Responsibilities
will include:
1. Support and enhancepany wide PKI services using current Certification Authorities (CAs) and Registration Authorities
2. Design, implement Orchestration and Automation of Enterprise certificate management
3. Design, implement Enterprise Code Signing Services
4. Provide consulting and guidance to application teams around cryptographic technologies
5. Design secure vaulting solutions using Hardware Security Modules (HSM) and Key Management systems (KMS)
6. Support Simple Certificate Enrollment Protocol (SCEP) servers
7. Design, test, implement changes in the PKI Infrastructure
8. Interface with vendors that provide security/encryption services to thepany
9. Lead the definition and implementation of POCs around PKI and other certificate related technologies
10. Developing and maintaining system orchestration to automate day to day processes
11. Developing and maintaining ad-hoc and automated data reporting as needed using vendor tooling or custom automation as appropriate
12. Creating and maintaining documentation for technical and administrative functions
13. Evolving the framework for system monitoring and develop tooling to automate notifications and generate reporting/metrics
14. Providing guidance for scopingplex, cross-organizational projects as needed
15. Develop automation approaches to solve PKI lifecycle challenges
16. Analyze legacy PKI solutions for security gaps and develop new approaches/capability to mitigate
17. Develop standards and approaches to enable seamless integration across technical stacks
18. Partner with architecture teams to understand security and business implications of PKI strategy
19. Act as a technical owner on initiatives involving PKI technologies
20. Champion PKI capability and integration across core security and IT
21. Develop and deploy solutions to ensure that Digital Credential Services are performing according to specifications, meet defined procedures, andply with applicable information security policies and requirements.
22. Integrate applications and third-party products into internal services
Skills/Knowledge Desired:
23. Certificate Authority Administration
24. Certificate Enrollment Web Service & Policy Web Service
25. Active Directory Certificate Services (ADCS) monitoring.
26. PKI as service
27. Data-in-motion Encryption
28. Data-at-rest Encryption
29. Expertise in Public Key Infrastructure (PKI) machine identity technologies such as SSH, SSL/TLS.
30. Familiarity with Disaster Recovery process and Business Continuity procedures.
31. Experience in managing Key Management Systems (KMS).
32. Ability to design and implement solutions that optimize systems and processes
33. Proficiency with a scripting language such as Java, Python or Powershell
34. Experience in database configuration and SQL
35. Experience with workflow and API development
36. Ability to organize and rationalizeplex data sets
Experience Desired
37. 9+ years of experience working with PKI architecture
38. 9+ years of System Administration of Windows, Unix/ Linux
39. 9+ years of experience in infrastructure (security/systems/network) engineering and/or development
40. 9+ years in technology and/or project management leadership positions
41. 9+ experience developing executive-level reporting andmunications
42. 9+ experience establishing and defining the scope of new teams or functions
43. 9+ experience working in largeplex environments (financial services a plus)
#cyberireland
Job ID R-749087