The Senior AgileSec Analytics Platform Engineer leads the end-to-end onboarding and operationalization effort.
This candidate brings deep platform experience, drives architectural decisions, and sets the standard for documentation and process repeatability across the engagement.
Responsibilities Lead platform architecture review and integration design for AgileSec Analytics within the client environment. Establish repeatable deployment and configuration management frameworks, including automated upgrade and patching pipelines. Own the full documentation lifecycle: from initial runbook creation through peer review, version control, and handoff to the operations team. Serve as the primary technical point of contact across security, infrastructure, and operations stakeholders. Mentor mid-level team members and ensure knowledge transfer throughout the engagement. Define monitoring and alerting standards for platform health and user activity within AgileSec Analytics. Lead Cipher Insights network component configuration where applicable.
Added Required Skills Integration & Connectivity 2–4 years of experience with API integrations, webhook/callback patterns, and secure credential handling. Ability to troubleshoot connectivity issues using logs, network tools, and platform diagnostics. Infrastructure Proficient Linux command-line user with scripting experience (Bash or Python); Kubernetes exposure is a strong plus. Working knowledge of configuration management concepts; experience with at least one deployment automation tool is beneficial.
OpenSearch & Analytics Stack Working knowledge of OpenSearch or a comparable search/analytics stack (Elasticsearch, Splunk, etc.): indexing basics, dashboard creation, and query writing. Experience setting up or supporting analytics/observability platforms in an enterprise context.
Documentation & Communication Demonstrated ability to write clear, structured procedural documentation for technical and non-technical audiences. Comfortable communicating across security, infrastructure, and operations teams; proactive in flagging blockers.
Preferred Qualifications Direct exposure to the AgileSec Analytics platform or Keyfactor product suite. Familiarity with Cipher Insights network discovery concepts. Experience in environments with cryptographic or compliance requirements (awareness-level, not practitioner-level).
More Required Skills Integration & Connectivity 5+ years of hands-on experience with API-based integrations, REST/webhook patterns, and secure credential management (secrets vaults, token rotation). Demonstrated ability to diagnose and resolve complex system-to-system connectivity issues in production environments. Infrastructure Strong Linux OS administration and/or Kubernetes cluster management experience, including scripting (Bash, Python, or similar) and error handling at scale. Familiarity with deployment automation tooling (Ansible, Helm, Terraform, or equivalent) for analytics platform lifecycle management. OpenSearch & Analytics Stack Advanced working knowledge of OpenSearch: index management, custom queries, dashboard development, and cluster performance tuning. Experience operating or standing up comparable analytics/observability platforms (e.g., Elasticsearch, Splunk, Datadog, Grafana stack). Documentation & Communication Track record of producing enterprise-grade operational runbooks and technical documentation consumed by both engineers and business users. Excellent verbal and written communication; comfortable leading cross-functional workshops and stakeholder reviews. Preferred Qualifications Direct experience with the AgileSec Analytics platform (any current offering). Familiarity with Cipher Insights and its network discovery component. Background working within cybersecurity or compliance-driven environments. Experience supporting or onboarding Keyfactor products is a plus.
The skills we believe are most critical for a successful onboarding and for creating repeatable procedural documentation include:
System-to-system integration experience: API-based integrations, webhook/callback patterns, secure credential handling, and connectivity troubleshooting ·
Linux OS or Kubernetes experience; command-line, scripting, or error handling ·
Working knowledge of OpenSearch (indexing, queries, dashboards), which underpins the AgileSec platform today · Experience standing up analytics or observability platforms and creating repeatable processes o Deliver operational runbooks covering both system administrator procedures (deployments, upgrades, patching, monitoring, alerting) and application user procedures (dashboard creation, user onboarding, recommended system configurations, etc.) o Familiarity with deployment automation and platform lifecycle management, including repeatable deployments, upgrades, and configuration management for analytics platforms o Ability to translate technical configuration into clear procedural documentation · Strong communication skills are to coordinate across security, infrastructure, and operations teams Direct AgileSec platform experience is a plus for all the current offerings on the platform, including the Cipher Insights which does have a networking component to it. That said, given the platform’s reliance on OpenSearch, a candidate with strong OpenSearch or similar analytics-stack experience would also be very valuable.
