Principal Engineer Public Key Infrastructure

When you join Verizon

You want more out of a career. A place to share your ideas freely even if theyre daring or different. Where the true you can learn grow and thrive. At Verizon we power and empower how people live work and play by connecting them to what brings them joy. We do what we love driving innovation creativity and impact in the world. Our V Team is a community of people who anticipate lead and believe that listening is where learning crisis and in celebration we come together lifting our communities and building trust in how we show up everywhere & always. Want in Join the #VTeamLife.

What youll be doing...

You will be a critical member of the Customer Router Security team specifically tasked with the strategic initiative to build and run our Public Key Infrastructure (PKI) infrastructure. This project is critical to fulfilling Verizons Network Security priorities and fundamentals at scale.

We are seeking a highly experienced and technically profound Principal Engineer specializing in Public Key Infrastructure (PKI) to join our security team. This role is crucial for designing building and maintaining the global PKI ecosystem that underpins our security cryptographic services and identity management across the entire enterprise. The ideal candidate will be a recognized subject matter expert capable of setting technical strategy mentoring junior engineers and driving the implementation of cutting-edge secure and highly available PKI solutions.

The Principal Engineer will bring hands-on experience in applying best practices managing stakeholder expectations collaboration of solution approaches and positioning implementations for ongoing success. He/She would also be comfortable pitching solutions and gaining the buy-in from the various teams including senior leaders.

Additionally this position will require a rich understanding of routing tunneling and DDoS mitigation. This position will be included in the on-call rotation.

Primary Responsibilities:

• Define the long-term technical vision and architectural roadmap for our global PKI environment including Certificate Authorities (CAs) Hardware Security Modules (HSMs) and certificate lifecycle management (CLM) platforms.

• Lead the design and implementation of next-generation cryptographic services focusing on automation scalability and compliance with industry standards (e.g. NIST CA/Browser Forum).

• Evaluate recommend and integrate new PKI-related technologies and services such as post-quantum cryptography readiness cloud PKI services and advanced HSM deployments.

• Serve as the highest escalation point for complex PKI certificate and cryptographic service issues providing expert troubleshooting and resolution.

• Lead the deployment configuration and maintenance of high-assurance CAs OCSP/CRL responders and HSM infrastructure across diverse environments (on-premises and cloud).

• Develop and maintain robust self-service automation tools (using scripting and orchestration platforms) to streamline certificate provisioning renewal and revocation enabling automation and orchestration.

• Ensure the operational health performance and compliance of all PKI systems through continuous monitoring auditing and patching.

• Provide technical leadership and mentorship to PKI and security engineering teams fostering a culture of excellence security-first design and continuous learning.

• Document technical standards procedures and architectural decisions clearly for both technical and non-technical audiences.

• Collaborate with audit compliance legal and other security teams to ensure PKI systems meet strict regulatory and internal policy requirements.

• Drive cross-functional initiatives to integrate PKI and cryptographic solutions to secure applications and manage certificate lifecycles.
  
  

  ***This role can be located in any US based Verizon hub location.***

Youll need to have:

• Bachelors degree or four or more years of work experience.

• Six or more years of relevant experience required demonstrated through one or a combination of work and/or military experience or specialized training.

• 8 years of progressive experience in Information Security with a minimum of 7 years focused specifically on designing managing and maintaining large-scale enterprise PKI and cryptographic systems.

• Deep hands-on experience with commercial and/or open-source CA platforms (e.g. Microsoft AD CS Entrust Venafi EJBCA Vault PKI).

• Expert-level knowledge of cryptographic primitives protocols (e.g. TLS/SSL S/MIME IPsec) certificate formats (X.509) and associated standards.

• Proven expertise in managing configuring and deploying Hardware Security Modules (HSMs) from major vendors (e.g. Thales nCipher Utimaco).

• Strong proficiency in automation and scripting (e.g. Python) and experience with infrastructure-as-code tools (e.g. Ansible).

Even better if you have one or more of the following:

• Masters degree in a relevant technical field.

• Demonstrated hands-on experience with Keyfactor

• Experience with PKI deployments in cloud environments (e.g. AWS ACM Azure Key Vault Google Cloud KMS).

• In-depth knowledge of CA operations key management best practices and compliance standards (e.g. WebTrust/ETSI CA/Browser Forum Baseline Requirements).

• Experience in mitigating advanced cryptographic threats and preparing for future challenges like post-quantum cryptography.

• Demonstrated ability to drive complex projects to completion and influence technical direction across multiple teams.

• Knowledge of Distributed Denial of Service Attacks

• Demonstrated strong written and communication skills.

• Experience in Google Suite.

• Knowledge of Network & Security protocols (ex: TCP/IP)

• Juniper routing Palo Alto Firewall and F5 Load Balancer knowledge

If Verizon and this role sound like a fit for you we encourage you to apply even if you dont meet every even better qualification listed above.

Scheduled Weekly Hours

Equal Employment Opportunity

Verizon is an equal opportunity employer. We evaluate qualified applicants without regard to veteran status disability or other legally protected characteristics.

Benefits and Compensation

Our benefits are designed to help you move forward in your career and in areas of your life outside of Verizon. From health and wellness benefit options including: medical dental vision short and long term disability basic life insurance supplemental life insurance AD&D insurance identity theft protection pet insurance and group home & auto insurance. We also offer a matched 401(k) savings plan up to 8 company paid holidays per year and up to 6 personal days per year paid parental leave adoption assistance and tuition assistance plus other incentives weve got you covered with our award-winning total rewards package. Depending on the role employees have the opportunity to receive compensation in the form of premium pay such as overtime shift differential holiday pay allowances etc. Newly hired employees receive up to 15 days of vacation per year which grows with additional service. For part-timers your coverage will vary as you may be eligible for some of these benefits depending on your individual circumstances.