PKI Sr. Security Engineer (Venafi,ADCS) onsite Bloomfield,CT

Blue Ribbon Global Technologies

Job Location:

Bloomfield, CT - USA

Monthly Salary: Not Disclosed

Posted on: 3 hours ago

Vacancies: 1 Vacancy

Job Summary

Location: Hybrid (Connecticut) Onsite Tuesday/Wednesday one additional day

Relocation: Open to candidates willing to relocate

Leads the Certificate Management team and is looking for a PKI Engineer with strong experience in Venafi TPP and ADCS (Active Directory Certificate Services).

This team is responsible for the administration of the PKI environment including both internal and external certificates. These certificates provide identification for devices (laptops tablets etc.) ensuring there are no rogue devices on the network and enabling secure encrypted data transmission.

Top Skills Required:

Venafi TPP (Trust Protection Platform) MUST HAVE
ADCS (Active Directory Certificate Services)
Proven experience troubleshooting configuring and upgrading Venafi TPP
Minimum 5 years of hands-on Venafi experience

Key Responsibilities:

Perform maintenance and upgrades for the certificate platform
Manage incident requests
Focus on engineering work (role is more engineering than operational)
Support consolidation of Venafi
Administer certificates and deploy Venafi components
(Plus) Ability to automate certificate processes using PowerShell or similar tools

Additional Details:

The team manages the overall certificate platform
This role is a backfill for a recently retired team member
Interview process: One panel interview (video)

PKI Sr. Security Engineer

POSITION SUMMARY

PKI Sr. Security Engineer with expertise in managing digital certificates. Prepares plans coordinates with others to execute and personally executes other periodic nightly change requests. During normal work hours and periodic 24x7 on-call rotations troubleshoots certificate related incidents on a variety of production systems to restore proper operation while meeting established service level agreements. Partners with requestors UNIX administrators network administrators application owners and external entities to implement certificate solutions that increase reliability and security for enterprise applications.

ESSENTIAL FUNCTIONS

Architect deploy and maintain Microsoft ADCS including configuration policy enforcement and integration with enterprise systems for secure identity and encryption services.

Expertise in Venafi for certificate lifecycle management and policy enforcement.

Administer Luna and nCipher Hardware Security Modules (HSMs).

Develop and enforce certificate policies standards and governance frameworks.

Collaborate with cybersecurity infrastructure and application teams to integrate PKI solutions across platforms.

Provides deep dive cert troubleshooting expertise on escalation calls and production support calls.

Ensure compliance with regulatory and organizational security requirements (e.g. FIPS NIST).

Participates in regular key production activities including annual CRL publishing and root key ceremonies.
Govern DigiCert and Sectigo external Certificate Authorities.
Assists with product roadmap.
Reports progress using data-driven metrics.

QUALIFICATIONS

Bachelors Degree or higher in Information Systems or related field.
2 years of hands-on experience with PKI such as familiarity with Venafi Microsofts ADCS Entrust DigiCert applications including running expiration reports.
4 years of Linux systems administration including package management
4 years of scripting experience such as Ansible bash PowerShell or Python is preferred.
Proficient in PKI technologies including code signing Certificate Revocation Lists (CRL) Certificate Enrollment Policy/Services (CEP/CES) and Network Device Enrollment Service (NDES).
Extensive knowledge of SSL/TLS public/private certificate signatures cryptographic algorithms certificate authorities and truststores.
Security related industry certification is a plus.
Working knowledge of TCP/IP networking/routing concepts and familiarity with firewalls hubs routers switches DNS gateways and F5 load balancers.
Proficiency in both UNIX and Windows systems with ability to navigate search determine ownership execute certificate related commands etc.

Familiarity with general tools such as Java Keytool Keystore Explorer OpenSSL and Putty.

Experience configuring and troubleshooting web application and middleware technologies is a plus.

Strong organizational skills. Ability to prioritize plan and perform multiple tasks simultaneously including tracking the status of multiple certificates without losing focus.

Able to self-start and work independently in a self-directed manner in complex dynamic large scale multi-platform distributed middleware environments with minimal direction.

Advanced detail-oriented problem-solving skills and the ability to build relationships and work collaboratively with other departments to resolve complex issues with innovative solutions.
Demonstrated ability to quickly learn and communicate concepts and ideas effectively both verbally and in writing across all levels of the organization
Possesses strong customer service focus with a willingness to accommodate deadlines including implementing after-hour change requests on a rotational basis.
Familiarity with healthcare or PBM industry is helpful.

Required Skills :

Basic Qualification :

Additional Skills :

Background Check : No

Drug Screen : No

Location: Hybrid (Connecticut) Onsite Tuesday/Wednesday one additional dayRelocation: Open to candidates willing to relocateLeads the Certificate Management team and is looking for a PKI Engineer with strong experience in Venafi TPP and ADCS (Active Directory Certificate Services).This team is ...