As a point of clarification - resumes look very strong for PKI and KeyFactor but we need real implimentation experience of AgileSec. AgileSec is Keyfactor’s platform for discovering, managing, and rapidly adapting cryptography across an enterprise—so you’re not rewriting apps every time security standards change. I would really appreciate updates if any submitted candidate has this experience and if possible a resume that demonstrates this element. The other option we''re competing with is a tried and true bench resource service from Keyfactor - so the AgileSec is in this case mandatory.
Hi there! The customer for this engagement is PNC (needs to be sensitive). We are working on an engagement that has a few service flavors included in it - SR/Consulting/Deployment - this role might be converted given the long term need of the customer so SR would be the play here. I realize that this is a niche hire, so remote is open and the bill rate is healthy. A person in Pitts, PA would be ideal but is in no way required. I'';ve only opened this to a small number of partners given the pool we''re searching is so small. Please let me know if you have any questions - this person needs to be very poliished and highly consultative.
What this role is We are looking for a hands-on operator who owns certificate lifecycle, PKI, and machine identity at scale—and has been accountable for it in production environments.
If you’ve ever had an application go down because of an expired certificate and made sure it never happened again, you’ll feel right at home here. What you’ll do
- Own end-to-end certificate lifecycle management (issue, renew, revoke, rotate) across enterprise environments
- Build and maintain automated certificate workflows integrated into CI/CD pipelines
- Operate and scale PKI environments (internal CAs, intermediate chains, trust stores)
- Integrate Keyfactor with:
- CI/CD tools (GitHub Actions, Jenkins, Azure DevOps)
- Cloud platforms (AWS, Azure)
- Infrastructure (F5, NGINX, IIS, Kubernetes)
- Troubleshoot and resolve:
- TLS/SSL handshake failures
- Broken trust chains
- Certificate expiration incidents
- Partner directly with engineering teams in an agile model to deliver security as code What you must have (non-negotiable)
- Proven experience managing PKI in production environments (not lab/theory)
- Hands-on ownership of certificate lifecycle automation
- Strong understanding of:
- TLS handshake and encryption fundamentals
- Certificate chains (root/intermediate)
- CRL vs OCSP
- Experience with Keyfactor or comparable PKI platforms
- Scripting experience (PowerShell or Python) used in real-world automation
- Experience supporting production incidents related to certificates or encryption
What will set you apart
- Experience integrating certificate management into CI/CD pipelines
- Exposure to cloud-native certificate services (AWS ACM, Azure Key Vault)
- Experience in containerized environments (Kubernetes, ingress controllers)
- Ability to translate security requirements into automated, scalable solutions
How we evaluate candidates You will be asked to walk through real scenarios, including:
- A certificate-related outage you handled end-to-end
- How you automated certificate provisioning and renewal
- How trust chains function and fail in production environments
We are not looking for theoretical answers—we’re looking for operators who have done the work.
What success looks like
- Zero certificate-related outages
- Fully automated certificate lifecycle across environments
- Clear visibility and control over machine identities
- Engineering teams enabled—not blocked—by security
Requirements
Update:
Please see the note from the stakeholder regarding a recent well qualified submission and her reason for decline. As I noted in my May 6 message, this is not a cryptography- or PKI-heavy role. AgileSec Analytics onboarding should not require deep cryptographic expertise. The need here is for a systems and analytics-focused integrator who can stand up and operationalize the platform itself. While the profile you shared is strong overall, it is still framed around senior security and PKI experience rather than the system integration onboarding and operationalization skill set above. That is the gap I am trying to close. What I am looking for next are two options aligned the new framing that we supplied
Update:
The Mid-Level to senior level AgileSec Analytics Platform Engineer executes platform configuration and integration tasks under the direction of a senior lead or the client''s internal cryptographic team. This candidate brings solid hands-on technical skills, a continuous learning mindset, and the ability to translate complex configurations into clear procedural documentation.
Updte:
Responsibilities Execute API and webhook integrations following approved design patterns, ensuring secure credential handling and stable connectivity. Administer Linux and/or Kubernetes environments for AgileSec platform services, applying configuration changes and managing routine upgrades. Build and maintain OpenSearch dashboards and queries aligned with reporting requirements defined by the crypto team. Author and iterate on operational runbooks for both system administrator and application-user audiences. Participate in cross-functional planning sessions and translate technical configuration steps into accessible documentation. Support monitoring and alerting configuration, escalating anomalies to the senior lead or client team.
Never miss an opportunity! Create an alert based on the job you applied for.
