The opportunity

The Public Key Infrastructure (PKI) Senior Engineer drives IT security and productivity pillars by enabling secure connectivity for technical assets and devices within EY’s global infrastructure through the creation and management of digital certificates. The role drives complex design, development, and implementation activities aligned to several technologies including, but not limited to, Microsoft’s Public Key Infrastructure (PKI), Online Certificate Status Protocol (OCSP) infrastructure, Hardware Security Modules (HSM), KeyFactor Command, Venafi Trust Protection Platform, Intune Certificate Connector and JAMF ADCS.   

Responsibilities

• Maintain existing deployed service components including upgrades, maintenance, and issue resolution to support business continuity.
• Support the definition, design, and deployment of enterprise PKI systems to provide new or enhanced cryptographic services for the business.
• Ensure PKI systems align to the firms Information Security policies, standards, and the industry best practices.
• Manage the configuration of PKI systems, develop and execute test plans against PKI systems and/or components to ensure readiness for production deployment. Create and maintain system documentation.
• Manage the successful technical delivery of Information Security projects and services for our customers by working directly with key business stakeholders, executives and project teams. Security engineers are the technical lead on initiatives and as such must drive the vision and alignment of the solution delivery.
• Develop and improve PKI/PKE best practices.

Requirements and qualifications

• 7+ of experience in engineering
• Experience in Public Key Infrastructure (PKI)
• Experience with Venafi and/or KeyFactor certificate management suite
• Knowledge of Microsoft Active Directory Services
• Strong proficiency with Hardware Security Module (HSM) technology (SafeNet/nCipher)
• Knowledge of PowerShell Scripting & general understanding of REST API