Public Key Infrastructure (PKI) Architect

About The Position

Requirements

• Bachelor’s degree in Computer Science, Cybersecurity, Information Systems, Engineering, Mathematics, or a related technical field (or equivalent experience)
• 4+ years of professional experience in PKI architecting, cybersecurity engineering, identity and access management (IAM), infrastructure/security architecture, or enterprise platform engineering (not limited to application development)
• Experience designing and supporting PKI solutions in FICAM and Federal PKI (FPKI) environments.
• Experience with X.509 certificate lifecycle management, automation, and policy development.
• Knowledge of X.509 certificate policies and CA/Browser Forum standards.
• Experience implementing certificate automation using ACME.
• Experience with Hardware Security Modules (HSMs) and cryptographic key management.
• Familiarity with Post-Quantum Cryptography (PQC) concepts and migration strategies.
• Experience with PKI platforms including DigiCert, Entrust, Microsoft AD CS, and Let's Encrypt.
• Experience supporting CAC/PIV smart cards, server, code-signing, and S/MIME certificates, including certificate trust chains and validation.
• Experience with cloud platforms such as AWS and/or Azure.
• Familiarity with DevSecOps practices, CI/CD pipelines, and source control platforms such as GitHub Enterprise.
• Understanding of security frameworks and standards including NIST, FISMA, FIPS, and Zero Trust principles.
• Applicants must be U.S. Citizens
• Ability to obtain a Public Trust clearance

Nice To Haves

• Experience using Docker and Kubernetes.
• Experience with Shibboleth, CyberArk, or HashiCorp Vault.
• Experience with Splunk, Tenable, Checkmarx, SonarQube, or related security tooling.
• Experience with STIG hardening, vulnerability management, or compliance programs.
• Familiarity with PIV authentication and identity governance solutions.
• Experience supporting highly regulated environments, including federal or public sector organizations.
• Relevant cloud, security, or architecture certifications.

Responsibilities

• Design, implement, and evolve PKI architectures that enable secure authentication and Zero Trust initiatives
• Build and support cloud-native solutions across AWS and Azure environments.
• Automate infrastructure, deployments, and operational processes using Ansible and CI/CD pipelines.
• Partner with security and engineering teams to implement DevSecOps practices and secure software delivery.
• Support compliance initiatives aligned with FIPS, NIST 800-53, FISMA, and Zero Trust Architecture principles.
• Monitor, troubleshoot, and optimize application and platform performance using security and observability tools.

Benefits

• Remote Work (Hybrid roles will be specified in the job post)
• Competitive Compensation Package
• Medical, Dental, and Vision
• Life Insurance, Short/Long Term Disability
• Employee Assistance Program
• 401(k) with 4% matching
• Liberal PTO vacation policy
• Generous Annual Continuing Education
• Annual Wellness Budget
• Bonus Incentive Programs (Employee referrals and performance-based rewards)