Salesforce

Senior Software Engineer, Public Key Infrastructure – PKI

Salesforce

full-time

Posted on:

Location Type: Hybrid

Location: San FranciscoCaliforniaWashingtonUnited States

Visit company website

Explore more

AI Apply
Apply

Salary

💰 $162,800 - $223,900 per year

Job Level

Senior

Tech Stack

AWSCloudGoJavaLinuxPython

About the role

  • Contribute to the implementation, development, deployment, configuration, and enhancement of EJBCA-based PKI infrastructure, including CA hierarchies, RA functions, OCSP responders, and CRL distribution
  • Develop and maintain certificate lifecycle automation, including provisioning, renewal, revocation, monitoring, and audit logging
  • Support internal stakeholders with certificate enrollment workflows (SCEP, EST, ACME, CMP) and usage patterns
  • Help integrate certificate-based authentication into enterprise platforms, services, and workloads
  • Support certificate lifecycle management processes for internal clients, applications, and devices
  • Collaborate with security architects, infrastructure, and application teams to align PKI solutions with organizational policies and compliance requirements
  • Participate in incident response and troubleshooting for PKI-related issues such as certificate validation failures or service outages
  • Contribute to documentation, operational runbooks, and standards for PKI operations

Requirements

  • 5+ years of hands-on experience in PKI systems, including EJBCA or similar CA/RA platforms
  • Strong understanding of X.509 certificates, CRLs, OCSP, certificate templates, trust chains and key usage extensions
  • Experience with enrollment protocols such as SCEP, EST, ACME, or CMP
  • Familiarity with certificate lifecycle automation, workflows or CLM platforms and APIs
  • Experience with scripting or programming languages (e.g., Python, Golang, Java)
  • Familiarity with HSM integration, key escrow, and secure enclaves
  • Understanding of PKI use cases for TLS/mTLS, device identity, Wi-Fi/EAP, VPN, code signing, workload identity, etc.
  • Proficiency with Linux environments and version control systems (e.g., Git)
  • Familiarity with cloud environments (AWS) and how PKI integrates with cloud services
  • Solid understanding of DevOps practices, CI/CD, monitoring, and ownership of production systems
Benefits
  • time off programs
  • medical
  • dental
  • vision
  • mental health support
  • paid parental leave
  • life and disability insurance
  • 401(k)
  • employee stock purchasing program

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
PKI systemsEJBCAX.509 certificatesCRLsOCSPSCEPESTACMECMPPython