PKI Architect

Overview

On Site
$180,000 - $200,000
Full Time
Accepts corp to corp applications
No Travel Required

Skills

Security Architecture
PKI
Problem Solving
IT Management
Identity Management
Cyber Security

Job Details

Job Summary:

We are seeking a highly skilled PKI Architect to lead the design, implementation, and management of enterprise Public Key Infrastructure solutions. The ideal candidate will have deep expertise in cryptographic technologies, certificate lifecycle management, and secure key management practices, with a strong understanding of enterprise security architecture.

Key Responsibilities:

Design and architect scalable PKI solutions to support enterprise security requirements.

Lead the implementation and integration of PKI systems with identity management, authentication, and secure communications platforms.

Define and enforce certificate policies, key usage standards, and lifecycle management processes.

Manage root and subordinate Certificate Authorities (CAs), including hardware security modules (HSMs).

Ensure compliance with industry standards and regulatory requirements (e.g., NIST, ISO, GDPR).

Collaborate with cybersecurity, infrastructure, and application teams to integrate PKI into broader security architecture.

Conduct risk assessments and recommend improvements to PKI-related processes and technologies.

Provide technical leadership and mentoring to engineering teams on PKI best practices.

Required Skills & Qualifications:

Bachelor s or Master s degree in Computer Science, Information Security, or related field.

7+ years of experience in cybersecurity, with at least 3 years focused on PKI architecture and implementation.

Strong understanding of cryptographic protocols (TLS/SSL, S/MIME, IPsec), certificate formats (X.509), and key management.

Experience with PKI tools and platforms (e.g., Microsoft AD CS, Venafi, DigiCert, Entrust, Keyfactor).

Familiarity with HSMs, smart cards, and secure key storage solutions.

Knowledge of identity and access management (IAM) and integration with PKI.

Excellent problem-solving, documentation, and communication skills.

Preferred Qualifications:

Certifications such as CISSP, CISM, or vendor-specific PKI certifications.

Experience with cloud-based PKI solutions (AWS Certificate Manager, Azure Key Vault).

Knowledge of DevSecOps practices and automation of certificate management.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.