Public Key Infrastructure Admin

About The Position

Requirements

• 10+ years of experience in IT infrastructure or related fields with demonstrated design and engineering capabilities.
• 3+ years working in a PKI environment, including experience with CA and certificate lifecycle management.
• Hands-on experience with encryption and cryptographic technologies such as TLS, PGP, PKI, and HSM.
• Solid understanding of key management, tokenization, and data masking.
• Knowledge of system vulnerabilities, penetration testing methods, and remediation techniques.
• Proficiency with scripting languages such as Python, PowerShell, Bash, or KornShell (KSH).
• Experience with Linux platforms; familiarity with Windows Server is a plus.
• Ability to collaborate across technical teams and effectively communicate with stakeholders at all levels.
• Strong organizational and prioritization skills, able to manage multiple projects with competing demands.
• Familiarity with Agile methodologies and DevSecOps principles.

Nice To Haves

• Experience with certificate management tools such as Venafi, Keyfactor, or similar platforms.
• Working knowledge of Entrust or other public certificate providers.
• Experience with configuration and infrastructure automation tools such as Ansible, Puppet, or Terraform.
• Familiarity with Identity and Access Management (IAM) tools such as IBM TIM/TAM.
• Exposure to IoT device security and management is a plus.
• Hands-on experience with Red Hat technologies, including Identity Management (IdM), RHV, Satellite, RHDS, and Ceph.
• Experience with AWS cloud services, including EC2, S3, Lambda, RDS, ALB/NLB.
• Proven ability to design, optimize, and troubleshoot public cloud infrastructure and complex application stacks.
• Background in architectural or design roles such as Solutions Architect, Technical Architect, or Technical Design Authority.

Responsibilities

• Design, implement, and manage PKI and certificate lifecycle management processes and controls.
• Integrate certificate authority (CA) management with enterprise authentication platforms (e.g., Active Directory, Unix-based systems).
• Collaborate with security and infrastructure teams to ensure full integration and automation of PKI solutions.
• Assess and implement encryption technologies including TLS, PGP, and HSM for data protection.
• Automate and manage certificate issuance, renewal, and revocation using industry tools.
• Evaluate and maintain cryptographic standards and practices for enterprise systems.
• Ensure compliance and auditability of PKI solutions through effective documentation and tooling.
• Support secure infrastructure design by implementing and reviewing cryptographic and authentication mechanisms.
• Contribute to Agile team environments (Scrum, Kanban) with focus on continuous integration and delivery.
• Prioritize and manage multiple ongoing initiatives, balancing delivery timelines and technical quality.