About The Position

Endava is seeking a Senior Identity & Encryption Engineer with deep expertise in Public Key Infrastructure (PKI), certificate lifecycle management, and enterprise secrets management. This is a senior engineering and advisory role for an experienced professional who has successfully designed, modernized, and automated enterprise cryptographic services across complex environments. The ideal candidate brings industry best practices gained from multiple enterprise implementations and can help clients evolve beyond traditional certificate management into modern, automated, API-driven security platforms. This individual will provide technical leadership, influence architecture decisions, and help establish scalable solutions that support long-term business and security objectives.

Requirements

  • 7–10+ years of experience designing, implementing, and managing enterprise PKI, certificate lifecycle management, or cryptographic platforms.
  • Deep expertise in PKI architecture, certificate management strategies, cryptographic services, and enterprise security best practices.
  • 5+ years of engineering experience building automation solutions within Identity, Directory Services, or DevOps environments.
  • Strong PowerShell scripting and automation experience.
  • Experience designing and supporting Infrastructure as Code (IaC) and CI/CD pipelines.
  • Experience integrating enterprise platforms through REST APIs and automation frameworks.
  • Hands-on experience deploying, managing, and troubleshooting Hardware Security Modules (HSMs).
  • Experience with cloud platforms including Azure, AWS, or Google Cloud, with strong knowledge of Azure Key Vault or equivalent cloud secrets management services.
  • Demonstrated experience collaborating with cross-functional technical teams to deliver enterprise infrastructure and security solutions.
  • Strong understanding of incident, problem, request, and change management processes.
  • Excellent communication skills with the ability to engage technical teams, architects, project managers, and business stakeholders.

Nice To Haves

  • Experience administering and engineering Keyfactor Certificate Management Platform.
  • Experience with HashiCorp Vault and CyberArk.
  • Experience integrating enterprise secrets management platforms into DevOps and CI/CD workflows.
  • Knowledge of modern zero-touch certificate lifecycle management and certificate-as-a-service architectures.
  • Experience developing self-service platforms for identity, certificate, or secrets management.
  • Consulting experience delivering enterprise security transformation initiatives across multiple clients or industries.

Responsibilities

  • Lead the design, modernization, and optimization of enterprise PKI and certificate management platforms.
  • Provide technical leadership for certificate lifecycle management, secrets management, and cryptographic services across hybrid and cloud environments.
  • Design and implement automated, scalable certificate provisioning and renewal processes using modern engineering practices.
  • Develop self-service capabilities that enable development and infrastructure teams to securely request and provision certificates with minimal manual intervention.
  • Design and implement API-driven integrations that enable CI/CD pipelines and DevOps platforms to securely interact with enterprise secrets management solutions.
  • Maximize the value of existing security platforms by standardizing enterprise workflows, eliminating siloed solutions, and driving adoption of centralized services.
  • Define engineering standards, best practices, and architectural patterns for PKI, certificate management, and secrets management.
  • Serve as the senior technical escalation point for complex cryptographic platform issues and mentor engineering teams on automation and operational excellence.
  • Contribute to platform hardening through secure configuration, delegation models, monitoring, patch management, and continuous optimization.
  • Develop engineering roadmaps and implementation strategies aligned with client business objectives and evolving security requirements.
  • Partner with cross-functional engineering, infrastructure, DevOps, security, and application teams to deliver scalable enterprise identity and encryption solutions.
  • Evaluate emerging technologies and industry trends to ensure long-term platform sustainability and future readiness.

Benefits

  • Competitive salary package
  • Share plan
  • Company performance bonuses
  • Value-based recognition awards
  • Referral bonus
  • Career coaching
  • Global career opportunities
  • Non-linear career paths
  • Internal development programmes for management and technical leadership
  • Complex projects
  • Rotations
  • Internal tech communities
  • Training
  • Certifications
  • Coaching
  • Online learning platforms subscriptions
  • Pass-it-on sessions
  • Workshops
  • Conferences
  • Hybrid work
  • Flexible working hours
  • Employee assistance programme
  • Global internal wellbeing programme
  • Access to wellbeing apps
  • Global internal tech communities
  • Hobby clubs and interest groups
  • Inclusion and diversity programmes
  • Events and celebrations
  • Robust healthcare and benefits including Medical, Dental, vision, Disability coverage, and various other benefit options
  • Flexible Spending Accounts (Medical, Transit, and Dependent Care)
  • Employer Paid Life Insurance and AD&D Coverages
  • Health Savings account paired with our low-cost High Deductible Medical Plan
  • 401(k) Safe Harbor Retirement plan with employer match with immediately vest
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service