Our client, is seeking a high-caliber, Platform Engineer to design, operate, and evolve their centralized cryptographic and credentials infrastructure.
...
In this specialized engineering role, you will be responsible for providing secure, highly available secrets management platforms at a global scale. Your mission is to enable seamless, programmatic access to credentials, API tokens, and cryptographic keys across all automated developer workflows while embedding compliance, structural resilience, and zero-trust principles. The Enterprise Secrets Management team plays a pivotal role in securing the software delivery lifecycle end-to-end, deeply integrating with multi-region cloud infrastructures, continuous delivery pipelines, and Infrastructure-as-Code frameworks.
Desired Start Date: July 6, 2026
Contract Length: 6-Month Contract (Possibility of extension is highly likely)
Location: Hybrid Vancouver (4 days per week on-site at the Vancouver, BC corporate headquarters)
Advantages
Global Technical Infrastructure: Lead the design, replication architecture, and upgrade lifecycles for massive, multi-region cryptographic clusters.
Cutting-Edge Security Paradigms: Implement advanced Zero-Trust patterns including dynamic, lease-based credentials, just-in-time (JIT) access, and break-glass automation.
Extensible Engineering Scope: Drive platform customization by developing bespoke plugins and policy-as-code structures for automated access governance.
High-Impact Domain: Own a critical, baseline security layer that protects company-wide engineering pipelines, corporate applications, and enterprise third-party integrations.
Responsibilities
Enterprise Platform Operations: Administer, scale, and secure enterprise secrets management architectures globally, guaranteeing high availability, cross-region replication, and robust disaster recovery protocols.
Dynamic Workflow Engineering: Design and implement dynamic secrets, lease-based access models, and automated just-in-time (JIT) token provisioning workflows.
Pipeline Integration: Build and embed secure secret injection, rotation, and lifecycle patterns seamlessly into enterprise CI/CD pipelines (GitLab) and Infrastructure as Code (Terraform) environments.
Policy-as-Code Governance: Develop and enforce strict access control lists (ACLs), authentication mappings, and policy-as-code modules to ensure compliance with enterprise guardrails.
Identity & Access Alignment: Support Identity and Privileged Access Management (PAM) integrations, utilizing advanced auth methods to establish automated trust relationships.
Security Monitoring & Auditing: Analyze platform audit logs, programmatic usage patterns, and anomaly risk signals to detect potential policy breaches and fortify the overall security posture.
Runbook & Self-Service Automation: Drive corporate adoption of secure patterns by authoring developer self-service automation scripts (via Python/Go), architecture blueprints, and deep operational runbooks.
Qualifications
Experience: 8+ years of progressive professional experience operating within Platform Engineering, Cyber Security Engineering, or Cloud Infrastructure roles.
HashiCorp Vault Mastery: Deep, expert-level hands-on experience with HashiCorp Vault Enterprise—specifically managing ACL Policies, Auth Methods, and Dynamic Secrets Engine mounts.
Custom Development: Direct, referenceable experience developing custom Vault Plugins and scripting via Vault CLI/APIs using Python or Go.
Cluster Infrastructure Management: Proven track record managing global cluster topologies, data replication layers, token tokenization, and major platform upgrade lifecycles.
Identity Systems Depth: Comprehensive knowledge of modern enterprise identity patterns, including OIDC, OAuth, Cloud IAM, and LDAP/Active Directory.
Cryptographic Domain Literacy: Solid understanding of core cryptography, key management operations, and automated certificate lifecycle management (PKI engines).
Compliance & Auditing: Practical familiarity with corporate compliance controls, auditing frameworks (e.g., SOX), and enterprise security standards.
Summary
If you are a seasoned Platform Engineer who pairs absolute system administration discipline with deep HashiCorp Vault Enterprise savvy and an automation-first mindset, this Vancouver contract offers an exceptional tech environment. Bring your programmatic plugin development skills, CI/CD integration experience, and zero-trust engineering principles to a world-class technology team today!
Randstad Canada is committed to fostering a workforce reflective of all peoples of Canada. As a result, we are committed to developing and implementing strategies to increase the equity, diversity and inclusion within the workplace by examining our internal policies, practices, and systems throughout the entire lifecycle of our workforce, including its recruitment, retention and advancement for all employees. In addition to our deep commitment to respecting human rights, we are dedicated to positive actions to affect change to ensure everyone has full participation in the workforce free from any barriers, systemic or otherwise, especially equity-seeking groups who are usually underrepresented in Canada's workforce, including those who identify as women or non-binary/gender non-conforming; Indigenous or Aboriginal Peoples; persons with disabilities (visible or invisible) and; members of visible minorities, racialized groups and the LGBTQ2+ community.
Randstad Canada is committed to creating and maintaining an inclusive and accessible workplace for all its candidates and employees by supporting their accessibility and accommodation needs throughout the employment lifecycle. We ask that all job applications please identify any accommodation requirements by sending an email to accessibility@randstad.ca to ensure their ability to fully participate in the interview process.
show more
Our client, is seeking a high-caliber, Platform Engineer to design, operate, and evolve their centralized cryptographic and credentials infrastructure.
