Sr Security Engineer with PKI (Public Key Infrastructure)

Overview

On Site
Depends on Experience
Contract - W2
Contract - 12 Month(s)

Skills

Public Key Infrastructure (PKI) systems
Python PowerShell scripting
AWS

Job Details

Sr Security Engineer with PKI (Public Key Infrastructure)
Contract/Contract to Hire
Atlanta, GA


Summary
We are seeking a highly experienced Senior PKI Security Engineer to lead the design, implementation, and management of Public Key Infrastructure (PKI) systems within our enterprise security program. This role will focus on building scalable and compliant PKI solutions, evaluating emerging technologies, and supporting encryption and authentication systems across the organization. The ideal candidate has deep expertise in PKI, cryptographic protocols, certificate lifecycle management, and regulatory frameworks such as FPKI.

Three main points

Subject matter expert on certification administration and experience with automation of all the certificates. (PKI, Venafi, digital certificates management)

  • Large enterprise infrastructure 500-100 certification administration experience.
  • Need to know how the automation works
  • Python PowerShell scripting
  • AWS is a must


Key Responsibilities

  • Lead the strategy, design, and continuous improvement of Delta's PKI infrastructure.
  • Collaborate with IT, DevOps, and security teams to implement and manage secure certificate-based authentication systems.
  • Develop, test, and maintain security infrastructure including firewalls, intrusion detection systems, and data encryption protocols.
  • Ensure compliance with FPKI Common Policy Framework and other regulatory requirements.
  • Perform risk assessments, vulnerability testing, and security audits of systems and applications.
  • Troubleshoot and support PKI-related issues, including certificate issuance, renewal automation, and integration.
  • Review and enhance Red Hat Certificate System source code for defect remediation and feature development.
  • Interface with system owners and business stakeholders to deliver secure and scalable encryption solutions.
  • Maintain documentation for PKI architecture, policies, and procedures.
  • Participate in incident response and forensic analysis of security breaches related to PKI infrastructure.
  • Provide technical leadership and mentoring to junior engineers.
  • Establish and enforce corporate security policies and procedures.
  • Analyze, recommend, and implement security enhancements and controls.
  • Educate and train staff on PKI and network security best practices.
  • Participate in evaluating new security technologies and solutions.
  • Communicate effectively with technical and non-technical stakeholders during security incidents and audits.


Technical Skills & Experience:

  • PKI Expertise: Strong experience in designing, deploying, and managing enterprise PKI systems including Microsoft PKI, Venafi, and AWS PKI services (ACM, KMS, CloudHSM).
  • Protocols: Deep knowledge of SSL/TLS, HTTPS, LDAPS, S/MIME, and certificate-based authentication protocols.
  • Scripting: Proficient in PowerShell, Python, Bash, JSON, YAML, and automation for certificate lifecycle management.
  • Cloud & Infrastructure: Experience with cloud-native PKI (AWS, Azure), CloudTrail, Secrets Manager, CloudFront.
  • Security Engineering: Knowledge of OSI layer 2 7 security models, encryption standards, and hardware security modules (HSMs).
  • Compliance & Governance: Familiarity with HSPD-12, FISMA, and identity governance frameworks.
  • Platforms: Experience with Linux (RHEL), Windows Server, IBM Mainframe encryption (TKE, UKO, SGKLM).
  • Tools & Integration: Integration with enterprise tools such as Venafi, and third-party public CA providers.
  • Disaster Recovery: Experience developing and implementing IT contingency and disaster recovery plans.

Professional Qualifications:

  • Bachelor's degree in computer science, Information Security, or related field (Master's preferred).
  • 5+ years of hands-on experience in PKI engineering, certificate management, and digital identity solutions.
  • Strong problem-solving, analytical, and communication skills.
  • Detail-oriented with a proactive approach to identifying and resolving issues.
  • Agile methodology experience preferred.

Preferred certifications:

  • CISSP (Certified Information Systems Security Professional)
  • AWS Certified Security or related cloud certifications
  • CISM (Certified Information Security Manager)
  • Microsoft or Red Hat security certifications
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.