-
Architects and deploys Microsoft Active Directory Certificate Services (AD CS) components, including Certificate Authorities (CAs), Online Responders (OCSP), Certificate Revocation Lists (CRLs) and Network Device Enrollment Service (NDES).
-
Manages the full certificate lifecycle using advanced Certificate Lifecycle Management (CLM) platforms and Hardware Security Modules (HSMs).
-
Develops and implements automation scripts (PowerShell, Python) for PKI operations, certificate issuance, revocation, and monitoring.
-
Implements proof of concepts for PKI solutions.
-
Provides expert-level (Tier 3) support for complex PKI and Certificate Management incidents, performing root cause analysis and implementing permanent solutions.
-
Collaborates with cross-functional teams, including Product Owners, DevOps, and IT Security, to integrate PKI solutions into various applications and services.
-
Contributes to the overall security architecture, providing expert guidance on cryptographic standards, key management, and secure communication protocols.
-
Conducts comprehensive risk assessments for PKI deployments and develop mitigation strategies to ensure compliance with industry regulations and internal security policies.
-
Creates and maintains high-quality technical documentation, including design specifications, operational procedures, and test plans.
-
Conducts research on existing systems and devise solutions that work within those systems.
-
Responds to questions regarding PKI and Certificate Management capabilities and requirements.
-
Maintains a high-level understanding of the organization's IT-Security processes and requirements.
-
Works on the delivery of DevOps User Stories within specified functional area(s).
-
Supports the roll-out and operation of global Public Key Infrastructure (PKI) and Certificate Management initiatives within the Group for multiple departments and all global locations.
-
Understands and models VPS (Value Added Production System) Principles and concepts of Standard Work and Problem Solving.
-
Adheres to 5S and Safety Standards and Principles.
-
Performs other duties as assigned by Group Operations Supervisor.
-
10+ years of hands-on experience with Microsoft Active Directory Certificate Services (AD CS) -OR Equivalent platform, including design, deployment, and troubleshooting of Certificate Authorities (CAs), Online Responders (OCSP), and Network Device Enrollment Service (NDES).
-
3+ years of expertise in certificate lifecycle management (CLM) platforms (e.g., Venafi, AppViewX, Keyfactor) and Hardware Security Modules (HSMs) (e.g., Thales, nCipher, Utimaco).
-
5+ years of proven track record of successfully delivering complex PKI projects in large- scale enterprise environments.
-
5+ years of experience driving products from concept and ideation through successful launch.
-
5+ years of experience working on a team employing standardized project delivery methods (Agile/Scrum development methods preferred).
-
5+ years of experience in understanding of and working with non-functional requirements.
-
5+ years of experience of working in an enterprise environment.
Never miss an opportunity! Create an alert based on the job you applied for.
