Public Key Infrastructure (PKI) Digital Certificate Lifecycle Management Specialist
About The Position
This Senior PKI Certificate Lifecycle Management (CLM) role is part of the Data Security Governance team, responsible for CLM, Data Security standards and enforcement, Encryption and Encryption Keys standards and support, and Database Activity Monitoring. The role involves building and maintaining a PKI certificate inventory, managing trusted root authority signers, reviewing certificate enrollment requests, and administering certificate automation tools. A key focus is driving the automation of certificate lifecycle management and collaborating with engineering teams to support these tools. The position requires ensuring high availability of certificate services, supporting corporate success metrics for renewals, auditing non-compliant certificates, and providing advisory support to application teams. Additionally, the role involves developing PKI-related policies and documentation, managing certificate software and authority vendors, mentoring junior team members, and contributing to continuous improvement initiatives and other data protection efforts.
Requirements
- 10+ years of relevant IT experience.
- 5+ years of certificate lifecycle managing.
- Knowledge of relevant industry standards and best practices and the ability to effectively communicate and plan for critical industry timelines.
- Interpersonal skills.
- Ability to work independently, leading meetings with application and development teams discovering and documenting detailed requirements.
- Proven ability to plan, coordinate and implement certificate monitoring to prevent system outages.
- Proven experience working calmly and effectively in critical and time sensitive situations.
- Interpersonal skills including patient disposition that welcomes certificate owners to seek your assistance when needed and open-minded approach to recommendations that will improve the certificate lifecycle process.
Nice To Haves
- AppViewX Cert++ experience preferred.
Responsibilities
- Building and maintaining a PKI certificate inventory of different certificate types, using inputs from multiple Certificate Authorities and discovery of active certificates bound to network IPs and ports.
- Maintain trusted root authority signers.
- Review and approve/reject certificate enrollment requests.
- Configure and administer usage of certificate automation tools and platforms such as AppViewX Cert ++.
- Drive automation of certificate lifecycle management via CLM and workflow platforms.
- Collaborate with engineering and other technical teams in configuring and supporting the above tools.
- Ensure 99.99%+ availability and reliability of certificate services.
- Support meeting corporate success metrics for certificate renewals.
- Auditing, reporting and follow up of non-compliant certificates.
- Provide advisory to application teams who own and support certificates for their applications, including assisting certificate users with various levels of expertise.
- Develop and support PKI-related policies, standards, and procedures, including certificate guidance documentation that is easy to follow and convenient to access.
- Certificate software and certificate authority vendor management.
- Provide mentorship and training to junior team members.
- Provide continuous improvement ideas to reduce expenses and/or improve efficiency.
- Research, process and apply relevant information security standards.
- Contribute to technical documentation, specifications, and artifacts for certificates support.
- Potentially contribute to other initiatives within data protection and encryption space.
Benefits
- Eligibility for incentive compensation which may include production, commission, and/or discretionary incentives.
- Flexible options in circumstances where roles can be performed effectively in a mobile environment.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
Education Level
No Education Listed
