ITmPowered Consulting
PKI Security Engineer (BHJOB22048_672)
ITmPowered Consulting, Denver, Colorado, United States, 80285
PKI Security Engineer (BHJOB22048_672) – ITmPowered Consulting
Join to apply for the PKI Security Engineer role at ITmPowered Consulting. Contract to Perm
|
Denver, Colorado The PKI Security Engineer will work with the PKI Architect in the design, engineering, implementation, and administration of an enterprise PKI including Venafi TPP CLM platform, Certificate Automation, HSM Hardware Security Modules with MofN design, CA Template Design, and PKI operation aligned to CP/CPS documentation. Primary Responsibilities Engineering and Administration of Key Vaults, Cryptographic and PKI Services Venafi Engineering and Administration of Certificate Lifecycle Management Services and infrastructure Venafi TPP Engineering – Policy folder design Engineering of Venafi Certificate discovery scanning / agent, OS / F5 base-lining and agent tuning Certificate ingestion, preliminary association, and migration into end state certificate policy folders and management levels (provisioning, enrollment, monitoring) Enable adoption of Venafi automation – Provisioning, Enrollment, Monitoring; support users of Venafi Trust Protection Platform (Venafi TPP); provide PKI certificate management training for TPP users Provide consulting to business users on certificate renewals (binding), CSRs, Venafi Certificate management levels, encryption type/strength, etc. Organize Venafi TPP user and administrative documentation for company implementation HSM Engineering and Administration of Encryption and Key Management Services and infrastructure HSMs – configure, deploy, and maintain Hardware Security Modules (HSMs) for highest level of private key protection and security using MofN design, operation, logging, and audit compliance Generate, maintain, and destroy cryptographic keys of various lengths and types using HSM CA – Certificate Authorities – Maintain Windows Server 2016/2012 ADCS, CA Templates, Issuing CAs, etc. CRL Management and automation with OCSP responders Process management/implementation for PKI, Cryptography, and Hardware Security Modules (HSM) Liaising with technology teams ServiceNow admins, Network, Sys Admins, Cyber, IAM, GRC, Audit Qualifications Education: Bachelor’s Degree (required). Master’s preferred. 5-10 years of experience in IT monitoring, implementing, and integrating IT security systems 5+ years of PKI operation; Certificate Management, Venfi CLM, HSMs, CRL, OCSP responders, etc. 3+ years Venafi Engineering, Implementation, administration (19.x, 18.x) – policy Folder Design, Deployments, Upgrades, Scanning, Agent tuning SSL certificate automation Provisioning, Enrollment, Monitoring using Venafi Venafi Certified Administrator (VSA) or Venafi Security Professional (VSP) HSM experience with Gemalto, Thales, nCipher, Luna or similar HSM; understands MofN operation Strong working experience with PKI infrastructure (Root/Issuing CA, Registration Authority, certificate trust chains, CRLs) Fluent in TCP/IP, SSL, TLS, SCP and HTTPS SSL certificates deployment, maintenance, renewal from web/app/proxy Systems Administration background: Windows ADCS, Linux, VM, applications and databases Experience with Microsoft Active Directory and LDAP directory integrations a plus Scripting and Automation in PowerShell, Perl, bash, ksh or other scripting language strongly preferred Strong work ethic and time management; ability to work with diverse teams and lead meetings Excellent attitude and communication skills with internal and external customers Strong infrastructure design and documentation skills CISSP or similar certification is a plus Location / Logistics Local Denver resources only. On-site only. No remote. W2 only. No sub-contracting. No sponsorship available. To apply for this job, email your details to
Careers@itmpowered.com
#J-18808-Ljbffr
Join to apply for the PKI Security Engineer role at ITmPowered Consulting. Contract to Perm
|
Denver, Colorado The PKI Security Engineer will work with the PKI Architect in the design, engineering, implementation, and administration of an enterprise PKI including Venafi TPP CLM platform, Certificate Automation, HSM Hardware Security Modules with MofN design, CA Template Design, and PKI operation aligned to CP/CPS documentation. Primary Responsibilities Engineering and Administration of Key Vaults, Cryptographic and PKI Services Venafi Engineering and Administration of Certificate Lifecycle Management Services and infrastructure Venafi TPP Engineering – Policy folder design Engineering of Venafi Certificate discovery scanning / agent, OS / F5 base-lining and agent tuning Certificate ingestion, preliminary association, and migration into end state certificate policy folders and management levels (provisioning, enrollment, monitoring) Enable adoption of Venafi automation – Provisioning, Enrollment, Monitoring; support users of Venafi Trust Protection Platform (Venafi TPP); provide PKI certificate management training for TPP users Provide consulting to business users on certificate renewals (binding), CSRs, Venafi Certificate management levels, encryption type/strength, etc. Organize Venafi TPP user and administrative documentation for company implementation HSM Engineering and Administration of Encryption and Key Management Services and infrastructure HSMs – configure, deploy, and maintain Hardware Security Modules (HSMs) for highest level of private key protection and security using MofN design, operation, logging, and audit compliance Generate, maintain, and destroy cryptographic keys of various lengths and types using HSM CA – Certificate Authorities – Maintain Windows Server 2016/2012 ADCS, CA Templates, Issuing CAs, etc. CRL Management and automation with OCSP responders Process management/implementation for PKI, Cryptography, and Hardware Security Modules (HSM) Liaising with technology teams ServiceNow admins, Network, Sys Admins, Cyber, IAM, GRC, Audit Qualifications Education: Bachelor’s Degree (required). Master’s preferred. 5-10 years of experience in IT monitoring, implementing, and integrating IT security systems 5+ years of PKI operation; Certificate Management, Venfi CLM, HSMs, CRL, OCSP responders, etc. 3+ years Venafi Engineering, Implementation, administration (19.x, 18.x) – policy Folder Design, Deployments, Upgrades, Scanning, Agent tuning SSL certificate automation Provisioning, Enrollment, Monitoring using Venafi Venafi Certified Administrator (VSA) or Venafi Security Professional (VSP) HSM experience with Gemalto, Thales, nCipher, Luna or similar HSM; understands MofN operation Strong working experience with PKI infrastructure (Root/Issuing CA, Registration Authority, certificate trust chains, CRLs) Fluent in TCP/IP, SSL, TLS, SCP and HTTPS SSL certificates deployment, maintenance, renewal from web/app/proxy Systems Administration background: Windows ADCS, Linux, VM, applications and databases Experience with Microsoft Active Directory and LDAP directory integrations a plus Scripting and Automation in PowerShell, Perl, bash, ksh or other scripting language strongly preferred Strong work ethic and time management; ability to work with diverse teams and lead meetings Excellent attitude and communication skills with internal and external customers Strong infrastructure design and documentation skills CISSP or similar certification is a plus Location / Logistics Local Denver resources only. On-site only. No remote. W2 only. No sub-contracting. No sponsorship available. To apply for this job, email your details to
Careers@itmpowered.com
#J-18808-Ljbffr