PKI Developer at SMART TECH SKILLS LLC

, , United States -

Full Time

Start Date

Immediate

Expiry Date

09 Aug, 26

Salary

0.0

Posted On

11 May, 26

Experience

10 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

PKI Architecture, Certificate Lifecycle Management, Python, Go, Java, X.509, SCEP, EST, ACME, CMP, HSM Integration, Linux, Git, AWS, CI/CD, DevOps

Industry

IT Services and IT Consulting

Description

Benefits: Competitive salary Location Remote Experience Level Senior Level (8 or more years of relevant engineering experience) Role Overview The Lead or Senior Software Engineer – Public Key Infrastructure is responsible for designing, developing, automating, and supporting enterprise-grade PKI and certificate lifecycle management services. This role emphasizes deep understanding of PKI internals rather than tool administration and requires strong software engineering capability. The position works closely with security, infrastructure, and application teams and interacts directly with enterprise clients, requiring clear communication, technical depth, and a strong professional presence. Key Responsibilities PKI Architecture & Engineering Design, implement, and enhance enterprise PKI infrastructure including certificate authorities, registration authorities, OCSP responders, and CRL distribution Contribute to PKI architecture decisions supporting scalable, highly available identity and trust services Define technical roadmaps for certificate lifecycle automation, key management, and high-assurance identity use cases Certificate Lifecycle Automation Develop and maintain automated certificate provisioning, renewal, revocation, monitoring, and audit logging Support certificate enrollment protocols including SCEP, EST, ACME, and CMP Enable certificate-based authentication for enterprise platforms, services, workloads, and devices Software Development & Automation Build and maintain software services and automation supporting PKI operations Develop APIs, workflows, and tooling to integrate PKI services into enterprise systems Apply DevOps practices including CI/CD, monitoring, and operational ownership of production systems Security Integration & Incident Support Collaborate with security architects and infrastructure teams to align PKI solutions with policy and compliance requirements Participate in incident response and troubleshooting related to certificate validation, trust failures, and service outages Support secure key management practices including HSM integration and secure enclaves Documentation, Leadership & Collaboration Develop and maintain technical documentation, operational runbooks, and PKI standards Provide technical leadership, code reviews, and mentorship to engineering peers Communicate complex PKI concepts clearly to technical and non-technical stakeholders, including enterprise clients Required Qualifications Bachelor’s degree in Computer Science, Engineering, Cybersecurity, or equivalent professional experience 5 or more years of hands-on experience designing and operating PKI systems using EJBCA or comparable CA and RA platforms 8 or more years of experience with programming or scripting languages such as Python, Go, or Java Deep understanding of PKI internals including X.509 certificates, trust chains, CRLs, OCSP, certificate templates, and key usage extensions Experience with certificate enrollment protocols such as SCEP, EST, ACME, or CMP Experience designing or implementing certificate lifecycle automation and CLM workflows Familiarity with HSM integration, key escrow, and secure key storage practices Strong Linux experience and proficiency with version control systems such as Git Experience integrating PKI services within cloud environments such as AWS Solid understanding of DevOps practices, CI/CD pipelines, monitoring, and production system ownership Strong communication skills and ability to work directly with enterprise clients Preferred Qualifications Experience with hardware-backed security mechanisms including TPMs, HSMs, or secure enclaves Experience implementing PKI in Kubernetes, service mesh, or workload identity environments Exposure to device attestation, platform security, or secure boot technologies Familiarity with security and compliance frameworks such as NIST, ISO, or SOC 2 Awareness of common security vulnerabilities and secure design principles General understanding of identity, Zero Trust, multi-factor authentication, and secrets management Core Skills & Attributes Deep technical understanding of PKI internals beyond tool administration Strong software engineering mindset with an automation-first approach Ability to design scalable, fault-tolerant security services Clear, confident communicator with strong client-facing presence Collaborative approach across security, infrastructure, and application teams Ownership mentality for production systems and long-term maintainability This is a remote position.

Responsibilities

Design, develop, and automate enterprise-grade PKI and certificate lifecycle management services. Collaborate with security and infrastructure teams to implement scalable identity and trust services and provide technical leadership.