Title: PKI Engineer
Location: Manhattan, NY
Compensation: $185,000 - $300,000
Glocomms are partnered with a leading financial services firm in the search for a PKI Engineer to join the Information Security team based in Manhattan. The role will focus on ensure continuous development, implementation, and management of the firms program which protects the confidentiality, integrity, and availability of information assets/data.
Key responsibilities:
- Create, design, and implement a hybrid environment (CLM) system that works with cloud, SaaS, and on-premise Microsoft Certificate Authority applications.
- Create, design, and implement an on-premise HSM system (SafeNet LUNA, Thales, or comparable options) to safeguard the company's cryptography keys on servers and apps.
- Encourage expansion of PKI across the wider business.
- Offer continuous application teams integration support and assistance with cryptography.
- Provide operational support and assistance with infrastructure implementation for Bring your own key and Enterprise Key Management (BYOK/EKM) systems on-site, together with Cloud HSM, Azure KeyVault, and Amazon Web Services (AWS)
- Partner with stakeholders and outside vendors to design, develop, implement, and support best-in-class solutions.
- Conduct continuous evaluations and remediation of the current PKI infrastructure.
- Work closely with the Windows, Unix, Application Engineering, and Operations teams to support and integrate security into every level of the firms environment.
- Troubleshoot escalated issues, offer technical training, and assist with all PKI/Certificate related issues.
- Enable autorenewal automation with both private and public certificates on web and internal facing applications; and contribute to the improvement of network/system security engineering and maintenance practices.
Experience:
- Bachelor's degree in Information Security, Computer Science, or related field.
- 5+ years of experience as a PKI Engineer or Architect.
- Experience with architectural design and implementation.
- Strong experience deploying, managing, and administrating certificate lifecycle management tools such as Venafi, AppViewX, or Keyfactor.
- Hands-on experience managing solutions such as HashiCorp or CyberArk.
- Excellent communication skills and ethical standards.