AppViewX Architect

About The Position

Requirements

• Minimum 2 years of hands-on AppViewX deployment, implementation, or pre-sales engineering experience
• Direct experience with AVX ONE CLM: certificate discovery (Smart Discovery), lifecycle automation workflows, endpoint binding, renewal, and revocation
• Practical experience with at least two AVX ONE deployment models: SaaS, on-premises, or private cloud
• Working knowledge of the AVX ONE Policy Engine, Crypto Resilience Scorecards, and executive dashboards
• Experience configuring CA integrations within AppViewX (public trust and/or private trust CAs)
• Strong foundational knowledge of X.509 certificate architecture, TLS/SSL, PKI hierarchy design, and CA operations
• Familiarity with certificate types: TLS, mTLS, client authentication, code signing, IoT/device certificates, SSH keys
• Experience with Microsoft ADCS and/or enterprise CA platforms; familiarity with PKIaaS migration scenarios
• Understanding of FIPS 140-2, HSM integration, and OCSP for enterprise PKI governance
• Experience integrating AppViewX with one or more of: ServiceNow, F5 BIG-IP, HashiCorp Vault, Ansible, Terraform, Jenkins, Kubernetes (EKS/AKS/GKE), Citrix, Palo Alto, Infoblox
• Familiarity with Kubernetes certificate management patterns (cert-manager, service mesh, ingress TLS)
• Comfort operating in hybrid and multi-cloud enterprise environments (AWS, Azure, GCP)
• Demonstrated experience operating in a pre-sales, solution engineering, or consulting capacity
• Ability to translate technical environment complexity into clear scoping assumptions and effort narratives
• Strong written and verbal communication skills; comfortable in client-facing technical discussions
• Ability to work independently, manage time within a hard-capped 20-hour budget, and deliver focused, high-quality outputs

Nice To Haves

• Prior experience at or working alongside an AppViewX channel partner, VAR, or systems integrator
• Familiarity with the AppViewXpert partner program
• Exposure to Post-Quantum Cryptography (PQC) migration planning and NIST PQC algorithm standards (ML-KEM, ML-DSA)
• Experience with the CAB Forum's 47-day TLS validity mandate and ACME protocol automation
• Knowledge of competing CLM platforms (Venafi, Keyfactor, DigiCert TLM) is a plus for competitive context
• Experience supporting engagements in regulated industries: financial services, healthcare, defense, utilities

Responsibilities

• Participate in client discovery sessions to assess the current-state PKI and certificate management environment
• Identify certificate types in scope: TLS/SSL, client authentication, code signing, IoT, SSH keys, and internal/private CA-issued certificates
• Evaluate existing CA infrastructure (Microsoft ADCS, DigiCert, Entrust, Sectigo, public CAs) and readiness for AppViewX integration
• Assess deployment environment: on-premises, private cloud, SaaS, hybrid multi-cloud, Kubernetes/container workloads, and edge
• Define scope of certificate inventory sprawl and estimate Smart Discovery complexity
• Recommend the appropriate AVX ONE modules given the client's environment and use cases (CLM, PKIaaS, KUBE+, Code Signing, SSH, ADC, Quantum Trust Hub)
• Advise on deployment architecture and phasing: Discovery (weeks 1–2), Automation Deployment (weeks 3–4), and Enterprise Scale roadmap
• Guide integration requirements across ITSM (ServiceNow, BMC Remedy), PAM, SIEM, HSM, DevOps toolchains, and CA connectors
• Assess 47-day TLS mandate readiness and advise on ACME protocol automation requirements
• Advise on post-quantum cryptography (PQC) readiness posture and Quantum Trust Hub applicability
• Identify Microsoft PKI modernization opportunities and PKIaaS migration pathways
• Support scoping calls and technical deep-dive sessions with the client's PKI, SecOps, NetOps, and DevOps stakeholders
• Assist in developing scope narratives, technical assumptions, and risk/dependency documentation for inclusion in SOW
• Provide input on level-of-effort estimates and implementation phasing recommendations
• Serve as a technical credibility resource during client-facing presentations or demos