Lead Engineer - Digital Certificate Technology Services

EY•Alpharetta, DC

22h

About The Position

At EY, we’re all in to shape your future with confidence. We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. The opportunity The Digital Certificates Technology Service (DCTS) team within the Information Security organization at EY is responsible for the engineering, development, and sustainment of digital certificate-based security solutions and encryption technologies that service the global firm. The Public Key Infrastructure (PKI) Engineering Lead drives Information Technologies (IT) security and productivity pillars by enabling secure connectivity for technical assets and devices within EY’s global infrastructure through the creation and management of digital certificates. The role drives complex engineering design, development, and implementation activities to provide full certificate lifecycle management solutions aligned to multiple digital certificate use cases including Transport Layer Security (TLS), Code Signing, Authentication of User and Devices, and Email Encryption. The as deployed services rely on several technologies including, but not limited to, Microsoft’s Public Key Infrastructure (PKI), Online Certificate Status Protocol (OCSP) infrastructure, Hardware Security Modules (HSM), KeyFactor Command, Venafi Trust Protection Platform, Intune Certificate Connector and JAMF ADCS. The Engineering Lead will oversee a team of engineering resources and manage all activities to be delivered by this team. The role serves as a bridge between the business, solution architecture design and IT operations stakeholders to ensure sustainment of the deployed services to meet all security, functional, and operational requirements and maintain the highest degree of service uptime as required by the business.

Requirements

Excellent problem-solving skills.
Strong verbal and written skills to interact with global teams and customers.
Up to date on current technologies and standards, and maintain awareness of industry trends and threats, focusing on PKI/PKE technologies.
Solid understanding of IT security principals and secure coding techniques.
Team leadership and resource management skills.
Strong experience in Public Key Infrastructure (PKI).
Experience with CyberArc/Venafi certificate management suite.
Experience with Codesigning.
Strong proficiency with Hardware Security Module (HSM) technology (SafeNet/nCipher).
PowerShell Scripting & general understanding of REST API.
Experience in cloud solution development with Azure or AWS architectures as it related to PKI management.
Bachelor’s or master’s degree in information assurance, computer science, information systems or related field of study.
12+ years of practical experience in the field of IT is required.
8+ years of direct Information Security experience.
6+ years of hands-on PKI engineering experience.

Responsibilities

Primary point of contact for the strategy and best practices in engineering, design execution and aligned management of all complex build activities for specific new or modifications to existing features and functions within the DCT services space.
Manage the successful technical delivery of projects and services for our customers by working directly with key business stakeholders, executives and project teams. Security engineers are the technical lead on initiatives and as such must drive the vision and alignment of the solution delivery.
Directs engineering and other technical activities supporting the scalability, supportability, production design, validation testing, release packaging, and release planning to maintain service stability and continuity.
Act as a product owner for deployed services to manage the vendor technologies and underlying infrastructure components including development and maintenance of product roadmaps aligned with each service offering.
Support the definition, design, and deployment of enterprise PKI systems to provide new or enhanced services for the business.
Maintain existing deployed service components including upgrades, maintenance, and issue resolution.
Manage the configuration of PKI systems and develop and execute test plans to ensure readiness for production deployment.
Create and maintain system documentation.
Ensure PKI systems align to the security policies, standards, and industry practice.
Manage direct reports, identifies and recommends hiring and aligns responsibilities and objectives to abilities as well as coach performance to achieve success.

Benefits

We offer a comprehensive compensation and benefits package where you’ll be rewarded based on your performance and recognized for the value you bring to the business.
The base salary range for this job in all geographic locations in the US is $128,100 to $239,600.
The base salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is $153,800 to $272,300.
Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography.
In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options.
Under our flexible vacation policy, you’ll decide how much vacation time you need based on your own personal circumstances. You’ll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume