Talent.com
Public Key Infrastructure Architect (PKI Architect)

Public Key Infrastructure Architect (PKI Architect)

Infinite RangesTexas, US
30+ days ago
Job description

Please Note : These are 100% REMOTE, project-based Consulting opportunities that range from 5-15 hours a week per project, depending on the need.

Infinite Ranges stands on the cutting edge of deploying, implementing, and custom consulting for tailored application modernization and DevSecOps solutions. While we build DevSecOps, Platform Engineering, and App Modernization solutions, we also offer highly skilled Surge resourcing services for professional service firms, ISVs, resellers, and industry-leading OEMs such as VMWare and AWS, ensuring excellence and expert guidance at every step

In under 48 months, we’ve grown to 60+ OEM partners, a staff of over 50, and hundreds of engagements, delivering both people and professional services at-scale

About the Role :

Are you passionate about cryptography and digital security? We are seeking PKI (Public Key Infrastructure) Architects & Engineers proficient in strategy, design, and implementation to steer our organization towards unparalleled security. Join us to redefine excellence in secure communications.

What You Will Be Doing :

1. PKI Strategy and Design :

  • Develop a holistic PKI strategy aligned with organizational security objectives.
  • Design end-to-end PKI architecture encompassing root and intermediate certificate authorities, end-entity lifecycle management, and policy frameworks.

2. PKI Implementation :

  • Take the lead in deploying PKI infrastructure that’s both scalable and seamlessly integrated with existing systems.
  • Configure and manage certificate authorities to establish trust within and outside the organization.

    • 3. Certificate Management :

  • Formulate and implement procedures for certificate issuance, renewal, and revocation.
  • Use automation tools for certificate lifecycle management and to ensure compliance with best practices.

    • 4. Security and Risk Management :

  • Regularly conduct security assessments of the PKI setup and contribute to incident response plans.
  • Stay abreast of industry trends, threats, and best practices in PKI and cryptography.

    • 5. Collaboration and Documentation :

  • Collaborate with network, security, and DevOps teams for a seamless and secure integration of PKI elements.
  • Maintain comprehensive and up-to-date technical documentation for PKI configurations, procedures, and policies.

    • What We Want To See :

  • Demonstrable expertise in cryptography, certificate management, and networking protocols.
  • Hands-on experience with PKI technologies and standards such as X.509, OCSP, and CRL.
  • Strong scripting skills, preferably in Python or Shell, for automation.
  • Knowledge of IT and Cybersecurity frameworks, such as NIST, FIPS, CSF, CIS, ISO 27001 / 2.
  • Working knowledge of Cloud provider security architecture design patterns, and key control methods - Bring your own key, Hold your own key, partitioned HSMs.
  • Experience with OWASP Web / API vulnerabilities and compensating controls (CSRF, XSS, SQLI, etc.)

    • Technologies used in this role :

  • Sectigo
  • Keyfactor
  • AppviewX
  • Microsoft PKI infrastructure
  • Thales HSMs (Luna, et al)
  • OCSP

    • Bonus Points for :

    Certifications like Certified Information Systems Security Professional (CISSP)

    Certified Information Security Manager (CISM)

    Microsoft Certificate Authority

    Certificate management platform experience

    Hardware Security Module (HSM)