Responsibilities will include:
1. Support and enhance company-wide PKI services using current Certification Authorities (CAs) and Registration Authorities.
2. Design and implement orchestration and automation of enterprise certificate management.
3. Design and implement enterprise code signing services.
4. Provide consulting and guidance to application teams around cryptographic technologies.
5. Design secure vaulting solutions using Hardware Security Modules (HSM) and Key Management systems (KMS).
6. Support Simple Certificate Enrollment Protocol (SCEP) servers.
7. Design, test, and implement changes in the PKI infrastructure.
8. Interface with vendors that provide security/encryption services to the company.
9. Lead the definition and implementation of POCs around PKI and other certificate-related technologies.
10. Develop and maintain system orchestration to automate day-to-day processes.
11. Develop and maintain ad-hoc and automated data reporting as needed using vendor tooling or custom automation as appropriate.
12. Create and maintain documentation for technical and administrative functions.
13. Evolve the framework for system monitoring and develop tooling to automate notifications and generate reporting/metrics.
14. Provide guidance for scoping complex, cross-organizational projects as needed.
15. Develop automation approaches to solve PKI lifecycle challenges.
16. Analyze legacy PKI solutions for security gaps and develop new approaches/capabilities to mitigate.
17. Develop standards and approaches to enable seamless integration across technical stacks.
18. Partner with architecture teams to understand security and business implications of PKI strategy.
19. Act as a technical owner on initiatives involving PKI technologies.
20. Champion PKI capability and integration across core security and IT.
21. Develop and deploy solutions to ensure that Digital Credential Services are performing according to specifications, meet defined procedures, and comply with applicable information security policies and requirements.
22. Integrate applications and third-party products into internal services.
Skills/Knowledge Desired:
1. Certificate Authority Administration.
2. Certificate Enrollment Web Service & Policy Web Service.
3. Active Directory Certificate Services (ADCS) monitoring.
4. PKI as a service.
5. Data-in-motion Encryption.
6. Data-at-rest Encryption.
7. Expertise in Public Key Infrastructure (PKI) machine identity technologies such as SSH, SSL/TLS.
8. Familiarity with Disaster Recovery process and Business Continuity procedures.
9. Experience in managing Key Management Systems (KMS).
10. Ability to design and implement solutions that optimize systems and processes.
11. Proficiency with a scripting language such as Java, Python, or PowerShell.
12. Experience in database configuration and SQL.
13. Experience with workflow and API development.
14. Ability to organize and rationalize complex data sets.
Experience Desired:
1. 9+ years of experience working with PKI architecture.
2. 9+ years of system administration of Windows, Unix/Linux.
3. 9+ years of experience in infrastructure (security/systems/network) engineering and/or development.
4. 9+ years in technology and/or project management leadership positions.
5. 9+ experience developing executive-level reporting and communications.
6. 9+ experience establishing and defining the scope of new teams or functions.
7. 9+ experience working in large complex environments (financial services a plus).
#cyberireland Job ID R-749087
#J-18808-Ljbffr