RiseMe
LoginSign Up
FUSTIS LLC logo
FUSTIS LLC Verified
Consulting / General Services

Senior PKI Security Engineer

Bloomfield, Connecticut, United StatesHybridFull TimeSeniorPosted 2 months ago

Is this role right for you?

Upload your resume and get a skill-by-skill breakdown — see exactly where you match, where you're close, and what to highlight. Not a mystery percentage.

Get a tailored resume highlighting what this role needs.

Role summary

We are seeking a Senior PKI Security Engineer to support and enhance enterprise Public Key Infrastructure (PKI) environments. This role is critical for ensuring secure communication, certificate lifecycle management, and maintaining the integrity of enterprise security systems. The ideal candidate will possess deep expertise in PKI technologies, SSL/TLS protocols, and large-scale production support environments, along with strong automation and troubleshooting skills. Key responsibilities include managing PKI infrastructure (Microsoft ADCS, Venafi), administering HSMs, overseeing certificate lifecycle, integrating with public CAs (DigiCert, Sectigo), automating operations with Python/PowerShell/Ansible, and troubleshooting complex issues.

Senior PKI Security Engineer

USC, GC, GC-EAD and H4-EAD

Bloomfield, CT - Hybrid

12 Months

Job Description:

Position Overview

We are seeking a highly skilled Senior PKI Security Engineer to support and enhance enterprise Public Key Infrastructure (PKI) environments. This role is critical in ensuring secure communication, certificate lifecycle management, and maintaining the integrity of enterprise security systems.

The ideal candidate will bring deep expertise in PKI technologies, SSL/TLS protocols, and large-scale production support environments, along with strong automation and troubleshooting skills.

Key Responsibilities

  • Manage and maintain enterprise PKI infrastructure including Microsoft ADCS and Venafi
  • Administer and support Hardware Security Modules (HSMs) such as Luna and nCipher
  • Oversee certificate lifecycle management including issuance, renewal, revocation, and validation
  • Govern and integrate public certificate authorities such as DigiCert and Sectigo
  • Perform CRL publishing and OCSP management to ensure certificate validity
  • Automate PKI operations using Python, PowerShell, and Ansible
  • Troubleshoot complex SSL/TLS and certificate-related issues in production environments
  • Maintain and manage trust stores, keystores, and OpenSSL configurations
  • Collaborate with cross-functional teams to implement secure solutions and resolve incidents
  • Provide production support and participate in on-call rotations as needed

Required Qualifications

  • 2+ years of hands-on experience with PKI technologies (ADCS, Venafi)
  • 4+ years of Linux system administration experience
  • Strong understanding of SSL/TLS protocols, certificates, and encryption standards
  • Experience with OpenSSL, keystores, and truststores
  • Hands-on experience with certificate lifecycle management
  • Proven ability to troubleshoot issues in large-scale, enterprise environments

Preferred Qualifications

  • Experience with HSMs (Luna, nCipher)
  • Familiarity with DigiCert, Sectigo, or other public CAs
  • Scripting and automation experience using Python, PowerShell, or Ansible
  • Knowledge of network security and authentication mechanisms
  • Strong communication and problem-solving skills
Ready to apply?
You'll be redirected to FUSTIS LLC's application page.

Similar roles