PKI Engineer / Certificate Management Specialist

2 hours, 27 minutes ago
Full-time
Senior
DevOps and Infrastructure
Makpar

Makpar

Makpar is an award-winning cybersecurity consultant specializing in IT modernization for the Federal government. The company's in-house Research & Development Lab innovates to build tailored solutions for government agencies.

Internet Software & Services
51-250
Founded 2008

Description

  • Support Federal PKI and DHS PKI policy-aligned implementation.
  • Manage certificate lifecycle activities including issuance, rekey, modification, revocation, and reissuance.
  • Support device certificate request processing through digital workflows.
  • Support DHS CA4 and external CA processes according to agency guidelines.
  • Support Non-Person Entity certificate authority operations for workstations and mobile/Apple devices.
  • Support person-centric PKI certificate authority and certificate lifecycle management systems.
  • Automate certificate management processes to reduce manual error and approval delays.
  • Support modernization of PIV-based PKI certificate authentication and authorization in USCIS applications.
  • Research, design, and implement PKI, cloud, and certificate solutions using COTS, open-source, and cloud-native tools.
  • Create SOPs, how-to videos, knowledge base articles, process documentation, presentations, and release documentation.
  • Provide recommendations for optimizing cloud resource performance and security.

Requirements

  • Experience with PKI and certificate lifecycle management.
  • Understanding of Federal PKI and/or DHS PKI policy.
  • Experience supporting certificate issuance, rekey, modification, revocation, and reissuance.
  • Experience with certificate authorities and certificate management systems.
  • Ability to support PIV-based certificate authentication and authorization.
  • Ability to obtain favorable EOD/suitability and maintain required USCIS access.
  • U.S. citizenship likely required for DHS IT access unless a waiver is granted.
  • Experience with DHS CA4, NPE CA, person-centric PKI, DHS 4300A, PKI interface specifications, or COPG is preferred.
  • Experience with HSMs, HashiCorp, Certbot, Let’s Encrypt, OAuth/OIDC, AWS EKS, serverless/Lambda, OCP, AWS, Azure, or GCP is preferred.
  • Prior DHS, USCIS, or federal civilian PKI experience is preferred.
  • Experience automating manual certificate workflows is preferred.
  • Experience supporting Apple/mobile device certificates is preferred.

Benefits

  • Generous compensation package.
  • Flexible work schedules.
  • Excellent training and career development opportunities.
  • Outstanding benefits package.
  • Supportive work environment that encourages employees to be themselves, collaborate, and be inquisitive.
  • Focus on keeping employees happy, healthy, and engaged.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Sr. Information Systems Security Engineer III (6695)

MetroStar 251-1K IT Services

MetroStar is hiring a Sr. Information Systems Security Engineer to help design, implement, and maintain cybersecurity controls and monitoring for protecting sensitive digital assets and ensuring compliance.

Cybersecurity Encryption Splunk
1 hour, 27 minutes ago

Principal Security Engineer – GRC Team Lead (Remote Eligible)

Smartsheet 1K-5K Internet Software & Services

Smartsheet is hiring a GRC Team Lead to build and scale the technical foundation for compliance, risk management, and audit readiness across multiple security and regulatory frameworks.

AWS Azure Bash CloudFormation DevSecOps Encryption GCP HIPAA Python Terraform
1 hour, 57 minutes ago

Network Security Engineer

Kargo 251-1K Media

Kargo is hiring a Network Security Engineer to secure the company’s freight logistics platform across cloud, on-premise, and edge/IoT environments while supporting reliable operations and compliance.

AWS Cybersecurity DHCP DNS GCP Network Security Penetration Testing TCP/IP
1 hour, 57 minutes ago

Staff Security Engineer

First.cx 1-10 information technology & services

Wayve is hiring a Staff Security Engineer to advance the security framework for its internal platform and IT security engineering group, SPINE, while supporting security strategy across endpoint, identity, and internal platform environments.

Bash Linux PowerShell Python
1 hour, 57 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers