Principal Infrastructure Engineer

Posted 23 days 5 hours ago by Anaplan Inc

Permanent
Full Time
Other
London, United Kingdom
Job Description

Anaplan is looking for a Principal Infrastructure Engineer to lead the design and build of a new, multi-region HashiCorp Vault platform. This is a pivotal role where you will serve as our Subject Matter Expert (SME), shaping the future of secrets management and governance for a platform that supports hundreds of engineers and top flight companies around the world.

This is a hybrid role requiring at least two days a week in our London office.

Your Impact
  • Lead the architecture, design, and implementation of a new, multi-region HashiCorp Vault platform on public cloud.
  • Take ownership of the solution architecture, creating and maintaining high-quality design documents and Architecture Decision Records (ADRs).
  • Ensure platform resilience by developing and testing robust strategies for performance, Disaster Recovery (DR), and High Availability (HA).
  • Act as the primary SME for the organisation on all aspects of Vault and modern secrets management, actively championing and evangelising best practices.
  • Collaborate with and influence stakeholders, platform teams, and software engineers to ensure the smooth and secure integration of their services with the Vault ecosystem.
  • Partner with Security to define the control requirements for the Vault platform (policy standards, privileged access, audit/evidence, compliance needs) and ensure designs meet those requirements.
  • Lead regular security design reviews for Vault architecture decisions (authn/authz, policy model, namespaces/tenancy, seal strategy with KMS/HSM, audit logging) and drive alignment/sign-off with Security.
  • Establish joint operating processes with Security for incident response and investigations, including break glass access, audit log access patterns, and post incident remediation.
  • Coach and mentor other engineers on security best practices and the adoption of the new secrets management platform.
Your Skills
  • You have hands on expertise in designing, implementing, and operating HashiCorp Vault in large scale production environments.
  • Proven experience with multi region deployments on public cloud platforms, preferably AWS. Experience with GCP and Azure is also highly valuable.
  • Proficient with Infrastructure as Code (IaC) and Terraform.
  • Knowledge of modern authentication and authorisation mechanisms (e.g., OIDC, SAML, JWT).
  • Experience managing Public Key Infrastructure (PKI) and certificate lifecycles.
  • Experience with observability tooling such as Grafana, Prometheus, and Loki.
  • Proficient with Kubernetes and managed Kubernetes platforms such as EKS, GKS, and AKS.
  • Experience with Kubernetes tooling such as Helm and Argo CD.
  • You have a quality first mindset with demonstrable experience in creating and automating testing strategies for critical infrastructure.
  • You are happy to write and maintain clear documentation for other teams.
  • You have excellent communication skills, with a proven ability to influence technical direction and mentor both junior and senior engineers.
Bonus Points For:
  • Scripting or development experience in Go, Python, or similar.
  • Experience writing or maintaining Kubernetes Operators.