Principal PKI Engineer jobs in United States
cer-icon
Apply on Employer Site
company-logo

IdenTrust, Inc. · 1 day ago

Principal PKI Engineer

positionSalt Lake City, UT
timeFull-time
remoteOnsite
seniorityLead/Staff

IdenTrust, Inc. is a high-tech software company headquartered in Austin, TX, specializing in Identity and Access Management Solutions. They are seeking a Principal PKI Engineer to lead the architecture, implementation, and operations of their Public Key Infrastructure as a Service (PKIaaS) platform, ensuring secure issuance and lifecycle management of digital certificates in a cloud-first environment.

Cyber SecurityIdentity ManagementInformation ServicesInformation TechnologySecurity

Responsibilities

Designing and implementing PKI hierarchies (Root, Intermediate, Issuing CAs) to support multi-tenant internal and external PKIaaS customers
Deploying and operating PKI services in AWS, using services such as ECS, EKS, EC2, VPC, CloudWatch, S3, etc
Performing and leading key ceremonies, maintaining strict procedural integrity in accordance with policy, compliance, and regulatory requirements
Configuring and maintaining HSMs for secure storage of private keys and key material backup/recovery
Overseeing the deployment, configuration, and operational lifecycle of CA software platforms (e.g., EJBCA, Microsoft ADCS, etc.)
Setting up and monitoring Certificate Revocation Lists (CRLs) and Online Certificate Status Protocol (OCSP) responders for high availability and low latency
Developing and maintaining Business Continuity and Disaster Recovery (BCP/DR) plans for PKI infrastructure, including multi-region failover strategies in AWS
Implementing PKI operational and security best practices, including role-based access controls, audit logging, and secure key lifecycle management
Providing guidance on certificate issuance policies, trusted root management, code signing, S/MIME, and TLS authentication practices
Collaborating with internal teams and external stakeholders to define PKI requirements and guide integration with enterprise systems, cloud platforms, and DevOps pipelines
Defining and enforcing PKI operational and security best practices, policies, and SOPs

Qualification

PKI architectureAWS cloud computingHSM managementCertificate lifecycle managementKey ceremoniesCA software platformsDisaster Recovery planningCollaborationMentoringCommunication

Required

Lead the architecture, implementation, and operations of Public Key Infrastructure as a Service (PKIaaS) platform
Design and maintain scalable certificate hierarchies
Manage HSMs and cryptographic assets
Perform key ceremonies
Advise on cryptographic and operational best practices
Experience with cloud computing in AWS
Act as a senior technical authority
Guide the secure issuance, renewal, and revocation of certificate authorities and end user certificates
Ensure CA key material integrity
Mentor supporting engineers and administrators
Collaborate across security, infrastructure, compliance, and product teams

Company

IdenTrust, Inc.

twittertwittertwitter
company-logo
IdenTrust, part of HID Global, is a leading provider of digital certificates that establish the basis for trusted identity solutions recognized by financial institutions, healthcare providers, government agencies and enterprises around the world.
dateFounded in 1999
location
San Francisco, California, USA
people-size1001-5000 employees
web-link
http://www.identrust.com

Funding

Current Stage
Late Stage
Total Funding
$20M
2014-01-22Acquired
2005-05-27Series B· $20M

Leadership Team

leader-logo
Don J.
Chief Information Officer
linkedin

Recent News

The Register
New SSL/TLS certs to each live no longer than 47 days by 2029
2025-04-15
Company data provided by crunchbase