Apply on Employer Site

Hewlett Packard Enterprise · 1 month ago

IAM Principal Secrets Management - PAM

Houston, Texas, United States of America

Full-time

Hybrid

Lead/Staff

$120K/yr - $276K/yr

10+ years exp

Hewlett Packard Enterprise is a global edge-to-cloud company that advances the way people live and work. They are seeking a Principal Secrets Management Architect to lead the architecture, design, and implementation of secure secrets management solutions across hybrid environments, ensuring alignment with corporate security standards and best practices.

Data CenterEnterprise SoftwareInformation TechnologyIT ManagementNetwork Security

H1B Sponsor Likely

Responsibilities

Define the enterprise secrets management strategy, standards, and reference architectures aligned to HPE’s Zero Trust and IAM frameworks

Architect and design scalable secrets management solutions for hybrid environments — on-premises, private cloud, and public cloud (AWS, Azure, GCP)

Lead the adoption of HashiCorp Vault Enterprise as the core platform for secrets storage, rotation, and access governance

Establish patterns for dynamic secrets, short-lived credentials, and API-based access control

Partner with enterprise architects, IAM, and DevSecOps leaders to define integration patterns and security models across platforms

Serve as the technical lead and SME for the design, configuration, and deployment of HashiCorp Vault Enterprise (Performance Replication, DR, Namespaces, PKI, Secrets Engines, and Authentication Methods)

Lead the integration of secrets management with PAM, CI/CD pipelines, cloud workloads, and container platforms (Kubernetes, Docker)

Implement policy-based access controls (RBAC, namespaces, AppRoles, OIDC, JWT) and automated credential rotation

Design and deploy audit logging, monitoring, and event correlation with SIEM/SOAR platforms

Support migration from legacy password vaults or static key stores to centralized secrets management platforms

Oversee performance tuning, disaster recovery, and lifecycle management for enterprise secrets management services

Define and enforce governance, access policies, and lifecycle controls for secrets and credentials

Ensure secrets management aligns with corporate and regulatory compliance standards (SOX, FedRAMP, ISO 27001, NIST 800-53)

Conduct threat modeling and risk assessments for secret exposure and credential misuse scenarios

Partner with audit and compliance teams to demonstrate control effectiveness and continuous compliance

Act as the enterprise SME and advisor to cybersecurity, IAM, DevSecOps, and infrastructure teams on secrets management best practices

Provide technical leadership and mentorship to engineers and developers implementing secrets management integrations

Drive adoption across business units, ensuring consistent design patterns, automation, and governance models

Collaborate with product vendors and open-source communities to stay ahead of emerging capabilities and vulnerabilities in secrets management technologies

Qualification

HashiCorp Vault EnterpriseSecrets management architecturePrivileged Access Management (PAM)IdentityAccess Management (IAM)Cloud platforms integrationScriptingAutomationRegulatory compliance frameworksLeadership skillsCommunication skillsCollaboration skills

Required

Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field (or equivalent experience)

10+ years of IT or Cybersecurity experience, with 8+ years focused on secrets management, PAM, and IAM in enterprise environments

Proven experience in architecture, design, and implementation of enterprise-grade secrets management platforms

Deep hands-on expertise with HashiCorp Vault Enterprise (auth methods, secrets engines, replication, DR, PKI, namespaces, APIs)

Experience integrating secrets management with PAM platforms (e.g., CyberArk, BeyondTrust) and DevOps toolchains (Jenkins, GitHub, GitLab, Azure DevOps, Kubernetes)

Strong understanding of Zero Trust, Just-in-Time access, and ephemeral credential concepts

Proficiency in scripting and automation (PowerShell, Python, Terraform, or similar)

Familiarity with cloud-native identity services (AWS Secrets Manager, Azure Key Vault, GCP Secret Manager)

Experience in enterprise security governance, audit readiness, and regulatory compliance frameworks

Excellent communication and leadership skills with the ability to influence across technical and executive stakeholders

Preferred

HashiCorp Certified Vault Expert

CISSP

CISM

AWS/Azure security certifications

Benefits

Health & Wellbeing

Personal & Professional Development

Unconditional Inclusion

Company

Hewlett Packard Enterprise

Hewlett Packard Enterprise is an edge-to-cloud company that uses comprehensive solutions to accelerate business outcomes.

Founded in 1939

Spring, Texas, USA

10001+ employees

https://www.hpe.com

H1B Sponsorship

Hewlett Packard Enterprise has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2025 (532)

2024 (585)

2023 (591)

2022 (523)

2021 (551)

2020 (398)

Funding

Current Stage

Public Company

Total Funding

$2.85B

Key Investors

Elliott Management Corp.

2025-04-15Post Ipo Equity· $1.5B

2024-09-10Post Ipo Equity· $1.35B

2015-11-02IPO

Leadership Team

Antonio Neri

President & CEO

Fidelma Russo

EVP & GM, Hybrid Cloud and Chief Technology Officer

Recent News

Investing.com

US IT hardware stocks tumble as Morgan Stanley flags slowing demand

2026-01-20

Computer Weekly

Samsung claims virtualised RAN first, accelerating AI-native, 6G-ready nets

2026-01-16

thefastmode.com

Samsung, Intel Power AI-Native, 6G-Ready Networks with vRAN Milestone

2026-01-16

Company data provided by crunchbase