Talent.com
Microsoft Active Directory Public Key Infrastructure (AD PKI) Expert

Microsoft Active Directory Public Key Infrastructure (AD PKI) Expert

MetroSys(Multiple States), US
30+ days ago
Job type
  • Full-time
  • Quick Apply
Job description

Position Summary :

  • We are seeking a Microsoft Active Directory Public Key Infrastructure (AD PKI) Expert for a short-term engagement to conduct a deep-dive discovery, analysis, and review of our existing PKI environment .
  • The consultant will provide a detailed report on the current state , along with recommendations and options for migration, separation, and alternative on-premises or cloud-based architectures .

Key Responsibilities :

  • Deep-Dive PKI Discovery & Assessment : Conduct a thorough review of the existing AD PKI infrastructure , including Certificate Authorities (CAs), Certificate Templates, CRL distribution, and Auto-Enrollment policies .
  • Analyze dependencies, security configurations, and compliance gaps .
  • Evaluate PKI integration with Active Directory, network services, and enterprise applications .

    • Analysis & Reporting :

  • Provide a detailed assessment report outlining the current PKI architecture, strengths, weaknesses, and risks .
  • Identify potential issues, security vulnerabilities, and areas for improvement .
  • Offer guidance on best practices for PKI security hardening and lifecycle management .

    • Migration & Separation Strategy :

  • Provide expert recommendations on PKI migration and separation strategies , considering : Splitting PKI environments for multiple organizations or business units.
  • Migrating from on-premises to cloud-based PKI solutions (e.g., Microsoft Intune SCEP, AWS Private CA, or Azure Key Vault).
  • Transitioning from legacy PKI to a modern, scalable architecture .
  • Assess the impact of moving to cloud-native, hybrid, or third-party PKI solutions .

    • Future-State Architecture & Roadmap :

  • Design and present high-level architecture options tailored to business requirements.
  • Provide recommendations for governance, automation, and certificate lifecycle management .
  • Suggest enhancements for security, compliance, and resilience (e.g., HSM integration, CRL optimization, OCSP setup).

    • Qualifications & Skills :

  • Expert-level knowledge of Microsoft AD Certificate Services (AD CS), PKI design, implementation, and security best practices .
  • Experience with certificate lifecycle management, HSMs, and enterprise PKI solutions .
  • Strong understanding of certificate-based authentication, encryption, and digital signatures .
  • Hands-on experience in PKI migrations, separation strategies, and hybrid cloud PKI deployments .
  • Familiarity with cloud-based PKI alternatives , such as Microsoft Intune SCEP, AWS Private CA, or Azure Key Vault .
  • Experience with PowerShell scripting for automation of PKI-related tasks.
  • Knowledge of compliance frameworks (NIST, CIS, ISO 27001) and PKI security hardening techniques .

    • Relevant certifications (preferred) :

  • Microsoft Certified : Identity and Access Administrator, CISSP, CISM, or other security-related certifications .
  • Powered by JazzHR
    • Create a job alert for this search

    Active Directory • (Multiple States), US

    Related jobs
    • Promoted
    Software Engineers -DevSecOps (Associate or Experienced)

    Software Engineers -DevSecOps (Associate or Experienced)

    BOEINGUS
    Temporary
    At Boeing, we innovate and collaborate to make the world a better place.We’re committed to fostering an environment for every teammate that’s welcoming, respectful and inclusive, with great opportu...Show moreLast updated: 1 day ago
    Cybersecurity Engineer

    Cybersecurity Engineer

    SierTeK Ltd.BY, USA
    Full-time
    Quick Apply
    SierTeK proudly serves our clients by providing expertise in the Program Management, Information Technology, and Administrative Support domains. Founded in 2007 as a minority and service-disabled ve...Show moreLast updated: 30+ days ago
    • Promoted
    AI Security Architect (USA / Remote)

    AI Security Architect (USA / Remote)

    MRINetwork JobsIndependence, KS, US
    Remote
    Full-time
    Company : Established and fast growing company in Healthcare industry.Position Type : Full time / Perm.Compensation : Up to 160K plus great benefits. This healthcare technology firm is transforming the...Show moreLast updated: 6 days ago
    Senior DevSecOps Engineer

    Senior DevSecOps Engineer

    SmarTek21(Multiple States), US
    Full-time
    Quick Apply
    About the Role We are seeking an experienced Senior DevSecOps Engineer with deep expertise in cloud security, CI / CD pipeline protection, and secure infrastructure automation.This role will own the ...Show moreLast updated: 6 days ago
    DevOps Engineer (Terraform Specialist)

    DevOps Engineer (Terraform Specialist)

    Intone Networks IncUnited States
    Full-time
    Quick Apply
    Job Title : DevOps Engineer (Terraform Specialist) Remote Job Summary : We are seeking two highly...Show moreLast updated: 1 day ago
    Protocol Engineer

