Senior PKI Engineer

We are looking for a Senior PKI Engineer to join a leading cybersecurity team. In this role, you will design, deploy, and maintain PKI infrastructures, including Root and Sub Certificate Authorities (CAs), HSMs, OCSP, and CRL services. You will manage the full lifecycle of certificates, from generation and storage to rotation, revocation, and auditing, ensuring robust security practices.

Key responsibilities include defining and maintaining certificate policies (CP/CPS), securing certification chains, automating processes through scripting (PowerShell, Python), and implementing CI/CD pipelines to optimize operations. You will ensure compliance with eIDAS, ETSI standards, and X.509, and support trust services across both On-Premise and cloud environments.

The ideal candidate has 5-7 years of experience in PKI or Trust Services, strong knowledge of cryptographic algorithms (RSA, ECC, SHA, KDF), and hands-on experience with PKI protocols such as OCSP, SCEP, CMP, and TLS. Experience with ADCS or open-source/commercial PKI solutions is essential. Candidates should have strong problem-solving skills, the ability to work in complex infrastructures, and the capacity to define policies, ensure compliance, and contribute to security architecture.

This role offers the opportunity to work on critical security projects, influence cybersecurity strategy, and participate in the evolution of trust and identity management within a high-profile organization.