Sr. PKI Security Engineer

Candidates needs to have:

• Proficiency in scripting platforms: PowerShell, Batch, JSON, Python, YAML, etc.
• Experience in PKI, Venafi, digital certificate management, IBM Mainframe, scripting, and information security.
• Expertise in PKI design, implementation, administration, and provisioning in AWS.
• Extensive experience with AWS PKI services: KMS, CloudHSM, ACM, CloudFront, Secrets Manager, CloudTrail.
• Experience with Microsoft PKI Technologies and Windows/Linux server platforms.
• Integration of Venafi with Microsoft PKI Technologies and public PKI providers.
• Experience on IBM Mainframe platforms encryption (TKE, UKO, SGKLM, etc.).
• Expertise in certificate lifecycle management and automation of renewal processes.
• Strong background in identity management, authentication, authorization, and compliance with HSPD-12.
• Knowledge of IT contingency planning and disaster preparedness.

Good to have:

• Experience with Agile software development methodologies.
• Preferred certifications: CISSP, AWS Cloud Certificates, CISM, or other cybersecurity-related certifications

Job Description:

• Perform security risk assessments and testing of data processing systems.
• Design security infrastructure and alert mechanisms for detected vulnerabilities.
• Evaluate new security technologies and recommend enhancements.
• Supervise changes in software, hardware, and security-related telecommunications.
• Develop security awareness programs, including educational sessions and ongoing communication.
• Monitor security trends and advise on regulatory and compliance modifications.
• Support and enhance Delta s PKI (Public Key Infrastructure) program, including strategy, governance, implementation, operations, and continuous compliance alignment.
• Engage with system owners, business teams, and IT stakeholders to provide PKI security strategy and industry guidance.
• Design, test, evaluate, implement, support, manage, and deploy security systems/devices to protect organizational assets.
• Analyze the information security environment and develop measures to prevent unauthorized modification, destruction, or disclosure of data.
• Configure and install firewalls and intrusion detection systems.
• Develop automation scripts for incident handling and tracking.
• Investigate intrusion incidents, conduct forensic investigations, and execute incident response.
• Deliver technical reports and formal papers on security findings.
• Implement security measures such as encryption and access control mechanisms.
• Provide technical support, monitor access requests, investigate security violations, and recommend improvements.
• Conduct vulnerability testing, risk analysis, and security assessments.
• Collaborate on authentication, authorization, and encryption solutions.
• Establish security controls and frameworks for data access management.
• Implement network disaster recovery plans and security enhancements.
• Define and maintain corporate security policies and train staff on security procedures.