The PKI Designer/Architect role provides the opportunity to work in a highly complex, global organization to design, develop, and deploy new or enhanced PKI and certificate life cycle services to support the business with innovative solutions. The position offers the candidate that ability to work within a large scale, highly available, and secure set of technologies to support delivery of PKI and certificate life cycle services to the business. While PKI services and certificate management services must be highly secure, consistent, and reliable, the designer/architect will also drive services designed to provide or integrate with automated certificate provisioning services. The primary purpose for this role would be providing PKI Security Design architecture and engineering.
What you’ll bring:
Minimum 5 years’ experience working in a technical PKI architectural design role (such as Enterprise Design Architect, Application Design Architect, Solution Architect)
Experience in PKI design and delivery: from High Level Design to Low Level Design and implementation.
Experience with key PKI technologies such as EJBCA PKI, AppViewX+ Certificate Lifecycle, Microsoft Active Directory Certificate Services, AWS Private CA, including Thales Luna Hardware Security Modules (HSMs)
Domain knowledge and experience on associated cryptographic protocols, services, and standards
Experience with PKI implementation processes
Experience with PKI integrations, CMP, SCEP, EST, ACME, RestAPI other certificate enrolment practices
Experience with Certificate Life Cycle management/operations and automation certificate deployment.
Experience with DNS, Active Directory, ADCS, CRL, OCSP
Experience with certificate request and issuance processes integrating to ServiceNow automation
Hands on experience with:
PKI and Certificate deployment and automation.
Kubernetes, Docker – certificate integrations
Linux command line/Windows server management
Apache, IIS – application expertise
Database management/configuration (SQL, MySQL, Mongo)
Programming and/or script development experience (Eg Python and Terraform)
Implement new automation code for server, applications, configurations and cloud management (phyton or other types of Scripting)
Knowledge of networking technologies, internetworking devices and protocols & Protocols like TCP/IP, HTTP, SSL/TLS, DNS, SMTP etc are mandatory.
Intermediate level knowledge of Docker, Kubernetes.
A proactive approach to spotting problems, areas for improvement, and fixing performance bottlenecks.
Experience in technical engineering/design of SaaS environments is a Plus
Experience in CI-CD technologies such as Ansible, Jenkins
Creating complex technical designs and diagrams using diagram and vector graphics applications (Visio, Lucidchart, etc.)
Exceptional communication skills, both oral and written, coupled with excellent listening skills