:

· High performing and self-motivated, extensive professional experience in designing, implementing and managing PKI and security solutions.

· Solid understanding of PKI concepts and security properties.

· Support PKI-based products (including Web servers and certification authorities) and Common PKI-based protocols (including SSL and TLS, HTTPs, or LDAPs).

· Experience with certificate authority (CA) implementation in compliance with the Federal PKI (FPKI) Common Policy Authority.

· Review, patch, the Red Hat Certificate System source code for defects.

· Develop Red Hat Certificate System source code to implement new capability.

· Strong expertise in PKI Engineering Support and troubleshooting.

· Experience with HSM design and implementation.

· Working knowledge with OSI layer - security tactics and different kinds of attacks.

· Demonstrated abilities in working with team to deliver projects to clients within specified timeframe and as per specifications.

RESPONSIBILITIES:

· Support and mature Client PKI (Public Key Infrastructure) program, including strategy, governance, implementation, operations and continuous alignment with compliance and regulatory requirements.

· Engage with system owners, business teams, and IT stakeholders in strategic discussions to provide best in class PKI security strategy and industry guidance to maximize long-term business objectives.

TECHNICAL SKILLS DETAIL:

· Good working experience with scripting platforms (PowerShell, Batch, Json, Python, YAML, etc)

· Expert in PKI design, implementation, administration, and provisioning in AWS. Extensive experience in AWS PKI services: KMS, CloudHSM, ACM, CloudFront, Secrets Manager, CloudTrail

· Experience with PKI-based products (including Web servers and certification authorities) and Common PKI-based protocols (including SSL and TLS, HTTPs, or LDAPs).

· A solid understanding of Public Key Infrastructure (PKI) including technology, standards, and implementations, with experience managing, configuring, or supporting a PKI certificate authority

· Experience with certificate authority (CA) implementation in compliance with the Federal PKI (FPKI) Common Policy Authority.

· Conduct technical research and set cloud security direction and strategy

· Experience in automating certificate renewal and certificate life cycle management.

· Experience with Microsoft's PKI Technologies and latest Windows and Linux server platforms.

· Experience with integration of Venafi with Microsoft PKI Technologies and Public PKI Providers.

· Experience on IBM Mainframe platforms Encryption (TKE, UKO, SGKLM, etc).

TECHNICAL/PROFESSIONAL CERTIFICATIONS & SKILLS (PREFERRED):

· Bachelor’s Degree in Information Security, Computer Science, or related field.

· + years of professional experience in PKI, Venafi, digital certificates management, IBM-Mainframe, Scripting and Information Security domains.

· Experience with Agile software development methodologies.

· Preferred one or more certifications: CISSP, AWS Cloud Certificates, CISM or other Cyber Security related certification.