Senior Software Engineer - PKI

FordDearborn, MI
Hybrid
Match Resume

About The Position

The Product Cybersecurity PKI & Key Mgmt Security Services team generates, distributes, stores, and manages lifecycle for the cryptographic keys in the vehicle product ecosystem. This includes developing and maintaining in-house APIs and web services to provide confidentiality, integrity and authenticity protection for various use cases and features in the product ecosystem. The Product Cybersecurity PKI & Key Mgmt Security Services team is directly engaged with the entire end-to-end solution for Vehicle Products and ecosystem, providing key management, PKI certificate lifecycle management and relative security services that support everything from ECU manufacturing to customer facing features. In addition to managing the product ecosystem cryptographic keys, the team develops and maintains various security API services built on the foundation and usage of cryptographic keys – including vehicle secure messaging from cloud, software signing, UDS diagnostics, EV charging and more. Our infrastructure cloud and on-premises servers and hardware security modules (HSM) running our services and powering our product PKI. We are seeking an exceptional Senior Software Engineer specializing in Public Key Infrastructure (PKI) and secure API services to own the end-to-end lifecycle of mission-critical cryptographic systems. You will design, build, deploy, and maintain high-assurance PKI APIs that power certificate issuance, lifecycle management, revocation, and integration for enterprise and cloud-native environments. This is not a support or maintenance role. You will own products, drive architecture, interface directly with customers, and deliver production-grade systems that protect billions in digital assets. The ideal candidate is a world-class software engineer who treats code as craft, thrives in ambiguity, has a deep understanding of foundational cybersecurity strategies and algorithms, and builds trusted relationships with security architects and product development teams.

Requirements

  • Bachelor’s degree in Computer Science, Information Technology, OR a combination of education and experience
  • 5+ years of experience and proficiency in software engineering and secure coding practices using object oriented programming, including C#/C++, Java, Python or related languages
  • Experience and understanding of industry security standards and applying them in our software solutions and processes, including NIST, OWASP, and relevant ISO and IEEE standards.
  • Strong knowledge and applicability of software architecture, development, methodologies and design principles including test-driven development
  • Application of Identity and Access Management principles in software services
  • Strong software testing skills that result in lasting quality solutions at scale
  • Proficient version control of development and release branches in Git
  • 3+ years of experience deploying and maintaining cloud infrastructure with Kubernetes or OpenShift, and managing database instances (SQL Postgres, Redis, MongoDB)
  • 3+ years building, maintaining, and integrating with production PKI systems and supporting cryptographic interfaces.
  • Strong knowledge of PKI and Key Management best practices
  • Excellent understanding and application of cybersecurity algorithms, standards, and strategies including RSA, ECC, AES, X.509, PKCS#11, ACME, OCSP, CRL, HSM integration

Nice To Haves

  • CISSP or related cybersecurity certifications.
  • Proven track record of owning customer-facing products from ideation to general acceptance, and flexibility to manage multiple projects and deliverables throughout lifecycle.
  • Familiarity with in-vehicle network architecture, modules, and protocols are a plus.

Responsibilities

  • Lead the full lifecycle of PKI and Key Management API services supporting our vehicle products and ecosystem — lead customer requirements gathering, architecture design, implementation, testing, deployment, monitoring, and post-launch support.
  • Design and develop RESTful APIs and web services that are robust, secure and scalable for various features and use cases: CRL/OCSP, ACME, Certificate Issuance, message encryption/decryption, software signing, key rotation and certificate lifecycle management, HSM integration with PKCS11. Implement access control methods that enforce least privilege access principles using OAuth or mTLS.
  • Implement and harden PKI and key services with deep knowledge of PKI industry standards, X.509, PKCS standards, elliptic curve cryptography (ECC) and RSA, post-quantum readiness, and hardware security module CSP integration. Apply hybrid encryption techniques with AES. Define and enforce PKI certificate policies and certificate profiles.
  • Design fault-tolerant, highly available PKI services with zero-downtime issuance, disaster recovery, and multi-region replication.
  • Release and Deploy your apps through build server, CI/CD pipeline, and infrastructure involving on-premises and cloud Kubernetes
  • Monitor and address findings regularly in code base through SAST, DAST, software quality and security vulnerability scanning.
  • Actively assist in monitoring our systems and performing root cause analysis to address issues quickly. Implement robust application logging and integration with Splunk and security monitoring systems.
  • Define and lead best practices for our software development process, perform code reviews, and mentor engineers while remaining hands-on in the codebase.
  • Working with ECU embedded development teams to understand embedded architecture requirements and the best approach of key management for each ECU.
  • Authoring and managing technical cybersecurity requirements and process documentation

Benefits

  • Immediate medical, dental, vision and prescription drug coverage
  • Flexible family care days, paid parental leave, new parent ramp-up programs, subsidized back-up child care and more
  • Family building benefits including adoption and surrogacy expense reimbursement, fertility treatments, and more
  • Vehicle discount program for employees and family members and management leases
  • Tuition assistance
  • Established and active employee resource groups
  • Paid time off for individual and team community service
  • A generous schedule of paid holidays, including the week between Christmas and New Year’s Day
  • Paid time off and the option to purchase additional vacation time.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Senior

Education Level

Associate degree

Job Search Resources

Similar Senior Software Engineer - PKI job opportunities

Senior Software Engineer - PKI
Ford Motor
Ford Motor • Dearborn, MI2d • Hybrid
Senior Software Engineer - PKI
Ford Motor Company
Ford Motor Company • Dearborn, MI2d
PKI Engineer
Castellum Inc
Castellum Inc • Aberdeen Proving Ground, MD12d • Hybrid
Staff Security Engineer, PKI & Secrets
CoreWeave
CoreWeave • Sunnyvale, NY11d • Hybrid
Linux PKI Enterprise Systems Engineer
Leidos
Leidos • Huntsville, AL12d
Staff Security Engineer, PKI & Secrets
CoreWeave
CoreWeave • Sunnyvale, CA11d • Hybrid

Tools

Templates & Examples

Resources

Comparisons

Company

Over 4 Million Users
Free AI tools and resources to help you land your next job, faster
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service