CCS Global Tech is a rapidly growing Information Technology company with a diverse portfolio of technology products and services and a large network of industry partnerships. With over 22 years of being a successful business with a global talent pool and presence, CCS is a certified Microsoft Gold Partner and specializes in delivering expert Microsoft based solutions for technical and business needs. We have been recognized by Inc. 500 Magazine as one of the fastest growing small companies in the Unites States.
we are a Tier 1 vendor for the City and County of San Francisco for Cloud Services, Staffing Services and Training Services. For this multi-year opportunity with a diverse set of needs to address, we are currently focusing on establishing partnerships with individuals as well as companies who can help us enhance our overall service portfolio, cut lead times, and ultimately help us deliver successfully. We currently hold sizable Government accounts in the San Francisco bay area including City and County of San Francisco, San Mateo County, and Santa Clara County.
We take great pride in our global reach and local influence. Your experience alongside our highly skilled and talented internal team who guide you along the way, offers key insights into what helps you stand out in a competitive job market.
If you are a partner company, please submit resumes with contact information of your own W2 Consultants only. Submitted consultants are expected to have excellent communication skills.
Senior PKI Engineer / SME
TS/SCI (active required)
Joint Base Anacostia-Bolling (JBAB)
$180K $205K
What This Job Feels Like
Work centers on designing and maintaining trust models that other systems depend
on, often with little margin for error.
Problems are rarely straightforward-solutions must account for vendor
constraints, security requirements, and interoperability edge cases.
Ownership of PKI architecture and implementation from policy design through
operational support.
High OPTEMPO; requires precision, persistence, and disciplined follow-through.
What You'll Do
Design and manage PKI architectures, including root/intermediate hierarchies,
chains of trust, and certificate lifecycle processes.
Create and maintain segmented trust models (organizational partitions, crossdomain trust, constrained intermediates).
Generate and support certificates for diverse use cases, including handling vendorspecific constraints and non-standard requirements (e.g., wildcard usage, SAN
configurations, custom extensions).
Troubleshoot certificate validation issues across systems, applications, and
network boundaries.
Collaborate with systems, network, and application teams to ensure certificates
function correctly within their environments.
Define and enforce certificate policies, revocation strategies (CRL/OCSP), and
security controls.
Mentor engineers on PKI fundamentals and correct implementation practices.
Tech Knowledge / Skills
PKI fundamentals: X.509, certificate chains, trust stores, key management
Microsoft CA, OpenSSL, and other PKI tooling
TLS/SSL, mutual authentication, certificate-based access control
CRL, OCSP, revocation and lifecycle management
Integration points: web servers, load balancers, applications, network devices
Requirements
8+ years experience in PKI, security engineering, or related systems roles in
secure/cleared environments
Active TS; must be able to obtain TS/SCI
Professional certification required; expert-level capability preferred
Demonstrated ability to design and troubleshoot PKI systems across multiple
platforms and vendors
Experience with complex trust models and real-world certificate interoperability
challenges
Location: On-site at Joint Base Anacostia-Bolling (JBAB)
Never miss an opportunity! Create an alert based on the job you applied for.