Security Engineer - PKI

Location: Raleigh, NC, United States
Date Posted: 11-01-2017
Security Engineer position within its Certificate Authority & Key Management Operations Team to work jointly with systems support personnel, CISO and IT teams and integrated technologies to manage enterprise digital certificates for our client and ensure a secure computing environment.

Job Responsibilities
  • Ensure timely delivery of digital certificates used for securing and encrypting communications data in transit for users, systems and applications.
  • Play an integral role in administering a large scale enterprise and publicly trusted PKI services for one of the largest networks in the United States.
  • Serve as a key administrator/custodian in orchestrated processes designed to ensure the confidentiality and integrity of sensitive data.
  • Process digital certificate requests utilizing ServiceNow integrated with Venafi CMS software solutions. This includes delivering digital certificates from internal and external Certificate Authorities.
  • Issue X.509 digital certificates in accordance with client policies.
  • Perform the duties of Registration Authority by validating certificate requests.
  • Assist users with all things needed for certificate signing process. Communicate and converse with all levels of the customer and management base to explain how things work and why.
  • Responsible for maintaining and generating reporting, analytics, and dashboards for enterprise certificate management.
  • Work with vendors to continuously improve technological features and capabilities, operational management and troubleshooting capabilities, end user interfaces and security and performance reporting.
  • Support additional requests such as enhancing PKI courses for enterprise-wide learning and maintaining a Certificate Authority Operations webpage.
  • Responsible for keeping all procedural documentation and operating procedures up to date, adapting operating procedures to support selected solutions and services. Maintain procedural and work flow documentation governing the management and security of hardware and software using cryptographic keys, including policies and standards, configuration scripts, systems diagrams, inventories, desktop procedures, troubleshooting and end user guidance.
  • Work may also include overseeing and administering the asymmetric key life cycle, Public Key Infrastructure (PKI) and certificate management solutions, including application, system and hardware configurations, patching, archiving, backups and recovery testing, evaluating system upgrades and enhancements, writing memos for internal communications and consistently working with vendors to ensure systems achieve optimal uptime and performance objectives.
  • Work may include consulting with business, project and technical teams on requirements for employing cryptographic capabilities and leveraging encryption services, evaluating security controls around new and existing implementations.
  • Work may include evaluating new technologies and product capabilities.
Job Requirements
  • Must have at minimum 2-3 years of relevant work experience.
  • The position requires U.S. Person status or a Non-U.S. Person be eligible to obtain Authorization.
  • Working knowledge on end-to-end management of certificate authorities, keystores, keyrings, hardware security modules (HSM)/encryption devices.
  • Experience establishing and maintaining multi-level Certificate Policy and Certificate Practice Statements.
  • Knowledge of cryptographic related standards and payment network compliance requirements, security concepts, encryption keys, key life cycle requirements and symmetric and asymmetric encryption methodologies and algorithms applicable to the financial payment and services industry.
  • Capable of making technical recommendations which are consistent with standards and regulations applicable to the financial services industry, minimize operational and business risk, and provide business value

Required Education (including Major): Bachelor’s Degree in related field.

Desired Education (including Major): Bachelor’s of Science in related field.

Required Certifications (one or more of): CompTIA Security +, CompTIA Net+, CompTIA A+, CPTE - Certified Penetration Testing Engineer, CEH - Certified Ethical Hacker, IBM DB2, Oracle and MS SQL Server, Java, JavaScript, SQL, Linux, Windows, SSL and HTML/CSS, Certified Information System Security Professional (CISSP)

Human Capital Specialists

Please contact our Team with any questions:

Phone: 240-505-0228

this job portal is powered by CATS