PKI Compliance and Automation Engineer

DigiCert
17h
Match Resume

About The Position

Join our Certificate Authority Industry Standards team to learn and grow while contributing to compliance automation. You’ll assist in reading code for issuance microservices and certificate lifecycle pipelines. You’ll work closely with Product and Engineering teams to translate CA/Browser Forum requirements, Root Program policies, and CP/CPS controls into policy-as-code guardrails, pre-issuance validators, and automated evidence that make non-compliance impossible to ship. This role offers hands-on experience in PKI compliance engineering.

Requirements

  • Bachelor’s degree in Computer Science, Software Engineering, Information Security, or equivalent practical experience.
  • 2+ years of experience in software development, security, or compliance engineering.
  • Ability to read and understand code (Python, Go, Java, or similar languages).
  • Familiarity with PKI concepts (certificate lifecycle, Domain Control Verification methods) and eagerness to learn CA/Browser Forum standards.
  • Exposure to CI/CD pipelines and willingness to learn compliance automation tools.
  • Curiosity and willingness to learn PKI compliance engineering.

Nice To Haves

  • Some experience with PKI tools such as zlint/cablint, OpenSSL/CFSSL, ASN.1 tooling, RFC 5280 path validation test suites.
  • Hands-on experience is a plus but not required—mentorship will be provided.
  • Kubernetes/cloud experience (OPA Gatekeeper/Kyverno, AWS/Azure/GCP).
  • HSM operations (PKCS#11), FIPS 140-2/140-3 familiarity.

Responsibilities

  • Code & Config Compliance Reviews (PKI-specific): Validate code against CA/B Forum BRs, EV Guidelines, S/MIME BRs, Root Program policies, RFC 5280, and CP/CPS.
  • Support development of policy-as-code rules under guidance from senior engineers.
  • Help integrate compliance checks into CI/CD pipelines.
  • Participate in building automated evidence collection for audits.
  • Implement validators and monitors for certificate lifecycle operations to ensure continuous compliance.
  • Collaborate with team to improve developer experience and reduce false positives.
  • Standards Translation: Turn industry policies into precise policy-as-code.
  • Technical Analysis: Parse complex issuance code paths, DCV implementations, and profile renderers.
  • Basic understanding of security principles and automation mindset to build reliable shift-left guardrails that block non-compliance pre-merge and pre-issuance.
  • Attention to detail when reviewing code and configurations.
  • Strong communication skills and ability to work in a team environment.

Benefits

  • Generous time off policies
  • Top shelf benefits
  • Education, wellness and lifestyle support

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Entry Level

Job Search Resources

Similar PKI Compliance and Automation Engineer job opportunities

Compliance Automation Engineer
Vercel
Vercel5d • $128,000 - $222,000 • Hybrid
GPS - PKI Engineer
EY
EY • Jackson, MS13d
GPS - PKI Engineer
About EY-Parthenon
About EY-Parthenon • Chicago, IL9d • $91,100 - $170,400
Lead Infrastructure Engineer- PKI
JPMorgan Chase & Co.
JPMorgan Chase & Co. • Plano, TX7d
Lead Infrastructure Engineer- PKI
JPMorgan Chase & Co.
JPMorgan Chase & Co. • Plano, TX7d
Senior Manager, PKI and MFA Engineer and Support
Otis Elevator Co.
Otis Elevator Co.13d • Remote
Explore More Jobs

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service