Senior Infrastructure Engineer (Microsoft Public Key)

Public Key Infrastructure (PKI) Senior Engineer

To support our rapid growth, we are expanding our Infrastructure team to include a Public Key Infrastructure (PKI) Senior Engineer. In this exciting role, you will drive Information Technologies (IT) security and productivity pillars by enabling secure connectivity for technical assets and devices within BeyondID/Customers with Identity Management infrastructure through the creation and management of digital certificates.

This role drives complex design, development, and implementation activities aligned to a number of technologies including Microsoft’s Public Key Infrastructure (PKI), Online Certificate Status Protocol (OCSP) infrastructure, Hardware Security Modules (HSM), CMS Enterprise, Entrust, KeyFactor, Venafi Trust Protection Platform, and Venafi TrustNet software suites. 

The successful candidate will have encompassing experience surrounding use cases covering PKI as a Service, Certificate lifecycle automation, SSH key management, Encryption key management, IoT identity Management, and more. To thrive in this role, you must be well versed and educated in common Information Security practices and the CISSP domains, as well as possess general Information Technology experience AND you must be able to leverage these experiences to identify opportunities for improvement in the present information security environment, focusing on PKI, encryption, and certificate-based authentication solutions.

Certification Requirements:

At least ONE security industry certification is required. Examples: (CISSP, SSCP, CISM, SANS GSEC, ECSA, ECSP, and Security+).

Primary Responsibilities:

• Support the definition, design, and deployment of enterprise PKI systems
• Ensure PKI systems align to the Information Security policies, standards, and the industry best practices.
• Manage the configuration of PKI systems, test PKI systems and/or components to ensure readiness for production deployment.  Create and maintain system documentation.
• Represent PKI Engineering on organizational project teams and ensure adherence to existing security policies and standards.
• Manage the successful technical delivery of Information Security projects and services for our customers by working directly with key business stakeholders, executives and project teams. Security engineers are the technical lead on initiatives and as such must drive the vision and alignment of the solution delivery.
• Develop and improve PKI/PKE best practices
• Keep up on current technologies and maintain awareness of industry trends and threats, focusing on PKI/PKE technologies.

Desired Qualifications:

• Preferred Bachelor’s or Master’s Degree in Information Assurance, Computer Science, Cybersecurity, Information Systems or related field of study.
• 6+ years of experience in an engineering or relevant role. 
• Able to exhibit a progression of increasingly complex job responsibilities including project management skills, engineering remediation techniques and planning Public Key Infrastructure
• Expertise in SSL certificate management concepts, processes, and solution management. 
• Direct experience with Keyfactor Products a huge plus.
• Expertise with PKI implementation and certificate lifecycle management solution.
• Expertise with hardware security module (HSM) technology. 
• Expertise in cloud solution development with Azure or AWS architectures as it related to PKI management.

Required Technical Skills:

• Strong authentication / multi-factor authentication technologies
• Cryptographic services
• Data Protection
• Linux
• Windows
• Unix
• Web based systems
• DoD Security policy
• Automatic Certificate Management Environment (ACME) protocol
• Enabling Simple Certificate Enrollment Protocol (SCEP)
• mTLS with REST API and Apps
• Client/Devices/Server Certs
• Experience with at least one of the followings:
  • MS Certificate Management Services and Active Directory Domain Services
  • Entrust
  • KeyFactor
  • Venafi