6+ Years experience

1. Unified Device Identity Service: APIs, plugins, and general availability readiness to support
2. Compute, Networking, Storage for cloud and on-prem based deployments.
3. Tactical and operational support for edge security infrastructure such as Web Application
4. Firewalls and Rate Limiting Services.
5. Hardware Attestation Service: API, plugins, and attestors to support
6. Support SecOps teams through workload attestation services that allow for policy definitions
7. and invocation. This may include Workload and Agentic identity issuance and attestation.
8. Workload and hardware attestation infrastructure support that includes utilization of open
9. source software such as SPIFFE, SPIRE, and Keylime.
10. Signing of JWT for services that enable application-level token verification.
11. Support of IAM related initiatives such as decommission of PingFed and the creation of Auth IDP.
12. Deployment utilizing existing and new pipelines, including integration into managed CI/CD pipelines and repos (including enhancements)
13. Creation of and maintenance of scale, sanity, functional, and regression tests.
14. Observability dashboards, alarming and alerting via pager duty
15. Maintenance of services, open-source images, and developed services that meet patching guidelines for CVE and security / vulnerability response.
16. Integration of source code with managed repo’s, integration, and deployments

Key Skills:

The tech stack to be used to support the items above are

PKI, Golang, Python, ArgoCD, Helm, Kubernetes, Istio, Zero Trust, SPIFFE, SPIRE, Envoy, Istio Rate Limit Service, OIDC Flows, and AI related topics such as MCP and RAG.

Knowledge of cloud-based services running in service meshes is expected