environmental data, and... 

    Corning Inc.

    New York, NY
    4 days ago
  • $225k - $350k

    About Hypha Hypha is an AI-native platform transforming asset management across the full lifecycle—acquisition, management, and...  ...to eliminate inefficiencies Role Overview As a Senior / Staff Frontend Engineer at Hypha, you’ll own the experience layer of the platform.... 

    Hypha AI, Inc.

    New York, NY
    2 days ago
  • $140k

    Staff Frontend Engineer - Dragonfly Portfolio Join to apply for the Staff Frontend Engineer - Dragonfly Portfolio role at Dragonfly Continue...  ...Venture Capital and research firm with $2B+ in assets under management and 160+ portfolio companies (see list). Our Talent team... 
    Full time
    Contract work
    Remote work
    Worldwide

    Dragonfly

    New York, NY
    4 days ago
  • Join a forward-thinking company as a Staff Software Engineer, where you will lead the design and development of scalable systems that support innovative healthcare solutions. This role offers the chance to work with cross-functional teams, mentor engineers, and drive the... 
    Remote job

    Femtech Insider Ltd.

    New York, NY
    3 days ago
  • A leading technology company in the United States seeks a Staff Engineer I to enhance engineering excellence across development teams. The role combines hands-on software development with mentoring and architectural guidance. The ideal candidate will have over 10 years... 
    Remote job

    DataServ, LLC

    New York, NY
    4 days ago
  • $190k - $225k

    Samsung Electronics América Inc. is looking for a Staff Engineer, Data Analysis in New York, NY. The role involves collaborating with teams to analyze data using tools like SQL and Python, and translating findings into actionable insights. A Bachelor’s degree in Computer... 
    Remote work

    Samsung Electronics Perú

    New York, NY
    2 days ago
  • A cutting-edge tech company is seeking a Staff Backend Engineer to take ownership of its backend systems, leading the development of scalable architecture. The ideal candidate will have over 7 years of experience in backend systems and strong TypeScript skills. Responsibilities... 

    Flora Limited

    New York, NY
    2 days ago
  • Kong is seeking a Staff Solutions Engineer in New York, NY to support sales and ensure customer satisfaction with their API/Connectivity Management platform. This role entails building customer relationships and creating technical documentation, while also leading discussions... 

    Kong

    New York, NY
    3 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Staff Cybersecurity Engineer - PKI/Secrets Management. Be the first to apply!