Contribute to the Design, implementation, development, deployment, configuration, and enhancement of EJBCA-based PKI infrastructure, including CA hierarchies, RA functions, OCSP responders, and CRL distribution.
Define the technical roadmap for certificate lifecycle automation, secure key management, and high-assurance identity use cases.
Develop and maintain certificate lifecycle automation, including provisioning, renewal, revocation, monitoring, and audit logging.
Support internal stakeholders with certificate enrollment workflows (SCEP, EST, ACME, CMP) and usage patterns.
Help integrate certificate-based authentication into enterprise platforms, services, and workloads.
Support certificate lifecycle management processes for internal clients, applications, and devices.
Collaborate with security architects, infrastructure, and application teams to align PKI solutions with organizational policies and compliance requirements.
Participate in incident response and troubleshooting for PKI-related issues such as certificate validation failures or service outages.
Develop & contribute to documentation, operational runbooks, and standards for PKI operations.

Requirements

5+ years of hands-on experience in PKI systems, including EJBCA or similar CA/RA platforms.
8+ years of experience with scripting or programming languages (e.g., Python, Golang, Java)
Strong understanding of X.509 certificates, CRLs, OCSP, certificate templates, trust chains and key usage extensions.
Experience with enrollment protocols such as SCEP, EST, ACME, or CMP.
Familiarity with certificate lifecycle automation, workflows or CLM platforms and APIs
Familiarity with HSM integration, key escrow, and secure enclaves.
Understanding of PKI use cases for TLS/mTLS, device identity, Wi-Fi/EAP, VPN, code signing, workload identity, etc.
Proficiency with Linux environments and version control systems (e.g., Git).
Familiarity with cloud environments (AWS) and how PKI integrates with cloud services.
Solid understanding of DevOps practices, CI/CD, monitoring, and ownership of production systems.
Bachelor’s degree in Computer Science, Engineering, Cybersecurity, or equivalent experience.

Benefits

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

PKI systemsEJBCAPythonGolangJavaX.509 certificatesSCEPESTACMECMP

Certifications

Bachelor’s degree in Computer ScienceBachelor’s degree in EngineeringBachelor’s degree in Cybersecurity