PKI Engineer - Foster City, United States - Bee Talent Solutions

Description

The role will include innovating ways to deploy certificates for multiple use cases, and improve the security posture surrounding machine identities across our hybrid environment. You will be working with multiple teams to gather internal requirements and develop solutions to simplify processes for machine-to-machine authentication, and help with operational maintenance of our HSM and Certificate Authority services.

Qualifications

• A deep understanding of digital certificate lifecycle management functions and broad experience with different certificate types and uses
• Deep knowledge with integrating workflows with Hashicorp Vault
• Experienced with Microsoft PKI, PrimeKey PKI, AWS Private CA
• 4+ years of Experience in performing Certificate Authority maintenance tasks such as certificate renewals and template generation.
• Experience with Hardware Security Module (HSM) configuration and operation Desirables
• Infrastructure as Code (IaC) experience - Terraform, Bamboo, Salt
• Experienced in Golang
• Experienced with Docker, containerization, microservices, ECS, Kubernetes, CloudHSM
• Experience with Clearpass

Responsibilities

• Work with Developers and Engineers to improve security with X.509 certificates and SSH certificates and resolve vulnerabilities in existing code while prioritizing stability, security, and simplicity
• Communicate and collaborate with other teams, both technical and non-technical
• Continuously review and evaluate the security settings/configuration of our PKI infrastructure, apply possible enhancements, and propose appropriate security tools
• Define, design, and develop pipelines to improve PKI procedures through automation
• Propose and implement solutions to unify security policies on-prem and across hybrid Cloud environments
• Build scalable cryptographic systems that support NIST, FIPS, SOX, and HIPAA compliance requirements for X.509 and key management services