In this specialized engineering role, you will be responsible for providing secure, highly available secrets management platforms at a global scale. Your mission is to enable seamless, programmatic access to credentials, API tokens, and cryptographic keys across all automated developer workflows while embedding compliance, structural resilience, and zero-trust principles. The Enterprise Secrets Management team plays a pivotal role in securing the software delivery lifecycle end-to-end, deeply integrating with multi-region cloud infrastructures, continuous delivery pipelines, and Infrastructure-as-Code frameworks.
Desired Start Date: July 6, 2026
Contract Length: 6-Month Contract (Possibility of extension is highly likely)
Location: Hybrid Vancouver (4 days per week on-site at the Vancouver, BC corporate headquarters)
Advantages
Global Technical Infrastructure: Lead the design, replication architecture, and upgrade lifecycles for massive, multi-region cryptographic clusters.
...
Cutting-Edge Security Paradigms: Implement advanced Zero-Trust patterns including dynamic, lease-based credentials, just-in-time (JIT) access, and break-glass automation.
Extensible Engineering Scope: Drive platform customization by developing bespoke plugins and policy-as-code structures for automated access governance.
High-Impact Domain: Own a critical, baseline security layer that protects company-wide engineering pipelines, corporate applications, and enterprise third-party integrations.
Responsibilities
Enterprise Platform Operations: Administer, scale, and secure enterprise secrets management architectures globally, guaranteeing high availability, cross-region replication, and robust disaster recovery protocols.
Dynamic Workflow Engineering: Design and implement dynamic secrets, lease-based access models, and automated just-in-time (JIT) token provisioning workflows.
Pipeline Integration: Build and embed secure secret injection, rotation, and lifecycle patterns seamlessly into enterprise CI/CD pipelines (GitLab) and Infrastructure as Code (Terraform) environments.
Policy-as-Code Governance: Develop and enforce strict access control lists (ACLs), authentication mappings, and policy-as-code modules to ensure compliance with enterprise guardrails.
Identity & Access Alignment: Support Identity and Privileged Access Management (PAM) integrations, utilizing advanced auth methods to establish automated trust relationships.
Security Monitoring & Auditing: Analyze platform audit logs, programmatic usage patterns, and anomaly risk signals to detect potential policy breaches and fortify the overall security posture.
Runbook & Self-Service Automation: Drive corporate adoption of secure patterns by authoring developer self-service automation scripts (via Python/Go), architecture blueprints, and deep operational runbooks.
Qualifications
Experience: 8+ years of progressive professional experience operating within Platform Engineering, Cyber Security Engineering, or Cloud Infrastructure roles.
HashiCorp Vault Mastery: Deep, expert-level hands-on experience with HashiCorp Vault Enterprise—specifically managing ACL Policies, Auth Methods, and Dynamic Secrets Engine mounts.
Custom Development: Direct, referenceable experience developing custom Vault Plugins and scripting via Vault CLI/APIs using Python or Go.
Cluster Infrastructure Management: Proven track record managing global cluster topologies, data replication layers, token tokenization, and major platform upgrade lifecycles.
Identity Systems Depth: Comprehensive knowledge of modern enterprise identity patterns, including OIDC, OAuth, Cloud IAM, and LDAP/Active Directory.
Cryptographic Domain Literacy: Solid understanding of core cryptography, key management operations, and automated certificate lifecycle management (PKI engines).
Compliance & Auditing: Practical familiarity with corporate compliance controls, auditing frameworks (e.g., SOX), and enterprise security standards.
Summary
If you are a seasoned Platform Engineer who pairs absolute system administration discipline with deep HashiCorp Vault Enterprise savvy and an automation-first mindset, this Vancouver contract offers an exceptional tech environment. Bring your programmatic plugin development skills, CI/CD integration experience, and zero-trust engineering principles to a world-class technology team today!
Randstad Canada is committed to fostering a workforce reflective of all peoples of Canada. As a result, we are committed to developing and implementing strategies to increase the equity, diversity and inclusion within the workplace by examining our internal policies, practices, and systems throughout the entire lifecycle of our workforce, including its recruitment, retention and advancement for all employees. In addition to our deep commitment to respecting human rights, we are dedicated to positive actions to affect change to ensure everyone has full participation in the workforce free from any barriers, systemic or otherwise, especially equity-seeking groups who are usually underrepresented in Canada's workforce, including those who identify as women or non-binary/gender non-conforming; Indigenous or Aboriginal Peoples; persons with disabilities (visible or invisible) and; members of visible minorities, racialized groups and the LGBTQ2+ community.
Randstad Canada is committed to creating and maintaining an inclusive and accessible workplace for all its candidates and employees by supporting their accessibility and accommodation needs throughout the employment lifecycle. We ask that all job applications please identify any accommodation requirements by sending an email to accessibility@randstad.ca to ensure their ability to fully participate in the interview process.
show more
