Job Description

Public Key Infrastructure (PKI) Engineer – Infrastructure Security (Hybrid Onsite)

We are looking for a Public Key Infrastructure (PKI) Engineer to support enterprise authentication and encryption initiatives, ensuring security, compliance, and automation across certificate and key management systems. The ideal candidate will have a strong background in infrastructure security and cryptographic technologies, and will collaborate cross-functionally with security and infrastructure teams to enhance the organization's PKI ecosystem.

Note: This role requires being onsite 3 days per week, with the potential for up to 5 days depending on organizational needs and company policies. Candidates must be willing to attend onsite interviews.

Responsibilities

• Develop and implement processes and controls related to certificate authority (CA) management, Active Directory integration, and platform authentication across Windows and Unix systems.
• Enhance and automate PKI-related tools and systems to support scalability and audit readiness.
• Work collaboratively with security and infrastructure teams to ensure integration and efficiency across all PKI touchpoints.
• Ensure compliance with internal policies and external standards related to encryption and key management.

Required Skills & Experience

• 10+ years of experience in IT infrastructure roles, with relevant design and implementation responsibilities.
• Solid understanding of Agile methodologies (Kanban, Scrum, etc.).
• Experience with continuous delivery and deployment processes.
• Familiarity with cryptographic principles and data protection techniques (key management, masking, tokenization).
• Strong hands-on experience with encryption technologies (e.g., TLS, PGP, PKI, HSM).
• Working knowledge of system vulnerabilities and mitigation practices, including penetration testing methods.
• Proficiency in scripting languages like Python, and shell scripting using KSH, Bash, or PowerShell.
• Experience managing and securing distributed platforms (e.g., Linux); Windows Server experience is a plus.
• Clear communicator with the ability to collaborate across technical and business teams.
• Proven ability to prioritize and manage multiple complex projects.

Preferred Qualifications

• Familiarity with certificate management tools such as Venafi, Keyfactor, or similar.
• Understanding of Entrust public certificates and certificate lifecycle management.
• Experience with infrastructure automation tools (e.g., Ansible, Puppet).
• Prior experience with enterprise server hardware (Dell or HP).
• Background in identity management systems (e.g., IBM TIM/TAM).
• Exposure to IoT device management.
• Experience integrating Red Hat technologies such as IdM, Satellite, Ceph, or RHV.
• Hands-on experience with AWS cloud services (e.g., EC2, S3, Lambda, RDS, ALB/NLB).
• Strong background in public cloud design, optimization, and troubleshooting.
• 3+ years of experience working specifically in a PKI environment.
• Previous roles in technical architecture or solution design (e.g., Solutions Architect, Technical Design Authority) are a plus.

Team Culture

We are a high-energy, fast-paced team that thrives on solving complex security challenges. Team members are expected to bring a proactive, solution-oriented mindset and contribute meaningfully from day one. We prioritize results, collaboration, and continuous improvement while embracing a culture of accountability and innovation.