    Protocol Engineer

    RockstarUS
    Remote
    Full-time
    Quick Apply
    Rockstar is recruiting for a foundation dedicated to supporting the growth, decentralization, and sustainability of a leading decentralized finance protocol. This client is committed to driving valu...Show moreLast updated: 30+ days ago
    UNPAID VOLUNTEER - Principal / Senior Technology Officer (Artificial Intelligence)

    UNPAID VOLUNTEER - Principal / Senior Technology Officer (Artificial Intelligence)

    Blockchain & Climate Institute / BCI America Inc.US
    Remote
    Part-time
    Quick Apply
    THIS IS AN UNPAID VOLUNTEERING ROLE.Role Title : Principal / Senior Technology Officer (Artificial Intelligence).The Blockchain & Climate Institute (BCI) is an international volunteers-led think t...Show moreLast updated: 22 days ago
    Security CIAM Okta Universal Directory Engineer

    Security CIAM Okta Universal Directory Engineer

    Cloud Security ServicesUS
    Full-time
    Quick Apply
    Cloud Security Services is currently looking for a Security Customer Identity and Access Management (CIAM) Okta Universal Directory Engineer for our client. Our client requires a Security Custo...Show moreLast updated: 30+ days ago
    Jira Administrator

    Jira Administrator

    Akaasa TechnologiesUnited States
    Full-time
    Quick Apply
    Title : Jira Optimization Consultant / Administrator Contract Details : Location : Camden, NJ (Hybrid or Remote) Dura...Show moreLast updated: 6 days ago
    IBM ACE

    IBM ACE

    Akaasa TechnologiesUnited States
    Full-time
    Quick Apply
    OPENINGS for candidates with IBM ACE [IBM App Connect Enterprise] and ESQL hands on development experience.ACE was previously known as IIB [IBM Integration Bus]< / ...Show moreLast updated: 1 day ago
    Active Directory Engineer

    Active Directory Engineer

    Akaasa TechnologiesUnited States
    Temporary
    Quick Apply
    Job Title : Active Directory Engineer Location : Charlotte NC / Chandler AZ (Hybrid) Duration : 12+ Months Contract Client : Wells Fargo ...Show moreLast updated: 5 days ago
    Privilege Access Management (PAM) Engineer

    Privilege Access Management (PAM) Engineer

    Tetrad Digital Integrity LLCUS
    Permanent
    Quick Apply
    Tetrad Digital Integrity (TDI) is a leading-edge cybersecurity firm with a mission to safeguard and protect our customers from increasing threats and vulnerabilities in this digital age.TDI is...Show moreLast updated: 30+ days ago
    Database Security Specialist

    Database Security Specialist

    Evolver FederalUSA
    Full-time
    Quick Apply
    Evolver Federal is looking for a.The successful candidate will work with Database Administrators, ISSOs and System Teams to support the client in ensuring the security of its databases across the e...Show moreLast updated: 10 days ago
    • Promoted
    DevSecOps Engineer, Argon ST (Associate or Experienced)

    DevSecOps Engineer, Argon ST (Associate or Experienced)

    BOEINGUS
    Temporary
    At Boeing, we innovate and collaborate to make the world a better place.We’re committed to fostering an environment for every teammate that’s welcoming, respectful and inclusive, with great opportu...Show moreLast updated: 1 day ago
    DEVSECOPS ENGINEER

    DEVSECOPS ENGINEER

    DEFTEC CorporationUSA
    Full-time
    Quick Apply
    DEFTEC delivers mission-critical solutions through skillfully delivered services and innovative products.We are inspired by our clients' critical missions and driven to provide the most effective s...Show moreLast updated: 10 days ago
    Active Directory- Entra ID Engineer

    Active Directory- Entra ID Engineer

    AiritosUS
    Full-time
    Quick Apply
    Active Directory- Entra ID Engineer Responsibilities : .Conduct high level project design and create project charters.Review global directory services disaster recovery plans for gaps and defin...Show moreLast updated: 30+ days ago
    Identity and Access Management (IAM) Solution Architect

    Identity and Access Management (IAM) Solution Architect

    Cloud Security ServicesUS
    Full-time
    Quick Apply
    Cloud Security Services is looking for an experienced Identity and Access Management (IAM) Solution Architect to assist Client with a multi-year IAM transformation initiative.Candidate must have a ...Show moreLast updated: 30+ days ago
    Full Stack Engineer - DevSecOps - DHS

    Full Stack Engineer - DevSecOps - DHS

    Prudent TechnologyUSA
    Full-time
    Quick Apply
    Responsible for the development and implementation of applications using existing and emerging technology platforms.This position supports application development efforts as a Full Stack Engineer f...Show moreLast updated: 30+ days ago