Senior PKI Security Engineer (Public Key Infrastructure)

Job Details:

Job Title: Senior PKI Security Engineer (Public Key Infrastructure)

Duration: Long-Term Contract

Location: Atlanta, GA || On-Site

Job Description:

Qualifications:

• Highly motivated and results-driven professional with substantial experience in designing, implementing, and managing PKI and security solutions.
• In-depth understanding of PKI concepts, security properties, and related technologies.
• Proficient in supporting PKI-based products, including web servers, certification authorities, and common PKI protocols (SSL/TLS, HTTPS, LDAPS).
• Hands-on experience with certificate authority (CA) implementation in compliance with the Federal PKI (FPKI) Common Policy Authority.
• Skilled in reviewing and patching Red Hat Certificate System source code for defects, as well as developing new capabilities.
• Strong expertise in PKI engineering support, troubleshooting, and HSM (Hardware Security Module) design and implementation.
• Working knowledge of OSI layer 2-7 security tactics and defense mechanisms against various types of attacks.
• Proven track record of collaborating with teams to deliver projects on time and in alignment with business specifications.

Technical Skills:

• Scripting & Programming: Proficient in PowerShell, Batch, JSON, Python, YAML, etc.
• PKI Expertise: Advanced knowledge of PKI design, implementation, administration, and provisioning in AWS (KMS, CloudHSM, ACM, CloudFront, Secrets Manager, CloudTrail).
• PKI Protocols & Products: In-depth experience with PKI-based products and protocols such as SSL/TLS, HTTPS, LDAPs, etc.
• Cloud Security: Expertise in cloud security technologies, including automating certificate renewal and lifecycle management.
• Microsoft & Venafi: Experience integrating Venafi with Microsoft PKI technologies and public PKI providers.
• Mainframe Security: Experience with IBM Mainframe encryption (TKE, UKO, SGKLM).
• Identity & Access Management: Skilled in identity management, provisioning, authentication, authorization, and HSPD-12 compliance.
• Incident Response & Forensics: Proficient in responding to security breaches, conducting forensic investigations, and deploying incident response measures.
• Security Tools: Experience with encryption, firewalls, intrusion detection systems, and other security measures.
• Automation & Scripting: Expertise in automating security processes, managing certificate renewals, and scripting security measures.
• Bachelor's degree in information security, Computer Science, or a related field.
• CISSP (Certified Information Systems Security Professional)
• AWS Cloud Certifications
• CISM (Certified Information Security Manager)
• Other cybersecurity-related certification s.

Responsibilities:

• Lead and enhance PKI program, ensuring alignment with compliance and regulatory requirements while supporting strategy, governance, implementation, and ongoing operations.
• Collaborate with system owners, business teams, and IT stakeholders to provide best-in-class PKI security strategies, driving long-term business objectives.

Additional Experience & Responsibilities:

• Design, test, evaluate, implement, and manage security systems to protect the organization's information assets.
• Collaborate with the technical team to recover data after security breaches and implement data recovery strategies.
• Configure and install firewalls, intrusion detection systems, and other security mechanisms to safeguard the infrastructure.
• Create and maintain security automation scripts to track and handle incidents efficiently.
• Perform vulnerability testing, risk analysis, and security assessments to identify and mitigate potential threats.
• Develop and implement disaster recovery plans and ensure business continuity in the event of security failures.
• Train and guide staff on security awareness and best practices, fostering a culture of cybersecurity within the organization.