PKI Architect (REMOTE)

Remote • Posted 10 hours ago • Updated 10 hours ago
Contract W2
6 Months
No Travel Required
Remote
Depends on Experience
Fitment

Dice Job Match Score™

🎯 Assessing qualifications...

Job Details

Skills

  • PKI
  • Architecture

Summary

PKI Architect - Bloomington, IL - Remote

Position Overview :

The PKI Architect is a senior cybersecurity and enterprise architecture professional responsible for designing the overall strategy, architecture, governance, and roadmap for State Farm''s Public Key Infrastructure. While the PKI Engineer focuses on building and operating the environment, the PKI Architect determines what should be built, why, and how it fits into the organization''s broader security and identity strategy. This is a highly strategic, senior-level role requiring both deep technical expertise and executive-level communication capability.

Key Responsibilities :

  • Define and own the enterprise PKI strategy, architecture, governance framework, and multi-year technology roadmap.
  • Design CA hierarchies, certificate trust models, certificate policies (CP), and Certification Practice Statements (CPS).
  • Evaluate and select PKI technologies, vendors, and platforms aligned with enterprise security objectives and budget constraints.
  • Lead PKI architecture design reviews and provide authoritative technical direction to engineering teams.
  • Architect disaster recovery and business continuity strategies for PKI systems across the enterprise.
  • Design HSM integration strategies for enterprise-wide key protection and lifecycle management.
  • Architect and oversee OCSP and CRL infrastructure for scalable certificate status services.
  • Drive integration of PKI with broader IAM, Zero Trust, and DevSecOps initiatives across State Farm.
  • Establish governance standards, operational policies, and risk frameworks for certificate management.
  • Serve as trusted advisor to technology leadership (Technology Manager, Technology Director) on PKI risk, compliance, and modernization.
  • Assess existing PKI environment and provide gap analysis, maturity assessments, and improvement roadmaps.
  • Oversee and guide PKI engineering teams to ensure architectural intent is executed accurately.

MUST Have Skills:

  • Extensive experience designing and architecting enterprise PKI environments - not just operating them.
  • Deep mastery of cryptography, PKI trust models, CA hierarchy design, and certificate policy frameworks.
  • Strong background in enterprise security architecture, threat modeling, and risk management.
  • Experience designing PKI systems spanning multiple platforms (Windows, Linux, cloud-native environments).
  • Expert knowledge of PKI components: CA hierarchies, certificate lifecycle, HSMs, OCSP, CRL, and key recovery.
  • Proven ability to communicate complex PKI architecture concepts to executive and non-technical stakeholders.
  • Experience architecting disaster recovery and business continuity strategies for mission-critical PKI systems.
  • Familiarity with compliance frameworks as they relate to PKI: NIST, FedRAMP, PCI-DSS, SOC 2.
  • Ability to drive roadmap and governance decisions across organizational and vendor boundaries.
  • Strong understanding of PKI integration patterns with IAM, Zero Trust, and cloud security architectures.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
  • Dice Id: 10448332
  • Position Id: UC060726
  • Posted 10 hours ago
Contact the job poster
RK

Raj Kasipally

Recruiter @ Delviom LLC
Create job alert
Set job alertNever miss an opportunity! Create an alert based on the job you applied for.

Similar Jobs

Remote

Today

Easy Apply

Contract

Depends on Experience

Remote

Today

Full-time

Remote

Today

Full-time

Remote

Today

Full-time

Search all similar jobs