About The Position

This role sits within PepsiCo’s Global Identity and Access Management (IAM) team and focuses on PKI engineering and operational initiatives that support the company’s global digital certificate, cryptography, non-human identity (NHI) management, and encryption requirements. The individual will have end-to-end ownership of enterprise PKI platforms, including Microsoft Active Directory Certificate Services (AD CS), public certificate authorities (such as DigiCert), and certificate lifecycle management solutions. This is a hands-on role responsible for the design, installation, configuration, and ongoing operation of PKI services across global environments. The role supports both strategic engineering initiatives and day-to-day PKI operations, serving as the internal subject matter expert for certificate-based trust, automation, and lifecycle management. This position is based at PepsiCo’s FLNA headquarters in Plano, TX.

Requirements

  • Bachelor’s degree in technology or engineering
  • 12 plus years of overall IT and security experience
  • 10 plus of experience of PKI, Cryptography/ Encryption technologies, NHI management and EKCLM
  • Proficient in PowerShell scripting, API development and integration
  • Good working knowledge of various cloud platforms (Azure, AWS) focused on deployment and integration
  • Skilled at collaborating across cross-functional teams and with a multicultural experience
  • Teamwork and Leadership/Coaching capabilities
  • Good working knowledge of cryptographic and modern auth protocols
  • Well versed with Certificate based authentication and device trust
  • In depth knowledge of Active Directory Certificate Services (AD CS)
  • In depth knowledge of CRL and OCSP and their functionality
  • Familiarity with PKI and cryptographic terminology and management
  • Hands on experience and Working knowledge of Thales HSM
  • Hands on experience and working knowledge of public CA
  • Good working knowledge of cloud platforms (Azure and AWS) and SaaS offerings for PKI and EKCLM
  • Knowledge of Active Directory domain service
  • Knowledge of scripting languages such as PowerShell, API based automation
  • Knowledge of ITSM processes like request, incident, change management etc.
  • Ability to work as a team player and support cross functional teams
  • Results-oriented, able to complete assignments in a timely and accurate manner, and manage multiple priorities
  • Adaptable to multi-cultural environment and ways of working across time zones
  • Strong oral and written communications skills
  • Ability to work within project timelines
  • Deliver outcomes with a little supervision, must be a self-starter and self-motivator
  • Proactive approach and enthusiasm for problem identification and solving
  • Ability to think strategically and suggest creative solutions
  • Ability to synthesize complex requirements into simple business practices
  • Flexible and able to adapt to changing priorities

Nice To Haves

  • Knowledge of CLM tool such as Venafi, AppviewX, Keyfactor added advantage

Responsibilities

  • Engineering and solutioning PKI design and cross functional integrations
  • Assisting users on submitting SSL certificate requests
  • Managing and driving NHI discovery and management
  • Working on Incidents, alerts, service requests in ITSM
  • Issuing and managing both Internal and external CA certificates using cert management tool
  • Assisting users to download the certificate from cert management tool
  • Domain management for issuing external (Entrust) SSL certificates.
  • Provisioning (pushing SSL certificates into server) of SSL certificates to AWS, Java JKS and Windows servers
  • Provide support on installation of SSL certificates in Windows IIS, JAVA JKS, Unix/Linux, Apache, Tomcat, Azure Key vault, AWS ALB/ELB, F5’s etc.
  • Provide support on generating a CSR or converting certificate formats using open SSL
  • Maintaining data and sending follow up emails on certificates expiry, before they get expired, to avoid warnings and outages
  • Preparing and presenting weekly and monthly reports on Service requests, Incidents, and alerts
  • Follow up with users for closure of pending tickets.
  • Providing end to end operational support to internal customers.
  • Managing certificate and key ownership data and keeping it up to date
  • Working Knowledge of ITSM process (Request management, change management, Incident management) on tools such as SNOW
  • Configuring and managing ADCS, CRL and OCSP Services
  • Document all key generation and management activities
  • Creating and maintaining CPS, architecture, Process and Run book documents
  • Communicate progress, findings, and ensure successful handoff of deliverables to program and operational teams
  • Provide detailed project Status to stakeholders
  • Collect feedback from stakeholders and users of security capabilities and incorporate that feedback into service

Benefits

  • Bonus based on performance and eligibility target payout is 10% of annual salary paid out annually.
  • Paid time off subject to eligibility, including paid parental leave, vacation, sick, and bereavement.
  • Medical, Dental, Vision, Disability, Health, and Dependent Care Reimbursement Accounts, Employee Assistance Program (EAP), Insurance (Accident, Group Legal, Life), Defined Contribution Retirement Plan.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Principal

Number of Employees

5,001-10,000 employees

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service