Position: PKI Info Security Specialist

Locations: Plano, TX; Camus, WA; Palo Alto, CA; OR Tampa, FL

Duration: Direct Hire

Definitions:
PKI: Public Key Infrastructure

A set of tools and processes to manage cryptographic keys that encrypt any communication on web browsers (a.k.a. making sure data shared over the internet is secured).
Cryptography: Hides or codes information so that only the sender and intended recipient can view or decrypt its contents
Key Management Service (KMS): System for securely storing, managing, and backing up cryptographic keys (helps protect encrypted data for unauthorized use)
Certification Authority (CA): Unit that stores, signs, and issues digitally signed certificates.
Registration Authority (RA): Authority in a network that verifies the user’s requests for these digitally signed certificates. It allows companies to exchange info and money safely.
Hardware Security Module (HSM): Physical device that protects cryptographic keys. IT performs encryption and decryption functions for these digitally signed certificates.

Non-technical Overview of the Job:

• This candidate will be like a “guardian” of digital security for a company.
• Imagine you’re responsible for making sure that all the digital keys and certificates used for secure communication and data protection within the organization are working smoothly and safely.
• It’s like being a locksmith and security expert for the company’s digital communication world.
• You would oversee and manage systems that help ensure only authorized individuals can access sensitive information and that data is kept confidential and protected from cyber threats.
• Your job involves setting up, maintaining, and upgrading these security systems to keep up with the latest technologies and industry best practices.
• You’d also be a key advisor to the company’s leadership, providing guidance on how to best protect their digital assets. It’s a crucial role in today’s digital age, where cybersecurity is a top priority for organizations.

Title: Senior PKI Info Security Engineer
The Opportunity:

• As a PKI/KMS/HSM/Certificates Architect, Engineer, and Implementer you will be responsible for the administration, operation, upgrade, and support of Certification Authorities (CA), Registration Authorities (RA), online responders, Hardware Security Modules (HSM) of a Microsoft Windows-based enterprise Public Key Infrastructure (PKI). You will take an active leadership role in maintaining and communicating PKI/KMS industry changes, advising, and directing leadership to ensure that PKI requirements are addressed. You will ensure PKI systems align to the firm’s Information Security policies, standards, and the industry’s best practices. You will report to the Vice President, Infrastructure Security.

The Day-to-Day:

• Build mature enterprise-wide certificate management services and Public Key Infrastructure capabilities. Support the definition, design, and deployment of enterprise PKI system.
• Provide detailed specifications for PKI/KMS infrastructure.
• Provide roadmap guidance and recommendations to the existing environment and future landscape (including the assessment & discovery work)
• Maintain detailed procedures, policies, baselines, and work instructions for PKI & KMS administration, advise on improvements.
• An understanding of SSH, especially the configuration and use of SSH keys for authentication
• Experience with technologies that heavily use TLS/SSL encryption.
• Represent PKI Engineering on organizational project teams and ensure adherence to existing security policies and standards.
• Manage the successful technical delivery of Information Security projects and services for our customers by working directly with key business stakeholders, executives, and project teams.
• Keep up on current technologies and maintain awareness of industry trends and threats, focusing on PKI/PKE technologies.

Your Qualifications:

• 8+ years of advanced hands-on experience in deploying, configuring, and managing certificated lifecycle management (KMS), Public Key Infrastructure (PKI), Certification Authorities (CA), Hardware Security Modules (HSM), Registration Authorities (RA), Root CA, Azure Key Vault, Thales, Venafi, Keyfactor, and Entrust integration experience (PKI/HSM/KMS/CRL/CRT)
• Experience in Entrust, HashiCorp, Thales, DigCert, Venafi, Keyfactor
• Individuals in this role must be well versed and educated in common Information Security practices and the CISSP domains, and have general Information Technology experience
• You can use these experiences and education to identify opportunities for improvement of present information security environment, focusing on PKI, encryption, and certificate-based authentication solutions
• Expert level experience with PKI implementation and certificate lifecycle management solution
• Expert level experience with hardware security module (HSM) technology
• Expert level experience in MS Certificate Management Services and Active Directory Domain Services
• Expert level experience in SSL certificate management concepts, processes, and solution management
• Expert level experience in cloud solution development with Azure architectures as it related to PKI management
• Excellent knowledge in PKI / HSM ecosystem (technology, standards, implementations, & migration)
• Technical Skills:
  • Public Key Infrastructure
  • Strong authentication / multi-factor authentication technologies
  • Code-Signing
  • Cryptographic services
  • Encryption
  • Certificate Management
  • Data Protection
• Bachelor’s degree in Information Assurance, Computer Science, Cybersecurity, Information Systems or related field of study
• Security industry certification is required including but not limited to CISSP, SSCP, CISM, SANS GSEC, ECSA, ECSP, and Security+

Dexian is a leading provider of staffing, IT, and workforce solutions with over 12,000 employees and 70 locations worldwide. As one of the largest IT staffing companies and the 2nd largest minority-owned staffing company in the U.S., Dexian was formed in 2023 through the merger of DISYS and Signature Consultants. Combining the best elements of its core companies, Dexian’s platform connects talent, technology, and organizations to produce game-changing results that help everyone achieve their ambitions and goals.

Dexian’s brands include Dexian DISYS, Dexian Signature Consultants, Dexian Government Solutions, Dexian Talent Development and Dexian IT Solutions. Visit https://dexian.com/ to learn more.

Dexian is an Equal Opportunity Employer that recruits and hires qualified candidates without regard to race, religion, sex, sexual orientation, gender identity, age, national origin, ancestry, citizenship, disability, or veteran status.