PKI – Senior Infrastructure Engineer – CISSP and Venafi
|Published||May 12, 2023|
Who Is BeyondID?BeyondID is a rapidly growing global organization with the opportunity to grow personally and professionally. As a leading provider of managed identity and cybersecurity services, our mission is to help companies become more secure, agile, and future-proof. We care deeply about our team members, customers, partners, and investors. We are a diverse and inclusive organization that lives by its core values every day. And we foster a culture that's fun, supportive, and transparent, with a growth mindset. BeyondID is proud to assist companies such as ATN International, Bain Capital, Biogen, Discount Tire, FedEx, Gundersen Health Systems, Johnson Financial Group, and Major League Baseball to acquire, deploy and manage the best-of-breed identity, cybersecurity, and cloud platforms. BeyondID is backed by Tercera, an investment firm specializing in the $460B cloud professional services market.Public Key Infrastructure (PKI) Senior Engineer To support our rapid growth, we are expanding our Infrastructure team to include a Public Key Infrastructure (PKI) Senior Engineer. In this exciting role, you will drive Information Technologies (IT) security and productivity pillars by enabling secure connectivity for technical assets and devices within BeyondID/Customers with Identity Management infrastructure through the creation and management of digital certificates. This role drives complex design, development, and implementation activities aligned to a number of technologies including Microsoft's Public Key Infrastructure (PKI), Online Certificate Status Protocol (OCSP) infrastructure, Hardware Security Modules (HSM), CMS Enterprise, Entrust, KeyFactor, Venafi Trust Protection Platform, and Venafi TrustNet software suites. The successful candidate will have encompassing experience surrounding use cases covering PKI as a Service, Certificate lifecycle automation, SSH key management, Encryption key management, IoT identity Management, and more. To thrive in this role, you must be well versed and educated in common Information Security practices and the CISSP domains, as well as possess general Information Technology experience AND you must be able to leverage these experiences to identify opportunities for improvement in the present information security environment, focusing on PKI, encryption, and certificate-based authentication solutions.Certification Requirements: At least ONE security industry certification is required. Examples: (CISSP, SSCP, CISM, SANS GSEC, ECSA, ECSP, and Security+).Primary Responsibilities: Support the definition, design, and deployment of enterprise PKI systems Ensure PKI systems align to the Information Security policies, standards, and the industry best practices. Manage the configuration of PKI systems, test PKI systems and/or components to ensure readiness for production deployment. Create and maintain system documentation. Represent PKI Engineering on organizational project teams and ensure adherence to existing security policies and standards. Manage the successful technical delivery of Information Security projects and services for our customers by working directly with key business stakeholders, executives and project teams. Security engineers are the technical lead on initiatives and as such must drive the vision and alignment of the solution delivery. Develop and improve PKI/PKE best practices Keep up on current technologies and maintain awareness of industry trends and threats, focusing on PKI/PKE technologies. Desired Qualifications: Preferred Bachelor's or Master's Degree in Information Assurance, Computer Science, Cybersecurity, Information Systems or related field of study. 6+ years of experience in an engineering or relevant role. Able to exhibit a progression of increasingly complex job responsibilities including project management skills, engineering remediation techniques and planning Public Key Infrastructure Expertise in SSL certificate management concepts, processes, and solution management. Direct experience with Keyfactor Products a huge plus. Expertise with PKI implementation and certificate lifecycle management solution. Expertise with hardware security module (HSM) technology. Expertise in cloud solution development with Azure or AWS architectures as it related to PKI management. Required Technical Skills: Strong authentication / multi-factor authentication technologies Cryptographic services Data Protection Linux Windows Unix Web based systems DoD Security policy Automatic Certificate Management Environment (ACME) protocol Enabling Simple Certificate Enrollment Protocol (SCEP) mTLS with REST API and Apps Client/Devices/Server Certs Experience with at least one of the followings: MS Certificate Management Services and Active Directory Domain Services Entrust KeyFactor Venafi The Job Description is intended to be a general representation of the responsibilities and requirements of the job. However, the description may not be all-inclusive, and responsibilities and requirements are subject to change. Equal Employment Opportunity It is the policy of BID to provide equal employment opportunities to all employees and employment applicants without regard to unlawful considerations of race, religion, color, national origin, sex, sexual orientation, gender identity or expression, age, sensory, physical, or mental disability, marital status, veteran or military status, genetic information, or any other classification protected by applicable local, state, or federal laws. This policy applies to all aspects of employment, including, but not limited to, hiring, job assignment, compensation, promotion, benefits, training, discipline, and termination. Reasonable accommodation is available for qualified individuals with disabilities, upon request. Phishing Alert Please note that BID only contacts candidates through BID email address (ending with [Click Here to Email Your Resumé]).