Hewlett Packard Enterprise · 1 month ago
IAM Senior Engineer Public Key Infrastructure (PKI)
Houston, Texas, United States of America
Full-time
Hybrid
Senior Level, Lead/Staff
$106K/yr - $243K/yr
10+ years expHewlett Packard Enterprise is a global edge-to-cloud company advancing the way people live and work. They are seeking a highly skilled Senior PKI Engineer to join their Cybersecurity team, responsible for the design, implementation, and operational excellence of enterprise-wide PKI and cryptographic services.
Data CenterEnterprise SoftwareInformation TechnologyIT ManagementNetwork Security
Responsibilities
Design, deploy, and maintain enterprise PKI architectures supporting both on-premises and cloud environments (ADCS, AIA/CRL, OCSP, HSM, Root/Issuing CAs)
Implement certificate lifecycle automation and governance for servers, endpoints, IoT, and application workloads
Lead modernization of PKI services to support phishing-resistant authentication (FIDO2, smartcards, device certificates, mutual TLS, etc.)
Integrate PKI with IAM solutions such as Entra ID, Okta, CyberArk, and HashiCorp Vault for secure credential and key management
Manage and maintain Hardware Security Modules (HSMs) and key escrow solutions for signing and encryption workloads
Support code signing, device identity, and TLS/SSL certificate issuance in alignment with enterprise standards
Define and enforce policies, procedures, and security controls for key and certificate usage, issuance, and renewal
Collaborate with security operations and compliance teams to ensure audit readiness, incident response, and certificate-related risk mitigation
Provide technical leadership, mentoring, and SME support to IAM and platform engineering teams
Qualification
Required
Bachelor's degree in Computer Science, Engineering, or related field (or equivalent experience)
10+ years in IT or Cybersecurity, with 8+ years focused on PKI, cryptography, or identity security engineering
Proven hands-on experience with Microsoft Active Directory Certificate Services (ADCS) and enterprise PKI management
Strong understanding of X.509, TLS/SSL, OCSP, CRL, HSM, and certificate policy frameworks
Experience with DigiCert ONE, or similar certificate lifecycle automation tools like Venafi, AppViewX
Understanding of hardware root of trust, secure boot, and device identity models
Experience automating certificate issuance and renewal using PowerShell, Python, or API-based workflows
Familiarity with cloud-native certificate services (AWS PCA, Azure Key Vault, Google CA Service) and FIDO2/WebAuthn implementations
Knowledge of integrating PKI with Identity and Access Management (IAM), Privileged Access Management (PAM), and Secrets Management platforms
Solid understanding of Zero Trust principles, encryption standards, and cryptographic lifecycle management
Exposure to DevSecOps pipelines and CI/CD integration for code signing
Certifications such as CISSP, CCSP, Microsoft Cybersecurity Architect, or GIAC GCLD/GMOB/GCWN
Benefits
Health & Wellbeing
Personal & Professional Development
Unconditional Inclusion
Company
Hewlett Packard Enterprise
Hewlett Packard Enterprise is an edge-to-cloud company that uses comprehensive solutions to accelerate business outcomes.
10001+ employees
H1B Sponsorship
Hewlett Packard Enterprise has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (532)
2024 (585)
2023 (591)
2022 (523)
2021 (551)
2020 (398)
Funding
Current Stage
Public CompanyTotal Funding
$2.85BKey Investors
Elliott Management Corp.
2025-04-15Post Ipo Equity· $1.5B
2024-09-10Post Ipo Equity· $1.35B
2015-11-02IPO
Leadership Team
Fidelma Russo
EVP & GM, Hybrid Cloud and Chief Technology Officer
Marie Myers
Chief Financial Officer
Recent News
The Register
2026-01-06
Company data provided by crunchbase