PKI Engineer

Munich, Germany

TASKS:

  • PKI Design and Implementation: Design, deploy, and maintain PKI infrastructure, including Certificate Authorities (CAs), registration authorities, and certificate revocation lists (CRLs)
  • Certificate Lifecycle Management: Manage the entire certificate lifecycle, including issuance, renewal, and revocation. Monitor certificate expirations and ensure timely renewals
  • Security Policy: Develop and enforce PKI security policies and standards to maintain the confidentiality and integrity of cryptographic keys and digital certificates
  • Key Management: Implement key management best practices, including secure key generation, storage, and distribution
  • Troubleshooting: Investigate and resolve PKI-related issues and incidents promptly
  • Documentation: Maintain accurate documentation of PKI configurations, policies, and procedures
  • Compliance: Ensure compliance with industry standards and regulations related to PKI, such as X.509 and NIST guidelines
  • Collaboration: Collaborate with cross-functional teams, including cybersecurity, network, and application teams, to integrate PKI solutions into various systems and applications
  • Monitoring and Alerting: Implement monitoring and alerting mechanisms to proactively detect and respond to PKI-related issues
  • Vendor Management: Manage relationships with PKI technology vendors and stay informed about updates and new features

QUALIFICATIONS:

  • Bachelor’s degree in Computer Science, Information Security, or a related field (or equivalent experience).
  • Proven experience in designing, implementing, and managing PKI infrastructure in a large enterprise environment.
  • Strong understanding of cryptographic concepts and PKI protocols (e.g., SSL/TLS, X.509).
  • Knowledge of certificate management tools and standards (e.g., OpenSSL, Microsoft Certificate Services).
  • Familiarity with HSM (Hardware Security Module) technologies and their integration.
  • Experience with certificate revocation mechanisms (e.g., CRL, OCSP).
  • Knowledge of security best practices and compliance standards (e.g., FIPS 140-2, GDPR, HIPAA).
  • Excellent problem-solving and analytical skills.
  • Effective communication and collaboration skills.
  • Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Information Systems Auditor (CISA) are a plus.

Apply for this role: