Plus
Включить Plus
Назад

Эта вакансия в архиве

Посмотреть похожие вакансии ↓
Company hidden
обновлено 2 месяца назад

Sr. Software Engineer, Public Key Infrastructure (Pki) (Cybersecurity)

Формат работы
onsite
Тип работы
fulltime
Грейд
senior
Английский
b2
Страна
US

Описание вакансии

Текст:
/

TL;DR

Sr. Software Engineer (PKI): Contributing to the development, automation, and support of PKI and certificate lifecycle management capabilities across the enterprise environment with an accent on secure authentication, encryption, and digital trust within our systems. Focus on collaborating with security architects, infrastructure, and application teams to align PKI solutions with organizational policies and compliance requirements.

Location: California - San Francisco or Washington - Bellevue

Company

The Enterprise Security Technology team builds and operates highly scalable, fault-tolerant, distributed systems to deliver cloud-scale security software across multiple public cloud platforms and hirify.global’s internal infrastructure.

What you will do

  • Contribute to the implementation, development, deployment, configuration, and enhancement of EJBCA-based PKI infrastructure, including CA hierarchies, RA functions, OCSP responders, and CRL distribution.
  • Develop and maintain certificate lifecycle automation, including provisioning, renewal, revocation, monitoring, and audit logging.
  • Support internal stakeholders with certificate enrollment workflows (SCEP, EST, ACME, CMP) and usage patterns.
  • Help integrate certificate-based authentication into enterprise platforms, services, and workloads.
  • Collaborate with security architects, infrastructure, and application teams to align PKI solutions with organizational policies and compliance requirements.
  • Contribute to documentation, operational runbooks, and standards for PKI operations.

Requirements

  • 5+ years of hands-on experience in PKI systems, including EJBCA or similar CA/RA platforms.
  • Strong understanding of X.509 certificates, CRLs, OCSP, certificate templates, trust chains and key usage extensions.
  • Experience with enrollment protocols such as SCEP, EST, ACME, or CMP.
  • Experience with scripting or programming languages (e.g., Python, Golang, Java)
  • Familiarity with cloud environments (AWS) and how PKI integrates with cloud services.
  • Solid understanding of DevOps practices, CI/CD, monitoring, and ownership of production systems.

Nice to have

  • Experience with hardware-backed security mechanisms such as TPM, HSM, or secure enclaves.
  • Experience with PKI in Kubernetes or service mesh environments (e.g., Istio, SPIRE, cert-manager).
  • Familiarity with relevant security frameworks or compliance standards (e.g., NIST, ISO, SOC 2).