Secrets Engineer

At Graphcore, we’re building the future of AI compute.

We’re a team of semiconductor, software and AI experts, with deep experience in creating the complete AI compute stack - from silicon and software to infrastructure at datacenter scale.

As part of the SoftBank Group, backed by significant long-term investment, we are delivering key technology into the fast-growing SoftBank AI ecosystem.To meet the vast and exciting AI opportunity, Graphcore is expanding its teams around the world.We are bringing together the brightest minds to solve the toughest problems, in a place where everyone has the opportunity to make an impact on the company, our products and the future of artificial intelligence.

Job Summary

We are seeking a Secrets Engineer to lead the development, deployment, and ownership of a secure, scalable secrets-management platform for the entire organization. You will build a new enterprise-grade HashiCorp Vault or OpenBao environment from scratch. It must be highly available, resilient, and suited for long-term use.

This is a strategic role: you will deliver and operate the central platform. You will also collaborate with engineering, security, and operations teams that manage localized or ad-hoc secrets systems. A key part of your mission is to unify and standardize these methods across Graphcore, ensuring consistent guidelines, smooth migration, and organization-wide support.

The Team

You’ll be joining a multidisciplinary team with strong technical skills and a very encouraging culture. We work closely together and regularly share knowledge, and your skills will make a direct impact on our business. It’s an exciting and pivotal moment for us right now, with plenty of new projects ahead. If you’re looking to solve interesting problems and see your work deliver real-world results, this is the team for you.

Responsibilities and Duties

Platform Ownership & Implementation

Build, deploy, and operate an organization-wide HashiCorp Vault or OpenBao platform from scratch, ensuring high availability, scalability, and strong security posture.

Define architecture for clustering, storage backends, auto-unseal, disaster recovery, and performance replication.

Develop migration strategies and reference frameworks that allow other teams to move from their current secrets tools to the central platform.

Standardization & Governance

Collaborate with groups from engineering, security, and operations to merge various secrets stores into one unified system.

Develop organizational standards, policies, access models, and workflows to ensure consistent, secure usage of the platform.

Advocate for guidelines in secret lifecycle management, authentication methods, and identity federation.

Integrations, Enablement, and Developer Experience

Build tooling, automation, onboarding guides, and libraries to help teams adopt Vault/OpenBao easily and accurately.

Integrate Vault/OpenBao with CI/CD systems, cloud platforms, and internal services.

Deliver workshops, training, and direct technical support to accelerate adoption.

Research & Advanced Security Capabilities

Evaluate approaches for secure password storage for individual users—either within Vault/OpenBao or by assessing alternatives such as BitLocker or other credential-management systems.

Conduct an initial study on the feasibility of implementing SPIFFE/SPIRE for workload identity, attestation, and zero-trust authentication, outlining future pathways and recommendations.

Collaboration & Cross-Team Work

Partner with HPC, Networking, Storage, Security, and Cloud Engineering teams to ensure seamless integration of secrets workflows into broader infrastructure systems.

Find opportunities to improve security posture and operational efficiency through automation and standardized secrets management.

Candidate Profile