PKI Compliance and Automation Engineer
Share
Job Location:
Monthly Salary:
Posted on:
19 hours ago
Vacancies:
1 Vacancy
Job Summary
Who we are
DigiCert is a global leader in intelligent trust helping organizations protect the digital interactions people rely on every day. From websites and cloud services to connected devices and critical systems we make sure digital experiences are secure private and authentic.
Our AI-powered DigiCert ONE platform brings together certificates DNS and lifecycle management to help organizations stay ahead of risk as technology and threats evolve. Trusted by more than 100000 organizationsincluding 90% of the Fortune 500DigiCert helps businesses operate with confidence today while preparing for whats next including a quantum-safe future.
Job summary
Join our Certificate Authority Industry Standards team to learn and grow while contributing to compliance automation. Youll assist in reading code for issuance microservices and certificate lifecycle pipelines. Youll work closely with Product and Engineering teams to translate CA/Browser Forum requirements Root Program policies and CP/CPS controls into policy-as-code guardrails pre-issuance validators and automated evidence that make non-compliance impossible to ship. This role offers hands-on experience in PKI compliance engineering.
What you will do
- Code & Config Compliance Reviews (PKI-specific): Validate code against CA/B Forum BRs EV Guidelines S/MIME BRs Root Program policies RFC 5280 and CP/CPS.
- Support development of policy-as-code rules under guidance from senior engineers.
- Help integrate compliance checks into CI/CD pipelines.
- Participate in building automated evidence collection for audits.
- Implement validators and monitors for certificate lifecycle operations to ensure continuous compliance.
- Collaborate with team to improve developer experience and reduce false positives.
What you will have
- Bachelors degree in Computer Science Software Engineering Information Security or equivalent practical experience.
- 2 years of experience in software development security or compliance engineering.
- Ability to read and understand code (Python Go Java or similar languages).
- Familiarity with PKI concepts (certificate lifecycle Domain Control Verification methods) and eagerness to learn CA/Browser Forum standards.
- Exposure to CI/CD pipelines and willingness to learn compliance automation tools.
- Curiosity and willingness to learn PKI compliance engineering.
- Standards Translation: Turn industry policies into precise policy-as-code.
- Technical Analysis: Parse complex issuance code paths DCV implementations and profile renderers.
- Basic understanding of security principles and automation mindset to build reliable shift-left guardrails that block non-compliance pre-merge and pre-issuance.
- Attention to detail when reviewing code and configurations.
- Strong communication skills and ability to work in a team environment.
Nice to have
- Some experience with PKI tools such as zlint/cablint OpenSSL/CFSSL ASN.1 tooling RFC 5280 path validation test suites.
- Hands-on experience is a plus but not requiredmentorship will be provided.
- Kubernetes/cloud experience (OPA Gatekeeper/Kyverno AWS/Azure/GCP).
- HSM operations (PKCS#11) FIPS 140-2/140-3 familiarity.
Benefits
- Generous time off policies
- Top shelf benefits
- Education wellness and lifestyle support
#LI-KK1
Required Experience:
IC
Key Skills
- Continuous Integration
- APIs
- Automotive software
- Test Cases
- Electrical Engineering
- Junit
- Distributed Control Systems
- Testng
- Java
- Test Automation
- Programmable Logic Controllers
- Selenium
About Company
DigiCert is the leading TLS/SSL Certificate Authority specializing in digital trust for the real world through PKI, IoT, DNS, Document & Software security solutions.
