Job Description
This is a remote position.
Job Title: QA Engineer – Secrets & PKI
Location: Remote (occasional travel to the client office in Germany required)
Period: Oct 2025 – Dec 2026 (extensions likely)
Contract Type: Freelance / Contract, Full-Time
Overview
We are seeking a mid-level QA Engineer with expertise in Vault and PKI to validate secrets management, certificate lifecycles, and IAM integrations for a large-scale hybrid cloud platform. You will ensure reliability, compliance, and security through comprehensive testing, automation, and validation across core IAM services.
Responsibilities
* Validate Vault fundamentals (init/unseal, tokens, leases, policies, secrets engines)
* Test secrets lifecycle, PKI workflows, RA policies, and revocation processes
* Automate testing using CLI, REST API, and SDKs (Python, Go, Java) integrated into CI/CD pipelines
* Design and execute test cases for secrets lifecycle, PKI issuance, CRL/OCSP checks, and access policies
* Perform regression and fault-injection testing for Vault upgrades, token expiration, and certificate failures
* Validate certificate chains, trust anchors, and expiry alerts using OpenSSL, certutil, and Wireshark
* Conduct integration testing for Kubernetes sidecars, dynamic DB credentials, TLS cert rotation, and Keycloak federation flows
* Automate browser-based IAM/SSO testing with Playwright or Selenium
* Validate security and compliance requirements including RBAC, MFA, audit logs, FIPS, and PCI-DSS alignment
* Monitor Vault telemetry and debug issues across Vault, PKI, and IAM integrations
* Ensure HA/DR failover testing is automated, repeatable, and documented
Requirements
Eligibility
* Residency in the EU, EEC, UK, or Switzerland
Must-Have Experience
* Strong QA/testing background with Vault fundamentals and PKI workflows
* Experience with test automation frameworks for APIs and IAM services
* Proficient in scripting and automation (Python, Go, Bash, PowerShell)
* Skilled with PKI/SSL debugging tools (OpenSSL, certutil, Wireshark)
* Hands-on experience integrating tests into CI/CD pipelines (Jenkins, GitHub Actions, GitLab CI)
* Expertise in secrets compliance testing, audit logging, RBAC, MFA, and standards validation
* Experience with browser-based automation (Playwright, Selenium)
* Understanding of Vault integrations via API, Vault Agent, and sidecar injector
Language Skills
* Fluent English (C1 level or above)
Preferred
* Experience with cloud services (AWS, Azure, GCP)
* Familiarity with IAM solutions based on OIDC (e.g., Keycloak)
* Fluent German
* Experience in Agile/Scrum environments
* Knowledge of HA/DR testing for PKI/Secrets/IAM environments
Benefits
As a freelancer / contractor with us, you will enjoy flexible working hours and the freedom to choose your own projects. Our platform gives you access to exciting projects in various industries and supports you in advancing your career. You'll benefit from competitive pay and a dedicated team to help you with any questions you may have. Work independently and utilise our strong network to achieve your professional goals.