PKI Architect

Please Note: These are 100% REMOTE, project-based Consulting opportunities that range from 5-15 hours a week per project, depending on the need.

Infinite Ranges stands on the cutting edge of deploying, implementing, and custom consulting for tailored application modernization and DevSecOps solutions. While we build DevSecOps, Platform Engineering, and App Modernization solutions, we also offer highly skilled Surge resourcing services for professional service firms, ISVs, resellers, and industry-leading OEMs such as VMWare and AWS, ensuring excellence and expert guidance at every step

In under 48 months, we’ve grown to 60+ OEM partners, a staff of over 50, and hundreds of engagements, delivering both people and professional services at-scale

About The Role

Are you passionate about cryptography and digital security? We are seeking PKI (Public Key Infrastructure) Architects & Engineers proficient in strategy, design, and implementation to steer our organization towards unparalleled security. Join us to redefine excellence in secure communications.

What You Will Be Doing 2. PKI Implementation: 3. Certificate Management: 4. Security and Risk Management: 5. Collaboration and Documentation: What We Want To See: Technologies used in this role: Bonus Points for:

• PKI Strategy and Design:
• Develop a holistic PKI strategy aligned with organizational security objectives.
• Design end-to-end PKI architecture encompassing root and intermediate certificate authorities, end-entity lifecycle management, and policy frameworks.
• Take the lead in deploying PKI infrastructure that’s both scalable and seamlessly integrated with existing systems.
• Configure and manage certificate authorities to establish trust within and outside the organization.
• Formulate and implement procedures for certificate issuance, renewal, and revocation.
• Use automation tools for certificate lifecycle management and to ensure compliance with best practices.
• Regularly conduct security assessments of the PKI setup and contribute to incident response plans.
• Stay abreast of industry trends, threats, and best practices in PKI and cryptography.
• Collaborate with network, security, and DevOps teams for a seamless and secure integration of PKI elements.
• Maintain comprehensive and up-to-date technical documentation for PKI configurations, procedures, and policies.
• Demonstrable expertise in cryptography, certificate management, and networking protocols.
• Hands-on experience with PKI technologies and standards such as X.509, OCSP, and CRL.
• Strong scripting skills, preferably in Python or Shell, for automation.
• Knowledge of IT and Cybersecurity frameworks, such as NIST, FIPS, CSF, CIS, ISO 27001/2.
• Working knowledge of Cloud provider security architecture design patterns, and key control methods - Bring your own key, Hold your own key, partitioned HSMs.
• Experience with OWASP Web/API vulnerabilities and compensating controls (CSRF, XSS, SQLI, etc.)
• Sectigo
• Keyfactor
• AppviewX
• Microsoft PKI infrastructure
• Thales HSMs (Luna, et al)
• OCSP
  
  

Certifications like Certified Information Systems Security Professional (CISSP)

Certified Information Security Manager (CISM)

Microsoft Certificate Authority

Certificate management platform experience

Hardware Security Module (HSM)